draft-ietf-radius-accounting-03.txt   draft-ietf-radius-accounting-04.txt 
RADIUS Working Group C Rigney RADIUS Working Group C Rigney
INTERNET-DRAFT Livingston INTERNET-DRAFT Livingston
RADIUS Accounting RADIUS Accounting
draft-ietf-radius-accounting-03.txt draft-ietf-radius-accounting-04.txt
Status of this Memo Status of this Memo
This document is a submission to the RADIUS Working Group of the This document is a submission to the RADIUS Working Group of the
Internet Engineering Task Force (IETF). Comments should be submitted Internet Engineering Task Force (IETF). Comments should be submitted
to the ietf-radius@livingston.com mailing list. to the ietf-radius@livingston.com mailing list.
Distribution of this memo is unlimited. Distribution of this memo is unlimited.
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft. Internet-Drafts are working
skipping to change at page 1, line 32 skipping to change at page 1, line 32
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.'' material or to cite them other than as ``work in progress.''
To learn the current status of any Internet-Draft, please check the To learn the current status of any Internet-Draft, please check the
``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow
Directories on on ftp.is.co.za (Africa), nic.nordu.net (Europe), Directories on on ftp.is.co.za (Africa), nic.nordu.net (Europe),
munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
ftp.isi.edu (US West Coast). ftp.isi.edu (US West Coast).
This document expires November 24th, 1996.
Abstract Abstract
This document describes a protocol for carrying accounting This document describes a protocol for carrying accounting
information between a Network Access Server and a shared Accounting information between a Network Access Server and a shared Accounting
Server. Server.
Table of Contents Table of Contents
1. Introduction .......................................... 1 1. Introduction .......................................... 1
1.1 Specification of Requirements ................ 2 1.1 Specification of Requirements ................... 2
1.2 Terminology ..................................... 2 1.2 Terminology ..................................... 2
2. Operation ............................................. 3 2. Operation ............................................. 3
3. Packet Format ......................................... 4 3. Packet Format ......................................... 4
4. Packet Types .......................................... 6 4. Packet Types .......................................... 6
4.1 Accounting-Request .............................. 6 4.1 Accounting-Request .............................. 6
4.2 Accounting-Response ............................. 7 4.2 Accounting-Response ............................. 7
5. Attributes ............................................ 9 5. Attributes ............................................ 9
5.1 Acct-Status-Type ................................ 10 5.1 Acct-Status-Type ................................ 10
5.2 Acct-Delay-Time ................................. 11 5.2 Acct-Delay-Time ................................. 11
5.3 Acct-Input-Octets ............................... 12 5.3 Acct-Input-Octets ............................... 12
5.4 Acct-Output-Octets .............................. 12 5.4 Acct-Output-Octets .............................. 13
5.5 Acct-Session-Id ................................. 13 5.5 Acct-Session-Id ................................. 13
5.6 Acct-Authentic .................................. 14 5.6 Acct-Authentic .................................. 14
5.7 Acct-Session-Time ............................... 15 5.7 Acct-Session-Time ............................... 15
5.8 Acct-Input-Packets .............................. 16 5.8 Acct-Input-Packets .............................. 16
5.9 Acct-Output-Packets ............................. 16 5.9 Acct-Output-Packets ............................. 17
5.10 Acct-Terminate-Cause ............................ 17 5.10 Acct-Terminate-Cause ............................ 17
5.11 Acct-Multi-Session-Id ........................... 19 5.11 Acct-Multi-Session-Id ........................... 20
5.12 Table of Attributes ............................. 20 5.12 Acct-Link-Count ................................. 20
5.13 Table of Attributes ............................. 22
Security Considerations ...................................... 22 Security Considerations ...................................... 24
References ................................................... 22 References ................................................... 24
Acknowledgements ............................................. 22 Acknowledgements ............................................. 24
Chair's Address .............................................. 23 Chair's Address .............................................. 25
Author's Address ............................................. 23 Author's Address ............................................. 25
1. Introduction 1. Introduction
Managing dispersed serial line and modem pools for large numbers of Managing dispersed serial line and modem pools for large numbers of
users can create the need for significant administrative support. users can create the need for significant administrative support.
