RADIUS Attributes Configuration Guide Cisco IOS XE Release 3S
Connect-Info RADIUS Attribute 77
Downloads: This chapterpdf (PDF - 1.16MB) The complete bookPDF (PDF - 3.0MB) | The complete bookePub (ePub - 380.0KB) | Feedback

Connect-Info RADIUS Attribute 77

Connect-Info RADIUS Attribute 77

The Connect-Info RADIUS Attribute 77 feature enables the Network Access Server (NAS) to report Connect-Info (attribute 77) in RADIUS accounting “start” and “stop” records that are sent to the RADIUS client (dial-in modem). These records allow the transmit and receive connection speeds, modulation, and compression to be compared in order to analyze a user session over a dial-in modem where speeds are often different at the end of the connection (after negotiation).

When the network access server (NAS) sends attribute 77 in accounting “start” and “stop” records, the connect rates can be measured across the platform. The “transmit” speed (the speed at which the NAS modem sends information) and “receive” speed (the speed at which the NAS receives information) can be recorded to determine whether user modem connections renegotiate to lower speeds shortly into a session. If the transmit and receive speeds are different from each other, attribute 77 reports both speeds, which allows the modem connection speeds that each customer gets from their session.

Attribute 77 is also used to send the Class string for broadband connections such as PPPoX, physical connection speeds for dial access, and the VRF string for any sessions on router interfaces defined with ip vrf forwarding command.


Note


This feature requires no configuration.


Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for Connect-Info RADIUS Attribute 77

For information about release and platform support, see the Feature Information for Connect-Info RADIUS Attribute 77.

Before the NAS can send attribute 77 in accounting “start” and “stop” records, you must perform the following tasks:

  • Configure your NAS for authentication, authorization, and accounting (AAA) and to accept incoming modem calls.
  • Enable AAA accounting by using the aaa accounting network default start-stop group radius command in global configuration mode.
  • Change the modem poll timer by using the modem link-info poll time command in global configuration mode.

Note


Changing the modem poll timer is required on the Cisco ASR 1000 Series Aggregation Services Routers.


Information About Connect-Info RADIUS Attribute 77

The Configurable Connect-Info Attributes feature introduces support for RADIUS attribute 77 (Connect-Info), which provides information about connection speeds, modulation, and compression for modem dial-in connections via RADIUS accounting “start” and “stop” records.

Customizing Attribute 77 for Ethernet Connections

To customize Attribute 77 for Ethernet connections, enter the connection information as the name of the service policy attached to the Ethernet subinterface. The router takes the policy name and copies it to Attribute 77.

For example, in the following configuration the outbound service policy named speed:eth:25100:5100:19/0 is attached to the QinQ Gigabit Ethernet subinterface 1/0/0.2696. The router copies the policy name to Attribute 77 and sends it to the RADIUS server in an Access-Request or Accounting-Start or Stop message.

interface GigabitEthernet1/0/0.2696
encapsulation dot1q 2696 second-dot1q 256
pppoe enable group global
no snmp trap link-status
service-policy input set_precedence_to_0

service-policy output speed:eth:25100:5100:19/0

Customizing Attribute 77 for ATM Connections

To customize Attribute 77 for ATM connections, configure the aaa connect-info string command in the following configuration modes:

  • PVC (for a specific PVC)
  • PVC range (for a range of PVCs)
  • PVC-in-range (for a specific PVC in a range of PVCs)
  • VC class (under a specific class-vc command)

The router takes the name of the VC class you specify under the class-vc command or the string you specify in the aaa connect-info string command and copies it to Attribute 77.

For example, in the following configuration the class-vc command is configured on both ATM PVCs 10/42 and 10/43 and the aaa connect-info command is configured on PVC 10/42:

interface ATM1/0/0.1 multipoint
description TDSL clients - default TDSL 1024 no ip mroute-cache
class-int speed:ubr:1184:160:10
range pvc 10/41 10/160
!
pvc-in-range 10/42
class-vc speed:ubr:2303:224:10
aaa connect-info speed:ubr:2303:224:10:isp-specific-descr
!
pvc-in-range 10/43
class-vc speed:ubr:2303:224:10

For PVC 10/42, the router takes the string (speed:ubr:2303:224:10:isp-specific-descr) specified in the aaa connect-info command and copies it to Attribute 77. If the aaa connect-info command is not configured on the subinterface, the router takes the class name (speed:ubr:2303:224:10) specified in the class-vc command and copies it to Attribute 77.

