[c-nsp] AAA accounting issue
Nikolay S.
nowhere at hakkenden.ath.cx
Sat Nov 12 12:57:28 EST 2011
В Сбт, 12/11/2011 в 13:41 +0400, Nikolay S. пишет:
> Hello,
>
> I'm using 7301 as vrf-aware NAS to terminate PPP sessions from l2tp
> tunnels into vrfs, and there is huge discrepancy between traffic
> counters on virtual-access interface and accounting records. For
> example:
>
> -----------
> #sh int virtual-access 4
> ...
> 226 packets input, 11393 bytes, 0 no buffer
> ...
> 263 packets output, 13465 bytes, 0 underruns
> -----------
> #sh aaa user 115
> Unique id 115 is currently in use.
> ...
> 66BC01A0 0 00000001 bytes_in(135) 4 11846(2E46)
> 66BC01B0 0 00000001 bytes_out(275) 4 23802(5CFA)
> 66BC01E0 0 00000001 paks_in(136) 4 235(EB)
> 66BBF5D0 0 00000001 paks_out(276) 4 273(111)
> -----------
>
> Packet counters do match, but output bytes is almost twice in aaa.
>
I did a simple test, sending single ping into the PPP interface, and it
seems like l2tp/udp/ip overhead is being accounted for outgoing packets.
---------
Cumulative Byte/Packet Counts :
Bytes In = 27624 Bytes Out = 53246
Paks In = 496 Paks Out = 581
---------
#ping vrf test 172.16.8.80 size 36 repeat 1
Type escape sequence to abort.
Sending 1, 36-byte ICMP Echos to 172.16.8.80, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 68/68/68 ms
---------
Cumulative Byte/Packet Counts :
Bytes In = 27664 Bytes Out = 53322
Paks In = 497 Paks Out = 582
---------
For output:
53246 - 53322 = 76 = 36 ICMP + 4 PPP + 8 L2TP + 8 UDP + 20 IP
Whereas for input packets only PPP header is accounted:
27664 - 27624 = 40 = 36 ICMP + 4 PPP
Could someone tell, if this is an expected behavior or not?
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list