Since modem pools are by definition a link to the outside world, they Since modem pools are by definition a link to the outside world, they
require careful attention to security, authorization and accounting. require careful attention to security, authorization and accounting.
This can be best achieved by managing a single "database" of users, This can be best achieved by managing a single "database" of users,
which allows for authentication (verifying user name and password) as which allows for authentication (verifying user name and password) as
well as configuration information detailing the type of service to well as configuration information detailing the type of service to
skipping to change at page 2, line 7 skipping to change at page 2, line 7
never sent over the network. never sent over the network.
Extensible Protocol Extensible Protocol
All transactions are comprised of variable length Attribute- All transactions are comprised of variable length Attribute-
Length-Value 3-tuples. New attribute values can be added Length-Value 3-tuples. New attribute values can be added
without disturbing existing implementations of the protocol. without disturbing existing implementations of the protocol.
1.1. Specification of Requirements 1.1. Specification of Requirements
In this document, several words are used to signify the In this document, several words are used to signify the requirements
requirements of the specification. These words are often of the specification. These words are often capitalized.
capitalized.
MUST This word, or the adjective "required", means that the MUST This word, or the adjective "required", means that the
definition is an absolute requirement of the definition is an absolute requirement of the specification.
specification.
MUST NOT This phrase means that the definition is an absolute MUST NOT This phrase means that the definition is an absolute
prohibition of the specification. prohibition of the specification.
SHOULD This word, or the adjective "recommended", means that SHOULD This word, or the adjective "recommended", means that there
there may exist valid reasons in particular may exist valid reasons in particular circumstances to
circumstances to ignore this item, but the full ignore this item, but the full implications must be
implications must be understood and carefully weighed understood and carefully weighed before choosing a
before choosing a different course. different course.
MAY This word, or the adjective "optional", means that this MAY This word, or the adjective "optional", means that this
item is one of an allowed set of alternatives. An item is one of an allowed set of alternatives. An
implementation which does not include this option MUST implementation which does not include this option MUST be
be prepared to interoperate with another implementation prepared to interoperate with another implementation which
which does include the option. does include the option.
1.2. Terminology 1.2. Terminology
This document uses the following terms: This document uses the following terms:
service The NAS provides a service to the dial-in user, such as PPP service The NAS provides a service to the dial-in user, such as PPP
or Telnet. or Telnet.
session Each service provided by the NAS to a dial-in user session Each service provided by the NAS to a dial-in user
constitutes a session, with the beginning of the session constitutes a session, with the beginning of the session
skipping to change at page 9, line 47 skipping to change at page 9, line 47
41 Acct-Delay-Time 41 Acct-Delay-Time
42 Acct-Input-Octets 42 Acct-Input-Octets
43 Acct-Output-Octets 43 Acct-Output-Octets
44 Acct-Session-Id 44 Acct-Session-Id
45 Acct-Authentic 45 Acct-Authentic
46 Acct-Session-Time 46 Acct-Session-Time
47 Acct-Input-Packets 47 Acct-Input-Packets
48 Acct-Output-Packets 48 Acct-Output-Packets
49 Acct-Terminate-Cause 49 Acct-Terminate-Cause
50 Acct-Multi-Session-Id 50 Acct-Multi-Session-Id
51 Acct-Link-Count
60+ (refer to RADIUS Internet-Draft) 60+ (refer to RADIUS Internet-Draft)
Length Length
The Length field is one octet, and indicates the length of this The Length field is one octet, and indicates the length of this
attribute including the Type, Length and Value fields. If an attribute including the Type, Length and Value fields. If an
attribute is received in an Accounting-Request with an invalid attribute is received in an Accounting-Request with an invalid
Length, the entire request should be silently discarded. Length, the entire request should be silently discarded.
Value Value
The Value field is zero or more octets and contains information The Value field is zero or more octets and contains information
skipping to change at page 20, line 23 skipping to change at page 20, line 36
50 for Acct-Multi-Session-Id. 50 for Acct-Multi-Session-Id.