For PVC 10/43, the router takes the class name (speed:ubr:2303:224:10) specified in the class-vc command and copies it to Attribute 77.

How to Verify the Connect-Info RADIUS Attribute 77

Verifying the Connect-Info RADIUS Attribute 77

To verify attribute 77 in your accounting “start” and “stop” records, use the debug radius command in privileged EXEC mode.

SUMMARY STEPS

    1.    enable

    2.    debug radius


DETAILED STEPS
      Command or Action Purpose
    Step 1 enable


    Example:
    Router> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.
     
    Step 2 debug radius


    Example:
    Router# debug radius
     

    Displays information associated with RADIUS.

     

    Example

    The following example shows the Connect-Info [77] accounting attributes:

    Router# debug radius
    Sep 8 21:53:05.242: RADIUS/ENCODE(00007D34):Orig. component type = PPPoE 
    Sep 8 21:53:05.242: RADIUS: AAA Unsupported Attr: interface [208] 10 
    Sep 8 21:53:05.242: RADIUS: 30 2F 31 2F 30 2F 39 2E [ 0/1/0/9.] 
    Sep 8 21:53:05.242: RADIUS: AAA Unsupported Attr: client-mac-address[45] 14 
    Sep 8 21:53:05.242: RADIUS: 30 30 30 30 2E 63 30 30 31 2E 30 31 [ 0000.c001.01] 
    Sep 8 21:53:05.242: RADIUS(00007D34): Config NAS IP: 0.0.0.0 
    Sep 8 21:53:05.242: RADIUS/ENCODE(00007D34): acct_session_id: 32042 
    Sep 8 21:53:05.242: RADIUS(00007D34): sending 
    Sep 8 21:53:05.242: RADIUS/ENCODE: Best Local IP-Address 10.3.8.2 for Radius-Server 10.3.1.107 
    Sep 8 21:53:05.242: RADIUS(00007D34): Send Access-Request to 10.3.1.107:1645 id 1645/1, len 116 
    Sep 8 21:53:05.242: RADIUS: authenticator FC 82 50 DB 65 8F 21 A9 - F3 0A A8 09 29 E5 56 65 
    Sep 8 21:53:05.242: RADIUS: Framed-Protocol [7] 6 PPP [1] 
    Sep 8 21:53:05.242: RADIUS: User-Name [1] 8 ''user1'' 
    Sep 8 21:53:05.242: RADIUS: User-Password [2] 18 * 
    Sep 8 21:53:05.242: RADIUS: NAS-Port-Type [61] 6 Virtual [5] 
    Sep 8 21:53:05.242: RADIUS: NAS-Port [5] 6 0 
    Sep 8 21:53:05.242: RADIUS: NAS-Port-Id [87] 12 ''0/1/0/9.32'' 
    Sep 8 21:53:05.242: RADIUS: Connect-Info [77] 28 ''speed:ubr:3456:448:10/0000'' 
    Sep 8 21:53:05.242: RADIUS: Service-Type [6] 6 Framed [2] 
    Sep 8 21:53:05.242: RADIUS: NAS-IP-Address [4] 6 10.3.8.2 
    Sep 8 21:53:05.242: RADIUS(00007D34): Started 5 sec timeout 
    Sep 8 21:53:05.244: RADIUS: Received from id 1645/1 10.3.1.107:1645, Access-Accept, len 32 
    Sep 8 21:53:05.244: RADIUS: authenticator 9A F1 29 01 66 53 17 CB - 73 FB 1B CE 7D 80 04 F2 
    Sep 8 21:53:05.244: RADIUS: Service-Type [6] 6 Framed [2] 
    Sep 8 21:53:05.244: RADIUS: Framed-Protocol [7] 6 PPP [1] 
    Sep 8 21:53:05.244: RADIUS(00007D34): Received from id 1645/1 
    Sep 8 21:53:05.248: RADIUS/ENCODE(00007D34):Orig. component type = PPPoE 
    Sep 8 21:53:05.248: RADIUS(00007D34): Config NAS IP: 0.0.0.0 
    Sep 8 21:53:05.248: RADIUS(00007D34): sending 
    Sep 8 21:53:05.248: RADIUS/ENCODE: Best Local IP-Address 10.3.8.2 for Radius-Server 5.3.1.107 
    Sep 8 21:53:05.248: RADIUS(00007D34): Send Accounting-Request to 10.3.1.107:1646 id 1646/3, len 126 
    Sep 8 21:53:05.248: RADIUS: authenticator 71 6E 73 9B FD 7E 82 81 - 10 2A CD 83 A8 BD D2 F0 
    Sep 8 21:53:05.248: RADIUS: Acct-Session-Id [44] 10 ''00007D2A'' 
    Sep 8 21:53:05.248: RADIUS: Framed-Protocol [7] 6 PPP [1] 
    Sep 8 21:53:05.248: RADIUS: User-Name [1] 8 ''user1'' 
    Sep 8 21:53:05.248: RADIUS: Acct-Authentic [45] 6 RADIUS [1] 
    Sep 8 21:53:05.248: RADIUS: Acct-Status-Type [40] 6 Start [1] 
    Sep 8 21:53:05.248: RADIUS: NAS-Port-Type [61] 6 Virtual [5] 
    Sep 8 21:53:05.248: RADIUS: NAS-Port [5] 6 0 
    Sep 8 21:53:05.248: RADIUS: NAS-Port-Id [87] 12 ''0/1/0/9.32'' 
    Sep 8 21:53:05.248: RADIUS: Connect-Info [77] 28 ''speed:ubr:3456:448:10/0000

