Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Radius accounting for QoS pppoe policy-map

Hi folks

I have a radius pushing an AVPAIR ip:sub-qos-policy-out to a virtual template for clients connected to a BRAS through PPPOE.

The AVPAIR is correctly applied to each and every pppoe session but the following link  http://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/sbbbrs1c.html  is indicating that I should be able to push back to the RADIUS some traffic info per class-map/policy map. This would allow some Quota stuff and getting some info about traffic used per customer

From what I have been able to configure, i'm not getting any of this stats back to the RADIUS

the debug radius accounting :

 

*Mar 12 05:29:00.419: RADIUS/ENCODE(0000000E):Orig. component type = PPPoE
*Mar 12 05:29:00.419: RADIUS/ENCODE(0000000E): Acct-session-id pre-pended with Nas Port = 0/0/3/0
*Mar 12 05:29:00.419: RADIUS(0000000E): Config NAS IP: 0.0.0.0
*Mar 12 05:29:00.419: RADIUS(0000000E): sending
*Mar 12 05:29:00.419: RADIUS/ENCODE: Best Local IP-Address 192.168.38.133 for Radius-Server 192.168.38.131
*Mar 12 05:29:00.419: RADIUS(0000000E): Send Accounting-Request to 192.168.38.131:1813 id 1646/55, len 299
*Mar 12 05:29:00.419: RADIUS:  authenticator ED 94 CF EE BD 73 30 7E - 93 07 A4 C3 50 A6 03 DE
*Mar 12 05:29:00.419: RADIUS:  Acct-Session-Id     [44]  18  "0/0/3/0_00000005"
*Mar 12 05:29:00.419: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
*Mar 12 05:29:00.419: RADIUS:  Framed-IP-Address   [8]   6   10.10.10.2
*Mar 12 05:29:00.419: RADIUS:  User-Name           [1]   9   "olivier"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  35
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   29  "connect-progress=LAN Ses Up"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  29
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   23  "nas-tx-speed=10000000"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  29
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   23  "nas-rx-speed=10000000"
*Mar 12 05:29:00.419: RADIUS:  Acct-Session-Time   [46]  6   2582
*Mar 12 05:29:00.419: RADIUS:  Acct-Input-Octets   [42]  6   7232
*Mar 12 05:29:00.419: RADIUS:  Acct-Output-Octets  [43]  6   7232
*Mar 12 05:29:00.419: RADIUS:  Acct-Input-Packets  [47]  6   517
*Mar 12 05:29:00.419: RADIUS:  Acct-Output-Packets [48]  6   517
*Mar 12 05:29:00.419: RADIUS:  Acct-Authentic      [45]  6   RADIUS                    [1]
*Mar 12 05:29:00.419: RADIUS:  Acct-Status-Type    [40]  6   Watchdog                  [3]
*Mar 12 05:29:00.419: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  15
*Mar 12 05:29:00.419: RADIUS:   cisco-nas-port     [2]   9   "0/0/3/0"
*Mar 12 05:29:00.419: RADIUS:  NAS-Port            [5]   6   50331648
*Mar 12 05:29:00.419: RADIUS:  NAS-Port-Id         [87]  9   "0/0/3/0"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  41
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   35  "client-mac-address=aabb.cc00.6430"
*Mar 12 05:29:00.419: RADIUS:  Service-Type        [6]   6   Framed                    [2]
*Mar 12 05:29:00.419: RADIUS:  NAS-IP-Address      [4]   6   192.168.38.133
*Mar 12 05:29:00.419: RADIUS:  Ascend-Session-Svr-K[151] 10
*Mar 12 05:29:00.419: RADIUS:   37 39 38 32 45 41 38 30          [ 7982EA80]
*Mar 12 05:29:00.419: RADIUS:  Acct-Delay-Time     [41]  6   0
*Mar 12 05:29:00.419: RADIUS(0000000E): Started 5 sec timeout
*Mar 12 05:29:00.419: RADIUS: Received from id 1646/55 192.168.38.131:1813, Accounting-response, len 20
*Mar 12 05:29:00.419: RADIUS:  authenticator A7 0E 79 40 C5 B5 CF DC - 09 46 27 48 52 BE 01 7D

What I get in the freeradius log :

 

Tue Mar 11 22:30:04 2014
        Acct-Session-Id = "0/0/3/0_00000005"
        Framed-Protocol = PPP
        Framed-IP-Address = 10.10.10.2
        User-Name = "olivier"
        Cisco-AVPair = "connect-progress=LAN Ses Up"
        Cisco-AVPair = "nas-tx-speed=10000000"
        Cisco-AVPair = "nas-rx-speed=10000000"
        Acct-Session-Time = 2646
        Acct-Input-Octets = 7428
        Acct-Output-Octets = 7428
        Acct-Input-Packets = 531
        Acct-Output-Packets = 531
        Acct-Authentic = RADIUS
        Acct-Status-Type = Interim-Update
        NAS-Port-Type = Virtual
        Cisco-NAS-Port = "0/0/3/0"
        NAS-Port = 50331648
        NAS-Port-Id = "0/0/3/0"
        Cisco-AVPair = "client-mac-address=aabb.cc00.6430"
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.38.133
        X-Ascend-Session-Svr-Key = "7982EA80"
        Acct-Delay-Time = 0
        Acct-Unique-Session-Id = "523eac6ae326a778"
        Timestamp = 1394602204
        Request-Authenticator = Verified

 

user config in the users file on the freeradius server :

olivier Cleartext-Password := "olivier"
        Service-Type = Framed-User,
        Cisco-AVPair += "ip:addr-pool=pppoepool",
        Cisco-AVpair += "ip:sub-qos-policy-out=TEST"

 

I see that the policy map name is pulled correctly from the radius server and applied to the session :

#sh policy-map session uid 14
 SSS session identifier 14 -

  Service-policy output: TEST

    Class-map: TEST (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
      police:
          cir 8000 bps, bc 1500 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

 

 

Any input very welcome

443
Views
0
Helpful
0
Replies