Length Length
>= 3 >= 3
String String
The String field SHOULD be a string of printable ASCII characters. The String field SHOULD be a string of printable ASCII characters.
5.12. Table of Attributes 5.12. Acct-Link-Count
Description
This attribute gives the count of links which are known to have
been in a given multilink session at the time the accounting
record is generated. The NAS MAY include the Acct-Link-Count
attribute in any Accounting-Request which might have multiple
links.
A summary of the Acct-Link-Count attribute format is show below. The
fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Value (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
51 for Acct-Link-Count.
Length
6
Value
The Value field is four octets, and contains the number of links
seen so far in this Multilink Session.
It may be used to make it easier for an accounting server to know
when it has all the records for a given Multilink session. When
the number of Accounting-Requests received with Acct-Status-Type =
Stop and the same Acct-Multi-Session-Id and unique Acct-Session-
Id's equals the largest value of Acct-Link-Count seen in those
Accounting-Requests, all Stop Accounting-Requests for that
Multilink Session have been received.
An example showing 8 Accounting-Requests should make things
clearer. For clarity only the relevant attributes are shown, but
additional attributes containing accounting information will also
be present in the Accounting-Request.
Multi-Session-Id Session-Id Status-Type Link-Count
"10" "10" Start 1
"10" "11" Start 2
"10" "11" Stop 2
"10" "12" Start 3
"10" "13" Start 4
"10" "12" Stop 4
"10" "13" Stop 4
"10" "10" Stop 4
5.13. Table of Attributes
The following table provides a guide to which attributes may be found The following table provides a guide to which attributes may be found
in Accounting-Request packets. No attributes should be found in in Accounting-Request packets. No attributes should be found in
Accounting-Response packets (except possibly for Vendor-Specific). Accounting-Response packets (except possibly for Vendor-Specific).
# Attribute # Attribute
0-1 User-Name 0-1 User-Name
0 User-Password 0 User-Password
0 CHAP-Password 0 CHAP-Password
0-1 NAS-IP-Address [4] 0-1 NAS-IP-Address [4]
skipping to change at page 21, line 34 skipping to change at page 23, line 12
0-1 Acct-Delay-Time 0-1 Acct-Delay-Time
0-1 Acct-Input-Octets 0-1 Acct-Input-Octets
0-1 Acct-Output-Octets 0-1 Acct-Output-Octets
1 Acct-Session-Id 1 Acct-Session-Id
0-1 Acct-Authentic 0-1 Acct-Authentic
0-1 Acct-Session-Time 0-1 Acct-Session-Time
0-1 Acct-Input-Packets 0-1 Acct-Input-Packets
0-1 Acct-Output-Packets 0-1 Acct-Output-Packets
0-1 Acct-Terminate-Cause 0-1 Acct-Terminate-Cause
0+ Acct-Multi-Session-Id 0+ Acct-Multi-Session-Id
0+ Acct-Link-Count
0 CHAP-Challenge 0 CHAP-Challenge
0-1 NAS-Port-Type 0-1 NAS-Port-Type
0-1 Port-Limit 0-1 Port-Limit
0-1 Login-LAT-Port 0-1 Login-LAT-Port
[4] An Accounting-Request MUST contain either a NAS-IP-Address or a [4] An Accounting-Request MUST contain either a NAS-IP-Address or a
NAS-Identifier, and it is permitted (but not recommended) for it to NAS-Identifier, and it is permitted (but not recommended) for it to
contain both. contain both.
The following table defines the above table entries. The following table defines the above table entries.
skipping to change at page 23, line 27 skipping to change at line 1102
Author's Address Author's Address
Questions about this memo can also be directed to: Questions about this memo can also be directed to:
Carl Rigney Carl Rigney
Livingston Enterprises Livingston Enterprises
6920 Koll Center Parkway, Suite 220 6920 Koll Center Parkway, Suite 220
Pleasanton, California 94566 Pleasanton, California 94566
E-Mail: cdr@livingston.com E-Mail: cdr@livingston.com
This document expires November 24th, 1996.
 End of changes. 20 change blocks. 
28 lines changed or deleted 83 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/