RADIUS Schema Statistics

The RADIUS schema provides operational statistics that can be used for monitoring and troubleshooting RADIUS AAA functionality used by the following products: ASN-GW, GGSN, HA, HSGW, IPSG, P-GW, PDSN

This schema displays information pertaining to RADIUS bulk statistics per server.

This schema provides the following types of statistics:
  • Counter: A counter records incremental data cumulatively and rolls over when the counter limit is reached. All counter statistics are cumulative and reset only by one of the following methods: roll-over when limit is reached, after a system restart, or after a clear command is performed. The limit depends upon the data type.
  • Gauge: A gauge statistic indicates a single value; a snapshot representation of a single point in time within a defined time frame. The gauge changes to a new value with each snapshot though a value may repeat from one period to the next. The limit depends upon the data type.
  • Information: This type of statistic provides information, often intended to differentiate sets of statistics; for example, a VPN name or IP address. The type of information provided depends upon the data type.
The data type defines the format of the data for the value provided by the statistic. The following data types are used in statistics for this schema:
  • Int32/Int64: An integer, either 32-bit or 64-bit: For statistics with the Int32 data type, the roll-over to zero limit is 4,294,967,295. For statistics with the Int64 data type, the roll-over to zero limit is 18,446,744,073,709,551,615.
  • Float: A numeric value that can be represented fractionally; for example, 1.345.
  • String: A series of ASCII alphanumeric characters in a single grouping, usually pre-configured.

IMPORTANT:

Unless otherwise indicated, all statistics are counters and all statistics are standards-based.

Key Variables: Every schema has some variables which are typically referred to as 'key variables'. These key variables provide index markers to identify which object the statistics apply to. For example, in the card schema, the card number (variable %card%) uniquely identifies a card. For an HA service, the keys would be "%vpnname%" plus "%servname%", as the combination uniquely identifies an HA service. So, in a given measurement interval, one row of statistics will be generated per unique key. The schema keys are identified in the Description section of the table.


Table 1. Bulk Statistic Variables in the RADIUS Schema
Variables Description Data Type

ipaddr

Description: The IP address of the RADIUS server for which statistics are being collected. The IP address can be specified in IPv4 or IPv6 notation.

This is a key variable.

Availability: Per AAA group

Type: Information

String

port

Description: The UDP port being used for the exchange of RADIUS data.

This is a key variable.

Availability: Per AAA group

Type: Information

Int32

servertype

Description: The type of RADIUS server (authentication or accounting) for which statistics are being collected.

This is a key variable.

Availability: Per AAA group

Type: Information

String

vpnname

Description: The name of the context configured on the system that is currently facilitating the RADIUS server configuration.

This is a key variable.

Availability: Per system

Type: Information

String

vpnid

Description: The identification number of the context configured on the system that is currently facilitating the RADIUS server configuration. This is an internal reference number.

This is a key variable.

Availability: Per system

Type: Information

Int32

group

Description: The RADIUS group name on a per-radius-server basis.

This is a key variable.

Availability: Per system

Type: Information

String

nasipaddr

Description: The RADIUS network access server address.

This is a key variable.

Availability: Per AAA group

Type: Information

String

auth-req-sent

Description: The total number of authentication requests sent to this server.

Triggers: Increments when an authentication request is sent to RADIUS server

Availability: Per RADIUS server

Int32

auth-req-sentwdmu

Description: The total number of authentication requests sent to this server with a Dynamic Mobile IP Key Update.

Triggers: Increments when an authentication request is sent to RADIUS server with DMU attribute

Availability: Per RADIUS server

Int32

auth-req-pending

Description: The total number of authentication requests pending for this server.

Triggers:

Increments whenever a response to the authentication request is pending from the RADIUS server

Decrements when an acknowledgement is received for the authentication request from the RADIUS server

Availability: Per RADIUS server

Type: Gauge

Int32

auth-req-queued

Description: The total number of authentication requests queued for this server.

