Downloads |
Table Of Contents
Supported Standards, MIBs, and RFCs
Configuring the NME Interface IP Address on the NSP
Verifying the NME Interface IP Address
Configuring RADIUS VC Logging on the NRP
radius-server attribute nas-port format
RADIUS VC Logging
Feature Overview
RADIUS Virtual Circuit (VC) Logging allows the Cisco 6400 Universal Access Concentrator to accurately record the virtual path interface (VPI) and virtual circuit interface (VCI) of an incoming subscriber session.
With RADIUS VC Logging enabled, the RADIUS network access server (NAS) port field is extended and modified to carry VPI/VCI information. This information is logged in the RADIUS accounting record that was created at session startup.
Benefits
Accurate VPI/VCI Information
The VPI/VCI of an incoming permanent virtual circuit (PVC) is recorded at the point of entry on the Cisco 6400 node switch processor (NSP), offering the RADIUS client a unique VPI/VCI for each incoming PVC.
Restrictions
Both PPPoE and PPPoA support RADIUS VC Logging in Cisco IOS Release 12.1(1)DC and later. In earlier releases, only PPPoA supports RADIUS VC Logging.
To use the RADIUS VC Logging feature on the Cisco 6400 NRP and the Combined Network Management Ethernet (NME) Interface feature on the Cisco 6400 system, the Cisco 6400 NSP must be running Cisco IOS Release 12.1(3)DB or later. See CSCdr81919 for more information.
Supported Platforms
RADIUS VC Logging is supported on the Cisco 6400.
Supported Standards, MIBs, and RFCs
MIBs
None
RFCs
•
RFC 2138, Remote Authentication Dial In User Service (RADIUS), April 1997
•
Standards
None
Configuration Tasks
Perform the following tasks to configure RADIUS VC logging:
•
•
•
Configuring the NME Interface IP Address on the NSP
The NAS-IP-Address field in the RADIUS accounting packet contains the IP address of the Network Management Ethernet (NME) port on the NSP, even if the NME is shutdown.
On an NSP that is pre-loaded with the Cisco IOS Release 12.0(5)DB or newer software image, the combined NME interface is included in the default configuration. If your NRP does not use a DHCP server to obtain an IP address, you must configure a static IP address. To configure a static combined NME IP address, enter the following commands beginning in global configuration mode:
Selects the combined NME interface.
Configures a static IP and subnetwork address.
Instead of the combined NME interface, you can choose to use the Ethernet port as a separate NME interface. To configure the NME IP address, enter the following commands beginning in global configuration mode:
Note
Verifying the NME Interface IP Address
To verify the NME IP address, enter the show interface bvi1 or show interface e0/0/0 EXEC command on the NSP. Check the Internet address statement (indicated with an arrow).
Switch# show interface bvi1BVI1 is up, line protocol is upHardware is BVI, address is 0010.7ba9.c783 (bia 0000.0000.0000)Internet address is 10.1.1.33/16MTU 1500 bytes, BW 10000 Kbit, DLY 5000 usec,reliability 255/255, txload 1/255, rxload 1/255Encapsulation ARPA, loopback not setARP type:ARPA, ARP Timeout 04:00:00Last input never, output never, output hang neverLast clearing of "show interface" counters neverQueueing strategy:fifoOutput queue 0/0, 0 drops; input queue 0/75, 0 drops5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec1540 packets input, 302775 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort545 packets output, 35694 bytes, 0 underruns0 output errors, 0 collisions, 0 interface resets0 output buffer failures, 0 output buffers swapped outSwitch#Configuring RADIUS VC Logging on the NRP
To enable RADIUS VC logging on the Cisco 6400 NRP, enter the following command in global configuration mode:
Selects the ATM VC extended format for the NAS port field.
Verifying RADIUS VC Logging
To verify RADIUS VC Logging on the RADIUS server, examine a RADIUS accounting packet. If RADIUS VC logging is enabled on the Cisco 6400, the RADIUS accounting packet will appear similar to the following example:
Wed Jun 16 13:57:31 1999NAS-IP-Address = 192.168.100.192NAS-Port = 268566560NAS-Port-Type = VirtualUser-Name = "cisco"Acct-Status-Type = StartService-Type = FramedAcct-Session-Id = "1/0/0/2.32_00000009"Framed-Protocol = PPPFramed-IP-Address = 172.16.7.254Acct-Delay-Time = 0The NAS-Port line shows that RADIUS VC logging is enabled. If this line does not appear in the display, then RADIUS VC logging is not enabled on the Cisco 6400.
The Acct-Session-Id line should also identify the incoming NSP interface and VPI/VCI information, in this format:
Acct-Session-Id = "slot/subslot/port/VPI.VCI_acct-session-id"
Note
Configuration Example
In the following example, a RADIUS server is identified, and the NAS port field is set to ATM VC Extended format:
radius-server host 10.31.5.96 auth-port 1645 acct-port 1646radius-server attribute nas-port format dCommand Reference
This section documents the new command that configures the RADIUS VC Logging feature.
radius-server attribute nas-port format
To select the NAS port format used for RADIUS accounting features, use the radius-server attribute nas-port format global configuration command. To restore the default NAS port format, use the no form of this command.
[no] radius-server attribute nas-port format format
Syntax Description
format
Choose one of the following keywords:
a—Standard NAS port format.
b—Extended NAS port format.
c—Shelf-slot NAS port format.
d—ATM VC extended NAS port format.
Default
Standard NAS port format.
Command Modes
EXEC
Command History
11.3(7)T
This command was first introduced.
11.3(9)DB and 12.0(5)DC
The d format was added for the Cisco 6400 NRP.
Usage Guidelines
This command replaces the deprecated radius-server attribute nas-port extended command.
The radius-server attribute nas-port format command configures RADIUS to change the size and format of the NAS port attribute field (RADIUS IETF Attribute 5).
•
•
•
•
Note
Examples
The following example selects the ATM VC extended NAS port format, used for RADIUS VC Logging:
radius-server attribute nas-port format dRelated Commands
Glossary
NAS—network access server.
NME—Network Management Ethernet. The local area network used to control and manage equipment in a Central Office and branch locations. The NME connection on the Cisco 6400 is an RJ-45 connector for a 10BaseT port on the NSP module.
NSP—node switch processor. A component module responsible for all ATM switching and control functions within the Cisco 6400.
PPP—Point-to-Point Protocol. A protocol that encapsulates network layer protocol information over point-to-point links. PPP is defined in RFC 1661.
PPPoA—PPP over ATM
PPPoE—PPP over Ethernet
PVC—permanent virtual circuit. Virtual circuit that is permanently established. PVCs save bandwidth associated with circuit establishment and tear down in situations where certain virtual circuits must exist all the time.
RADIUS—Remote Access Dial-In User Service. Database for authenticating modem and ISDN connections and for tracking connection time.
VC—virtual circuit. Logical circuit created to ensure reliable communication between two network devices. A virtual circuit is defined by a VPI/VCI pair, and can be either permanent (PVC) or switched (SVC).
VCI—virtual channel identifier. 16-bit field in the header of an ATM cell. The VCI, together with the VPI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination.
VPI—virtual path identifier. Eight-bit field in the header of an ATM cell. The VPI, together with the VCI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination.
