[cisco-bba] Per user accounting
Dennis Peng
dpeng at cisco.com
Fri Jul 11 10:40:57 EDT 2003
Thomas Bridge [thomas at wibble.to] wrote:
> At 09:25 10/07/2003 -0700, Dennis Peng wrote:
>
> >Thomas Bridge [thomas at netsource.ie] wrote:
> >> We've a Cisco 7200 terminating our customer's PPPoE and PPP over L2TP
> >> connections for ADSL. It's running 12.2(16)B
> >>
> >> Is there anyway internal to the router to do per user accounting -
> >
> >No, but I'm curious, what did you have in mind?
>
> We have a situation where we could support up to 8000 customers before
> moving to second BAS for DSL connections. Most of these customers are
> permanently connected, and are assigned a virtual interface. The problem
> is, they disconnect and reconnect quite frequently (some users are home
> users for example).
>
> As all Virtual Interfaces must have a 1:1 mapping to a username (albeit
> ones that are handled through a RADIUS server), I was thinking of something
> like an internal table that contains the amount of data that customer has
> downloaded - this is already in the router for the interface. It would be
> like the stats gathered for a serial or ethernet interface - you could
> reset to zero if you wanted.
Actually, in 12.2(16)B and later, there is no static mapping between a
particular user and a vaccess interface for PPPoX, so even if the
router didn't clear the vaccess counters when a user disconnected, it
would not be posssible to track the network utilization of your users
it they are constantly connecting/disconnecting.
> >> radius is not over suitable for this, as it wraps at 4GB and needs
> >> the session to terminate, or constant monitoring of the radius logs,
> >
> >In recent IOS, we support Acct-Input/Output-Gigawords which should fix
> >the 4GB wrapping issue. Also, what is unattractive about using
> >periodic accounting and montioring the RADIUS logs?
>
> While some users may log on and off, others will stay permanently
> connected. I suppose I need to think this through - but the problem is
> that using radius will require the radius DB itself to be monitored if I'm
> looking for things like "how much has this user used this week" if he's
> been connected for the last month.
>
> What I was really looking for is a way to find out today what my users have
> been using for the last week. It appears, that the answer is no. What I
> need to do is start gathering some data, but I'll have to think it through.
Yes, unfortunatley to gather the information you are looking for,
you'll probably have to dig through the RADIUS accounting logs. I
wonder if some other RADIUS user has already solved a similar problem
though, it seems like it should be a common desire.
Dennis
> In the meantime, I've noticed that I didn't have "aaa accounting update
> periodic" enabled. I've just added the command, with a time of 5
> minutes. However, it appears my radius server does not seem to be
> handling those packets - something I need to investigate.
>
> T.
>
>
> Thomas Bridge tbridge at netsource.ie
> Network and Systems Architect Support phone: +353 1 4336070
> Netsource 26 Upr Fitzwilliam St., Dublin 2
--
-------------------------------------------------------------------------
|| || Dennis Peng
|| || Cisco Systems, Inc. Escalation Engineer
|||| |||| 170 West Tasman Drive Phone: (408) 526-6143
..:||||||:..:||||||:.. San Jose, CA 95134 Fax: (408) 232-2343
Cisco Systems Inc. dpeng at cisco.com
-------------------------------------------------------------------------
More information about the cisco-bba
mailing list