Triggers: Increments when an authentication request is queued for the server

Decrements when the authentication request is dequeued and sent to the RADIUS server

Availability: Per RADIUS server

Type: Gauge

Int32

auth-req-retried

Description: The total number of authentication requests that were re-sent to this server.

Triggers: Increments when an authentication request is retried

Availability: Per RADIUS server

Int32

auth-req-retriedwdmu

Description: The total number of authentication requests that were re-sent to this server with a Dynamic Mobile IP Key Update.

Triggers: Increments when an authentication request with DMU attribute is retried

Availability: Per RADIUS server

Int32

auth-chal-rcvd

Description: The total number of authentication access challenges received from this server.

Triggers: Increments when an authentication access challlenge request is received from RADUS server

ailability: Per RADIUS server

Int32

auth-acc-rcvd

Description: The total number of authentication accept messages received from this server.

Triggers: Increments when an authentication accept message is received from RADIUS server

Availability: Per RADIUS server

Int32

auth-rej-rcvd

Description: The total number of authentication reject messages received from this server.

Triggers: Increments when an authentication reject message is received from RADIUS server

Availability: Per RADIUS server

Int32

auth-rej-rcvdwdmu

Description: The total number of authentication reject messages received from this server with a Dynamic Mobile IP Key Update.

Triggers: Increments when an authentication reject message is received with DMU attribute

Availability: Per RADIUS server

Int32

auth-timeout

Description: The total number of authentication requests for this server that timed-out.

Triggers: Increments when an authentication request is timed out for the RADIUS server

Availability: Per RADIUS server

Int32

cons-fail

Description: The total number of consecutive authentication/accounting failures that occurred with this server.

Triggers: Increments whenever two or more consecutive authentication/accounting requests fail

Availability: Per RADIUS server

Int32

auth-cons-fail

Description: The total number of consecutive authentication failures that occurred with this server.

IMPORTANT:

This statistic is obsolete and has been replaced with “cons-fail” statistic.

Int32

auth-rsp-badauth

Description: The total number of Accept Request responses received by the system from the server that contains an incorrect Authenticator field, thereby failing message authentication.

Triggers: Increments whenever a message authentication fails due to the presence of incorrect Authenticator field in Accept Request response received from the server.

Availability: Per RADIUS server

Int32

auth-rsp-malformed

Description: The total number of Accept Request responses received by the system from the server that were malformed.

Triggers: Increments whenever an Accept Request response from the server is detected to be malformed.

Availability: Per RADIUS server

Int32

auth-rsp-malformedattr

Description: The total number of malformed or invalid attributes received in Access-Request response messages.

Triggers: Increments whenever a malformed or invalid attribute is received in Access-Request response message.

Availability: Per RADIUS server

Int32

auth-rsp-unktype

Description: The total number of Accept Request responses received by the system from the server that contained an unknown message type.

Triggers: Increments whenever an unknown message type is included in Access-Request response message received from the server.

Availability: Per RADIUS server

Int32

auth-rsp-dropped

Description: The total number of authentication responses from this server that were discarded. The message discard can happen due to any of the following reasons - the request being timed out, response arriving late, or request being cancelled due to call disconnection, etc.

Triggers: Increments whenever an authentication response message is discarded

Availability: Per RADIUS server

Int32

auth-rsp-roundtripusec

Description: Indicates the amount of time it took for the system to receive a valid response from the server for the last authentication request. This is used as a measure to determine how fast the server responds to the authentication request.

Triggers: This statistics is updated whenever the system receives a valid response to the last authentication request.

Availability: Per RADIUS server

Type: Information

Int32

probe-issued

Description: The total number of probe transactions issued to the RADIUS server. Probe is a type of RADIUS test authentication message.

Triggers: Increments whenever a probe request is sent to the RADIUS server.

Availability: Per RADIUS server

Int32

probe-success

Description: The total number of complete successful probe transactions to the RADIUS server.