    Configuration Example for Connect-Info RADIUS Attribute 77

    Example: Configure NAS for AAA and Incoming Modem Calls

    The following example is a sample NAS configuration for AAA and incoming modem calls:

    interface Serial0:15
      no ip address
      isdn switch-type primary-net5
      isdn incoming-voice modem
    !
    interface Async1
      ip address 192.0.2.2 255.255.255.0
      encapsulation ppp
      async default routing
      async mode interactive
      no peer default ip address
      ppp authentication chap
    !
    line 1
      modem InOu
      transport preferred none
      transport input all
      autoselect ppp
    !
    

    Additional References

    The following sections provide references related to the Connect-Info RADIUS Attribute 77 feature.

    Related Documents

    Related Topic

    Document Title

    IOS dial technologies

    Cisco IOS XE Dial Technologies Configuration Guide, Release 2

    Cisco IOS Dial Technologies Command Reference

    Security commands

    Cisco IOS Security Command Reference

    Standards

    Standard

    Title

    No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

    --

    MIBs

    MIB

    MIBs Link

    No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

    To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

    http:/​/​www.cisco.com/​go/​mibs

    RFCs

    RFC

    Title

    RFC 2869

    RADIUS Extensions

    Technical Assistance

    Description

    Link

    The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

    To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

    Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​techsupport

    Feature Information for Connect-Info RADIUS Attribute 77

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

    Table 1 Feature Information for Connect-Info RADIUS Attribute 77

    Feature Name

    Releases

    Feature Information

    Connect-Info RADIUS Attribute 77

    Cisco IOS XE Release 2.1

    The Connect-Info RADIUS Attribute 77 feature enables the network access server (NAS) to report Connect-Info (attribute 77) in RADIUS accounting “start” and “stop” records that are sent to the RADIUS client (dial-in modem). These “start” and “stop” records allow the transmit and receive connection speeds, modulation, and compression to be compared in order to analyze a user session over a dial-in modem where speeds are often different at the end of the connection (after negotiation).

    In Cisco IOS XE Release 2.1, this feature was introduced on the Cisco ASR 1000 series routers.