[c-nsp] 7206 L2TP and Gigawords

Arie Vayner (avayner) avayner at cisco.com
Sun Jun 6 05:05:01 EDT 2010 

Phil,

 

Then this seems to be an issue with the interface counters warping, and
not a RADIUS specific issue.

I would recommend opening a TAC case, providing them with this info, and
working with them on a resolution.

 

The best way to demonstrate the problem (as I have done in the past) is
to try and catch the counter just before the warping, and then catch the
output before and after it warps.

 

Arie

 

From: Phil Pierotti [mailto:phil.pierotti at gmail.com] 
Sent: Sunday, June 06, 2010 11:54
To: Arie Vayner (avayner)
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] 7206 L2TP and Gigawords

 

HI Arie,

Thanks for your help - details inline.

Since I brought this session up this morning, I have downloaded 6.18GB
of LINUX ISOs for testing purposes, and then 'normal internet' use since
then as well, all in this same session.

On Sun, Jun 6, 2010 at 4:52 PM, Arie Vayner (avayner)
<avayner at cisco.com> wrote:

Phil,

I have worked on this kind of an issue and we have CSCsw74470 for this
one, which is integrated in SRD3 (I made sure, and it is there).
The code to generate RADIUS gigawords is there, so this has to be
something else...

We need to identify if the problem is due to the info not being
collected (i.e. the counters for the interface are 32-bit) or we just do
not report it in RADIUS (so the info is there, and it's "just" not
reported).

Use these commands:
sh int virtual-access #


Virtual-Access2.135 is up, line protocol is up
  Hardware is Virtual Access interface
  Interface is unnumbered. Using address of Loopback10 (??.??.??.??)
  MTU 1500 bytes, BW 149760 Kbit, DLY 100000 usec,
     reliability 255/255, txload 45/255, rxload 7/255
  Encapsulation PPP, LCP Open
  Open: IPCP
  PPPoVPDN vaccess, cloned from Virtual-Template6
  Vaccess status 0x0
  Protocol l2tp, tunnel id 55022, session id 6814
  Keepalive set (10 sec)
     2889718 packets input, 341932313 bytes
     4778457 packets output, 2503224921 bytes
  Last clearing of "show interface" counters never


Bytes Output reported is 2,503,224,921 or 2.5GB

Clearly the problem is a counter wrap/not-being-collected problem.
 

	Look at the counter for a session that should be >4294967296
bytes
	in/out (2^32) - Does it overlap to 0, or keep counting beyond
2^32?
	
	Then, if the counters are >2^32 (which means we count fine, and
just
	have a reporting issue), use:
	
	sh subscriber session username <username> detailed
	
	Look for the "AAA_id", which is a HEX number, and then use it
with:
	sh aaa user <AAA_id> (in a 0xNNNN format).
	
	The pre-bytes-in/out field are used by Gigawords. If the counter
should
	be more than 2^32, then pre-bytes-in/out should be >0.


Interface:
  TTY Num = -1
  Stop Received = 0
  Byte/Packet Counts till Call Start:
    Start Bytes In = 0             Start Bytes Out = 0
    Start Paks  In = 0             Start Paks  Out = 0
  Byte/Packet Counts till Service Up:
    Pre Bytes In = 0             Pre Bytes Out = 0
    Pre Paks  In = 0             Pre Paks  Out = 0
  Cumulative Byte/Packet Counts :
    Bytes In = 342239526     Bytes Out = 2503793377
    Paks  In = 2891654       Paks  Out = 4780378
  StartTime = 09:59:17 AEST Jun 6 2010
  AuthenTime = 09:59:17 AEST Jun 6 2010
  Component = VPDN

Pre-Bytes are zeros, but they should not be, so this confirms a
failure-to-collect problem.
 

	
	If all is still fine, look at debug radius...
	
	
	I would suggest to file a TAC case with the following findings,
and
	maybe reference the above DDTS.... It could be something new...
	
	Arie

	
	-----Original Message-----
	From: cisco-nsp-bounces at puck.nether.net
	[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Phil
Pierotti
	Sent: Sunday, June 06, 2010 05:56
	To: cisco-nsp at puck.nether.net
	Subject: [c-nsp] 7206 L2TP and Gigawords
	
	Hi All,
	
	I'm running a 7206/G1 with AdvIP Services 12.2(33)SRD3 as an
LNS.
	
	Sending periodic accounting updates every ten minutes.
	
	Running a download test to verify the LNS is sending RADIUS
Gigawords
	attributes (52 and 53), backending against Freeradius.
	
	Looking at the freeradius detail log, it's obvious that my LNS
is *not*
	generating Gigawords attributes.
	
	>From two successive interim updates, I clearly see byte-counter
	rollover and
	no packet-counter rollover (same user, same session):
	
	       Acct-Output-Octets = 3883719317
	       Acct-Output-Packets = 2592080
	
	       Acct-Output-Octets = 257083854
	       Acct-Output-Packets = 3036810
	
	And there's no gigawords attribute (Acct-Output-Gigawords, etc)
being
	generated.
	
	According to Cisco: gigawords attributes are enabled by default
(ie only
	the
	NO form of the command will show in the config).
	I've checked my config, I'm not NO'ing that (why would you?)
	
	So can anyone suggest why my LNS is not generating these
attributes when
	they're needed?
	
	Thanks,
	Phil P

	_______________________________________________
	cisco-nsp mailing list  cisco-nsp at puck.nether.net
	https://puck.nether.net/mailman/listinfo/cisco-nsp
	archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list