Triggers: Increments whenever a response is received from the RADIUS server for the probe request sent.

Availability: Per RADIUS server

Int32

probe-failed

Description: The total number of failed probe transactions to the RADIUS server.

Triggers: Increments whenever a response is not received from the RADIUS server for the probe request sent.

Availability: Per RADIUS server

Int32

probe-roundtriptimeusec

Description: The amount of time, in milliseconds, that it took from when a request was sent to and acknowledgement was received from the RADIUS server.

Triggers: This statistics is updated when a request was sent to and acknowledgement was received from the RADIUS server.

Availability: Per RADIUS server

Type: Information

Int32

keepalive-auth-req-sent

Description: The total number of keepalive authentication requests sent.

Triggers: Increments whenever a keepalive authentication request is sent to the RADIUS server.

Availability: Per RADIUS server

Int32

keepalive-auth-retried

Description: The total number of keepalive authentication requests retried.

Triggers: Increments whenever a keepalive authentication request is retried.

Availability: Per RADIUS server

Int32

keepalive-auth-timeout

Description: The total number of keepalive authentication requests that timed out.

Triggers: Increments whenever a keepalive authentication request is timed out.

Availability: Per RADIUS server

Int32

keepalive-auth-acc-rcvd

Description: The total number of keepalive authentication accept requests that were received.

Triggers: Increments whenever a keepalive authentication accept request is received.

Availability: Per RADIUS server

Int32

keepalive-auth-rej-rcvd

Description: The total number of keepalive authentication rejections that were received.

Triggers: Increments whenever a keepalive authentication rejection is received.

Availability: Per RADIUS server

Int32

keepalive-auth-rsp-badauth

Description: The total number of keepalive authentication request response messages that failed with a bad authenticator.

Triggers: Increments when a keepalive authentication request response message failed with a bad authenticator.

Availability: Per RADIUS server

Int32

keepalive-auth-rsp-malformed

Description: The total number of keepalive authentication request response messages that were malformed.

Triggers: Increments when a keepalive authentication request response message is detected to be malformed.

Availability: Per RADIUS server

Int32

keepalive-auth-rsp- malformedattr

Description: The total number of keepalive authentication request response messages that contained malformed attributes.

Triggers: Increments when a malformed attribute is included in the keepalive authentication request response message.

Availability: Per RADIUS server

Int32

keepalive-auth-rsp-unktype

Description: The total number of keepalive authentication request response messages that failed with an unknown message type.

Triggers: Increments when a keepalive authentication request response message failed with an unknown message type.

Availability: Per RADIUS server

Int32

keepalive-auth-rsp-dropped

Description: The total number of keepalive authentication request response messages that were dropped.

Triggers: Increments when a keepalive authentication request response message is dropped.

Availability: Per RADIUS server

Int32

acc-req-sent

Description: The total number of accounting requests sent to this server.

Triggers: Increments when an accounting request is sent to the RADIUS server.

Availability: Per RADIUS server

Int32

acc-req-pending

Description: The total number of accounting requests pending for this server.

Triggers: Increments when an accounting request is pending for the RADIUS server.

Availability: Per RADIUS server

Int32

acc-req-queued

Description: The total number of accounting requests queued for this server.

Triggers: Increments when an accounting request is queued for the RADIUS server.

Availability: Per RADIUS server

Int32

acc-req-retried

Description: The total number of accounting requests that were re-sent to this server.

Triggers: Increments when an accounting request is re-sent to the RADIUS server.

Availability: Per RADIUS server

Int32

acc-rsp-rcvd

Description: The total number of accounting responses received from this server.

Triggers: Increments when an accounting response is received from the RADIUS server.

Availability: Per RADIUS server

Int32

acc-req-timeout

Description: The total number of accounting requests for this server that timed-out.

Triggers: Increments when an accounting request is timed out.

