In the 7750 SR OS, the accounting paradigm is based on sla-profile instances, yet this is at odds with traditional RADIUS authentication and accounting which is host-centric. In previous OS releases, it was possible to have many hosts sharing a common sla-profile instance, and therefore accounting and QoS parameters. Complications would arise with RADIUS accounting because Accounting-Start and Accounting-Stop are a function of sla-profile instance and not the hosts – this meant that some host-specific parameters (like Framed-Ip-Address) would not be consistently included in RADIUS accounting.
Dual-stack subscribers are now two different hosts sharing a single sla-profile instance. A new RADIUS accounting mode has been introduced to support multiple-host environments.
A new command, host-accounting, is introduced under accounting-policy, which allows configurable behavior.
No host-accounting:
When no host-accounting is configured, accounting behavior is as follows:
A RADIUS accounting start message is sent when the SLA-profile instance is created. It contains accounting (octets/packets) and the Framed-Ip-Address of the host which caused the sla-profile instance to be created.
Additional hosts may bind to the sla-profile instance at any time, but no additional accounting messages are sent during these events.
If the original host disconnects, then future accounting messages use an IP address of one of the remaining hosts.
When the final host associated with an sla-profile instance disconnects, an accounting stop message is sent.
Host-accounting enabled:
When host-accounting is configured, additional RADIUS accounting messages are created for host activity in addition to messages for common queue accounting. The behavior is as follows:
A RADIUS accounting start message is sent each time a host is authenticated. It contains the Framed-Ip-Address among other things. It does not contain any octet or packet counts.
A RADIUS accounting start message is sent each time a sla-profile instance is created.
Whenever a host disconnects a RADIUS, accounting stop message is sent for that host.
If all host associated with an sla-profile instance disconnect, a RADIUS accounting stop message is sent for that instance.
This behavior means specific AVP may be in either host, sla-profile instance, or both accounting records. See Table: RADIUS accounting table .
Interim-Acct records are not sent for hosts, only the start- and stop-accounting messages.
RADIUS accounting AVP |
Host accounting |
SLA-profile accounting |
|---|---|---|
User-Name |
Yes |
— |
NAS-Identifier |
Yes |
Yes |
NAS-IP-Address |
Yes |
Yes |
Nas-Port-Id |
Yes |
— |
Nas-Port |
Yes |
— |
Nas-Port-Type |
Yes |
— |
Service-Type |
Yes |
— |
Framed-Protocol |
Yes |
— |
Framed-Ip-Address |
Yes |
— |
Framed-Ip-Netmask |
Yes |
— |
Framed-Route |
Yes |
— |
Class |
Yes |
— |
Session-Timeout |
Yes |
Yes |
Circuit-Id VSA |
Yes |
— |
Called-Station-Id |
Yes |
— |
Calling-Station-Id |
Yes |
— |
MAC-Addr VSA |
Yes |
— |
Remote-Id VSA |
Yes |
— |
Acct-Input-Octets |
— |
Yes |
Acct-Output-Octets |
— |
Yes |
Acct-Input-Gigawords |
— |
Yes |
Acct-Output-Gigawords |
— |
Yes |
Acct-Session-Id |
Yes |
Yes |
Acct-Session-Time |
Yes |
Yes |
Acct-Input-Packets |
— |
Yes |
Acct-Output-Packets |
— |
Yes |
Agent-Circuit-Id |
Yes |
— |
Agent-Remote-Id |
Yes |
— |
Actual-Data-Rate-Upstream |
Yes |
— |
Actual-Data-Rate-Downstream |
Yes |
— |
Access-Loop-Encapsulation |
Yes |
— |
Alc-Accounting |
— |
Yes |
Alc-Subscriber-Id |
Yes |
Yes |
Alc-Subscriber-Profile-String |
Yes |
Yes |
Alc-Sla-Profile-String |
Yes |
Yes |