[c-nsp] Radius Accounting Question

Frank Bulk frnkblk at iname.com
Wed Apr 21 21:54:36 EDT 2010 

We use accounting to start/stop an internet filtering service for customer
who've signed up, and we've not had an issue with RADIUS accounting.  We
added "aaa accounting update periodic 480 jitter maximum 600" to help catch
an hiccups on the internet filtering device if it loses state on a
connection.

In our virtual template we have "ppp authentication xxx radius-group-aaa"
defined, and which depends on the following:

aaa group server radius radius-group
 server-private a.b.0.36 auth-port 1645 acct-port 1646 key 7 <snip>
 server-private a.b.0.37 auth-port 1645 acct-port 1646 key 7 <snip>
 load-balance method least-outstanding
!
aaa authentication ppp default group radius-group
aaa authentication ppp radius-group-aaa group radius-group
aaa authorization network default group radius-group
aaa authorization network radius-group-aaa group radius-group
aaa accounting delay-start all
aaa accounting update periodic 480 jitter maximum 600
aaa accounting network default start-stop group radius-group
aaa accounting network radius-group-aaa start-stop group radius-group

We're running 12.2(31)SB16.

Frank

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Paul Stewart
Sent: Wednesday, April 21, 2010 5:25 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Radius Accounting Question

Hi there..

On a 7206VXR with the following radius configuration, does the accounting
packets get delivered to all radius servers or is it something else like
round robin?  I'm trying to troubleshoot an issue where accounting packets
are not showing up where expected all the time... in particular I want all
accounting packets to be delivered to .123 below...


aaa group server radius xxxxxxxx

 server-private xxx.xxx.xx.28 auth-port 1812 acct-port 1813 key
xxxxxxxxxxxxxxxxx

 server-private xxx.xxx.xx.13 auth-port 1645 acct-port 1646 key
xxxxxxxxxxxxxxxxx

 server-private xxx.xxx.xx.216 auth-port 1812 acct-port 1813 key
xxxxxxxxxxxxxxx

 server-private xx.xxx.xx.123 auth-port 0 acct-port 1813 key xxxxxxxxxxxxxxx

 ip radius source-interface Loopback0

 

Thanks,

 

Paul

 

 

 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list