Availability: Per RADIUS server

Int32

acc-req-cons-fail

Description: The total number of consecutive accounting failures that occurred with this server.

IMPORTANT:

This statistic is obsolete and has been replaced with “cons-fail” statistic.

Int32

acc-rsp-badresp

Description: The total number of Accounting Responses received by the system from the server that contained an incorrect Authenticator field, thereby failing message.

Triggers: Increments whenever a message accounting fails due to the presence of incorrect Authenticator field in Accounting response received from the server.

Availability: Per RADIUS server

Int32

acc-rsp-malformed

Description: The total number of Accounting Responses received by the system from the server that were malformed.

Triggers: Increments whenever an Accounting Response from the server is detected to be malformed.

Availability: Per RADIUS server

Int32

acc-rsp-unktype

Description: The total number of Accounting Responses received by the system from the server that contained an unknown message type.

Triggers: Increments whenever an unknown message type is included in Accounting Response message received from the server.

Availability: Per RADIUS server

Int32

acc-rsp-dropped

Description: The total number of Accounting Responses from the server that were discarded.

Triggers: Increments whenever an Accounting Response message is discarded

Availability: Per RADIUS server

Int32

acc-rsp-roundtripusec

Description: Indicates the amount of time it took for the system to receive a valid response from the server for the last accounting request.

Triggers: This statistics is updated whenever the system receives a valid response to the last accounting request.

Availability: Per RADIUS server

Type: Information

Int32

acc-start-sent

Description: The total number of accounting start messages sent.

Triggers: Increments whenever an accounting start message is sent

Availability: Per RADIUS server

Int32

acc-stop-sent

Description: The total number of accounting stop messages sent.

Triggers: Increments whenever an accounting stop message is sent

Availability: Per RADIUS server

Int32

acc-interim-sent

Description: The total number of interim accounting messages sent.

Triggers: Increments whenever an interim accounting message is sent

Availability: Per RADIUS server

Int32

acc-on-sent

Description: The total number of accounting ON messages sent.

Triggers: Increments whenever an accounting ON message is sent

Availability: Per RADIUS server

Int32

acc-off-sent

Description: The total number of accounting OFF messages sent.

Triggers: Increments whenever an accounting OFF message is sent

Availability: Per RADIUS server

Int32

acc-start-retries

Description: The total number of accounting start retry messages sent.

Triggers: Increments whenever an accounting start message is retried

Availability: Per RADIUS server

Int32

acc-stop-retries

Description: The total number of accounting stop retry messages sent.

Triggers: Increments whenever an accounting stop message is retried

Availability: Per RADIUS server

Int32

acc-interim-retries

Description: The total number of interim accounting retry messages sent.

Triggers: Increments whenever an interim accounting message is retried

Availability: Per RADIUS server

Int32

acc-on-retries

Description: The total number of accounting ON retry messages sent.

Triggers: Increments whenever an accounting ON message is retried

Availability: Per RADIUS server

Int32

acc-off-retries

Description: The total number of accounting OFF retry messages sent.

Triggers: Increments whenever an accounting OFF message is retried

Availability: Per RADIUS server

Int32

acc-ttl-g1

Description: The total number of accounted bytes as user input.

Triggers: Increments based on the input byte value of accounting messages

Availability: Per RADIUS server

Int64

acc-ttl-g2

Description: The total number of accounted bytes outputted to user.

Triggers: Increments based on the output byte value of accounting messages

Availability: Per RADIUS server

Int64

keepalive-acct-req-sent

Description: The total number of keepalive accounting request messages sent.

Triggers: Increments whenever a keepalive accounting request message is sent

Availability: Per RADIUS server

Int32

keepalive-acct-retried

Description: The total number of keepalive accounting messages retried.

Triggers: Increments whenever a keepalive accounting request message is retried

Availability: Per RADIUS server

Int32

keepalive-acct-success

Description: The total number of successful keepalive accounting messages.

