Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

Radius accounting for QoS pppoe policy-map

Olivier ARRIGHI
Level 1
Level 1

‎03-11-2014 10:41 PM - edited ‎03-01-2019 02:45 PM

Hi folks

I have a radius pushing an AVPAIR ip:sub-qos-policy-out to a virtual template for clients connected to a BRAS through PPPOE.

The AVPAIR is correctly applied to each and every pppoe session but the following link  http://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/sbbbrs1c.html  is indicating that I should be able to push back to the RADIUS some traffic info per class-map/policy map. This would allow some Quota stuff and getting some info about traffic used per customer

From what I have been able to configure, i'm not getting any of this stats back to the RADIUS

the debug radius accounting :

 

*Mar 12 05:29:00.419: RADIUS/ENCODE(0000000E):Orig. component type = PPPoE
*Mar 12 05:29:00.419: RADIUS/ENCODE(0000000E): Acct-session-id pre-pended with Nas Port = 0/0/3/0
*Mar 12 05:29:00.419: RADIUS(0000000E): Config NAS IP: 0.0.0.0
*Mar 12 05:29:00.419: RADIUS(0000000E): sending
*Mar 12 05:29:00.419: RADIUS/ENCODE: Best Local IP-Address 192.168.38.133 for Radius-Server 192.168.38.131
*Mar 12 05:29:00.419: RADIUS(0000000E): Send Accounting-Request to 192.168.38.131:1813 id 1646/55, len 299
*Mar 12 05:29:00.419: RADIUS:  authenticator ED 94 CF EE BD 73 30 7E - 93 07 A4 C3 50 A6 03 DE
*Mar 12 05:29:00.419: RADIUS:  Acct-Session-Id     [44]  18  "0/0/3/0_00000005"
*Mar 12 05:29:00.419: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
*Mar 12 05:29:00.419: RADIUS:  Framed-IP-Address   [8]   6   10.10.10.2
*Mar 12 05:29:00.419: RADIUS:  User-Name           [1]   9   "olivier"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  35
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   29  "connect-progress=LAN Ses Up"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  29
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   23  "nas-tx-speed=10000000"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  29
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   23  "nas-rx-speed=10000000"
*Mar 12 05:29:00.419: RADIUS:  Acct-Session-Time   [46]  6   2582
*Mar 12 05:29:00.419: RADIUS:  Acct-Input-Octets   [42]  6   7232
*Mar 12 05:29:00.419: RADIUS:  Acct-Output-Octets  [43]  6   7232
*Mar 12 05:29:00.419: RADIUS:  Acct-Input-Packets  [47]  6   517
*Mar 12 05:29:00.419: RADIUS:  Acct-Output-Packets [48]  6   517
*Mar 12 05:29:00.419: RADIUS:  Acct-Authentic      [45]  6   RADIUS                    [1]
*Mar 12 05:29:00.419: RADIUS:  Acct-Status-Type    [40]  6   Watchdog                  [3]
*Mar 12 05:29:00.419: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  15
*Mar 12 05:29:00.419: RADIUS:   cisco-nas-port     [2]   9   "0/0/3/0"
*Mar 12 05:29:00.419: RADIUS:  NAS-Port            [5]   6   50331648
*Mar 12 05:29:00.419: RADIUS:  NAS-Port-Id         [87]  9   "0/0/3/0"
*Mar 12 05:29:00.419: RADIUS:  Vendor, Cisco       [26]  41
*Mar 12 05:29:00.419: RADIUS:   Cisco AVpair       [1]   35  "client-mac-address=aabb.cc00.6430"
*Mar 12 05:29:00.419: RADIUS:  Service-Type        [6]   6   Framed                    [2]
*Mar 12 05:29:00.419: RADIUS:  NAS-IP-Address      [4]   6   192.168.38.133
*Mar 12 05:29:00.419: RADIUS:  Ascend-Session-Svr-K[151] 10
*Mar 12 05:29:00.419: RADIUS:   37 39 38 32 45 41 38 30          [ 7982EA80]
*Mar 12 05:29:00.419: RADIUS:  Acct-Delay-Time     [41]  6   0
*Mar 12 05:29:00.419: RADIUS(0000000E): Started 5 sec timeout
*Mar 12 05:29:00.419: RADIUS: Received from id 1646/55 192.168.38.131:1813, Accounting-response, len 20
*Mar 12 05:29:00.419: RADIUS:  authenticator A7 0E 79 40 C5 B5 CF DC - 09 46 27 48 52 BE 01 7D

What I get in the freeradius log :

 

Tue Mar 11 22:30:04 2014
        Acct-Session-Id = "0/0/3/0_00000005"
        Framed-Protocol = PPP
        Framed-IP-Address = 10.10.10.2
        User-Name = "olivier"
        Cisco-AVPair = "connect-progress=LAN Ses Up"
        Cisco-AVPair = "nas-tx-speed=10000000"
        Cisco-AVPair = "nas-rx-speed=10000000"
        Acct-Session-Time = 2646
        Acct-Input-Octets = 7428
        Acct-Output-Octets = 7428
        Acct-Input-Packets = 531
        Acct-Output-Packets = 531
        Acct-Authentic = RADIUS
        Acct-Status-Type = Interim-Update
        NAS-Port-Type = Virtual
        Cisco-NAS-Port = "0/0/3/0"
        NAS-Port = 50331648
        NAS-Port-Id = "0/0/3/0"
        Cisco-AVPair = "client-mac-address=aabb.cc00.6430"
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.38.133
        X-Ascend-Session-Svr-Key = "7982EA80"
        Acct-Delay-Time = 0
        Acct-Unique-Session-Id = "523eac6ae326a778"
        Timestamp = 1394602204
        Request-Authenticator = Verified

 

user config in the users file on the freeradius server :

olivier Cleartext-Password := "olivier"
        Service-Type = Framed-User,
        Cisco-AVPair += "ip:addr-pool=pppoepool",
        Cisco-AVpair += "ip:sub-qos-policy-out=TEST"

 

I see that the policy map name is pulled correctly from the radius server and applied to the session :

#sh policy-map session uid 14
 SSS session identifier 14 -

  Service-policy output: TEST

    Class-map: TEST (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
      police:
          cir 8000 bps, bc 1500 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

 

 

Any input very welcome

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic