| RADIUS Extensions Working Group | S. Winter |
| Internet-Draft | RESTENA |
| Intended status: Standards Track | March 31, 2011 |
| Expires: October 02, 2011 |
RADIUS Accounting for traffic classes
draft-winter-radext-fancyaccounting-00
This document specifies new attributes for RADIUS Accounting to enable NAS reporting of subsets of the total traffic in a user session.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 02, 2011.
Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
RADIUS Accounting [RFC2866] defines counters for octets and packets, both in the incoming and outgoing direction. Usage of these counters enables an operator create volume-based billing models and to execute proper capacity planning on its infrastructure.
The Accounting model is based on the assumption that all traffic in a user session is treated equally; i.e. that there are no differences in the billing model of one class of traffic over another.
Actual deployments suggest that this assumption is no longer valid. In particular, different traffic classes are defined with DSCP; and billing the use of these traffic classes separately is an understandable request.
Plus, the introduction of dual-stack operation on links creates an understandable interest of getting separate statistics about the amount of IPv4 vs. IPv6 usage on a link; be it for billing or statistical reasons.
This document defines Accounting attributes that supplement (but not replace) the accounting counters in RFC2866. It utilizes the new "extended attributes" in RADIUS to group accounting reports about traffic classes together.
In this document, several words are used to signify the requirements of the specification. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. [RFC2119]
RADIUS Accounting in RFC2866 uses two distinct attributes, Acct-(Input Output)-Octets and Acct-(Input Output) Gigawords, to transport 64 bit counter values. The reasons for defining a 64 Bit value across two attributes are historic. This specification defines a new datatype, "Unsigned 64 Bit Integer" to convey 64 bit counter values natively.
Type: UINT64 - Length: 8 octets - Value: 64 bit unsigned integer, most significant byte first
The attribute Acct-Traffic-Group is a container for a group of sub-attributes which specify the class of traffic that is being reported about, and the amount of traffic in a user session that falls into this class.
Attribute: 245.1 Acct-Traffic-Class - Type: TLV - Length: >3 octets
There can be multiple instances of this grouped attribute in a Accounting-Interim-Update or a Accounting-Stop packet. The attribute MUST NOT be present in an Accounting-Start packet.
It is not required that the sum of all traffic in all instances is the total sum of octets and packets in the user's session. I.e. the traffic classes used in the Accounting packet do not need to partition the total traffic in non-overlapping segments.
The total number of octets and packets in a user session continues to be sent in the RFC2866 attributes.
The attribute Acct-Traffic-Class-Id, sub-attribute in the group Acct-Traffic-Class, defines the class of traffic for which the other attributes in the instance of Acct-Traffic-Class count octets and packets.
Every group instance MUST contain exactly one of Acct-Traffic-Class-Id or Acct-Traffic-Class-Name (see below). I.e. if Acct-Traffic-Class-Id is present in the Acct-Traffic-Class instance, then the attribute Acct-Traffic-Class-Name MUST NOT be present.
Attribute: 245.1.1 Acct-Traffic-Class-Id - Type: Enum - Values:
Allocations of new values for this attribute are subject to expert review.
The attribute Acct-Traffic-Class-Name, sub-attribute in the group Acct-Traffic-Class, defines the class of traffic for which the other attributes in the instance of Acct-Traffic-Class count octets and packets.
Every group instance MUST contain exactly one of Acct-Traffic-Class-Id (see above) or Acct-Traffic-Class-Name. I.e. if Acct-Traffic-Class-Name is present in the Acct-Traffic-Class instance, then the attribute Acct-Traffic-Class-Id MUST NOT be present.
Attribute: 245.1.2 Acct-Traffic-Class-Name - Type: STRING - Value: 1-250 octets
The attribute Acct-Traffic-Class-Input-Octets, sub-attribute in the group Acct-Traffic-Class, carries the number of octets that belong to the class of traffic indicated by Acct-Traffic-Class-Id or Acct-Traffic-Class-Name and have been sent to the entity for which the accounting packet was generated.
Attribute: 245.1.3 Acct-Traffic-Class-Input-Octets - Type: UINT64 - Value: number of octets sent to entity, matching the class of traffic
The attribute Acct-Traffic-Class-Output-Octets, sub-attribute in the group Acct-Traffic-Class, carries the number of octets that belong to the class of traffic indicated by Acct-Traffic-Class-Id or Acct-Traffic-Class-Name and have been sent from the entity for which the accounting packet was generated.
Attribute: 245.1.4 Acct-Traffic-Class-Output-Octets - Type: UINT64 - Value: number of octets sent from entity, matching the class of traffic
The attribute Acct-Traffic-Class-Input-Packets, sub-attribute in the group Acct-Traffic-Class, carries the number of packets that belong to the class of traffic indicated by Acct-Traffic-Class-Id or Acct-Traffic-Class-Name and have been sent to the entity for which the accounting packet was generated.
Attribute: 245.1.5 Acct-Traffic-Class-Input-Packets - Type: UINT64 - Value: number of packets sent to entity, matching the class of traffic
The attribute Acct-Traffic-Class-Output-Packets, sub-attribute in the group Acct-Traffic-Class, carries the number of packets that belong to the class of traffic indicated by Acct-Traffic-Class-Id or Acct-Traffic-Class-Name and have been sent from the entity for which the accounting packet was generated.
Attribute: 245.1.6 Acct-Traffic-Class-Output-Packets - Type: UINT64 - Value: number of packets sent from entity, matching the class of traffic
A NAS is configured to create statistics regarding IPv6 usage of CPE for statistical reasons, and of the amount of HTTP traffic sent to the example.com web site for billing reasons.
User john@example.com starts a user session, transfers 1200 Bytes in 10 packets via IPv6 to the internet, and receives 4500 Bytes in 30 packets over IPv6 from the internet.
In the same session, The user visits the IPv4-only example.com web site by sending 6000 bytes in 4 packets to the web site, and receiving 450000 Bytes in 35 packets from the web site.
Then, the user terminates the session and an Accounting-Stop packet is generated.
The NAS sends the recorded octet and packet values to his RADIUS Accounting server. Since there is no ENUM value for "Traffic on TCP/80 to example.com, all IP versions" in Acct-Traffic-Group-Id, the NAS indicates this class of traffic in a corresponding string. The relevant attributes in the Account-Stop packet are:
Accounting-Traffic-Group
Accounting-Traffic-Group
Reveals user's traffic usage patterns. Shouldn't be sent unencrpyptedly.
This document has actions for IANA. TBD later.
| [RFC2866] | Rigney, C., "RADIUS Accounting", RFC 2866, June 2000. |
| [RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. |