Triggers: Increments whenever a keepalive accounting request message is successful.

Availability: Per RADIUS server

Int32

keepalive-acct-timeout

Description: The total number of keepalive accounting timeout messages.

Triggers: Increments whenever a keepalive accounting request message is timed out.

Availability: Per RADIUS server

Int32

keepalive-acct-rsp-badauth

Description: The total number of keepalive accounting request response messages that failed with a bad authenticator.

Triggers: Increments whenever a message accounting fails due to the presence of incorrect Authenticator field in keepalive accounting request response message received from the server.

Availability: Per RADIUS server

Int32

keepalive-acct-rsp-malformed

Description: The total number of keepalive accounting request response messages that were malformed.

Triggers: Increments whenever a keepalive accounting request response message is detected to be malformed.

Availability: Per RADIUS server

Int32

keepalive-acct-rsp-unktype

Description: The total number of keepalive accounting request response messages that failed with an unknown type.

Triggers: Increments whenever an unknown message type is included in keepalive accounting request response message received from the server.

Availability: Per RADIUS server

Int32

keepalive-acct-rsp-dropped

Description: The total number of keepalive accounting request response messages that were dropped.

Triggers: Increments whenever a keepalive accounting request response message is discarded

Availability: Per RADIUS server

Int32

online-acc-req-sent

Description: The total number of Online Access Request messages sent.

Triggers: Increments whenever an Online Access Request message is sent.

Availability: Per RADIUS server

Int32

online-acc-req-pending

Description: The total number of Online Access Request messages pending.

Triggers: Increments whenever an Online Access Request message is pending for the RADIUS server.

Availability: Per RADIUS server

Int32

online-acc-req-retried

Description: The total number of Online Access Request messages retried.

Triggers: Increments whenever an Online Access Request message is retried.

Availability: Per RADIUS server

Int32

online-acc-rsp-rcvd

Description: The total number of Online Access Accept messages received.

Triggers: Increments whenever an Online Access Accept message is received.

Availability: Per RADIUS server

Int32

online-acc-rej-rcvd

Description: The total number of Online Access Reject messages received.

Triggers: Increments whenever an Online Access Reject message is received.

Availability: Per RADIUS server

Int32

online-acc-req-timeout

Description: The total number of Online Access Request message timeouts.

Triggers: Increments whenever an Online Access Request message is timed out.

Availability: Per RADIUS server

Int32

online-acc-rsp-badauth

Description: The total number of Online Access Request messages that failed with a bad authenticator.

Triggers: Increments whenever a message accounting fails due to the presence of incorrect Authenticator field in Online Access Request message.

Availability: Per RADIUS server

Int32

online-acc-rsp-malformed

Description: The total number of Online Access Request Response messages that were malformed.

Triggers: Increments whenever an Online Access Request Response message from the server is detected to be malformed.

Availability: Per RADIUS server

Int32

online-acc-rsp-malformedattr

Description: The total number of Online Access Request Response messages that contained a malformed attribute.

Triggers: Increments whenever a malformed or invalid attribute is received in Online Access Request Response message.

Availability: Per RADIUS server

Int32

online-acc-rsp-unktype

Description: The total number of Online Access Request Response messages that are of an unknown type.

Triggers: Increments whenever an unknown message type is included in Online Access Request Response message received from the server.

Availability: Per RADIUS server

Int32

online-acc-badmsgauth

Description: The total number of Online Access Request Response messages that contained a bad message authenticator.

Triggers: Increments whenever an Online Access Request Response message contains a bad message authenticator.

Availability: Per RADIUS server

Int32

online-acc-nomsgauth

Description: The total number of Online Access Request Response messages that contained no message authenticator.

Triggers: Increments whenever an Online Access Request Response message does not contain any message authenticator.

Availability: Per RADIUS server

Int32

IMPORTANT:

For information on statistics that are common to all schema see the Statistics and Counters Overview chapter.