About the RADIUS Listener Login Event Generator
Revised: November 8, 2010, OL-21081-02
This chapter describes the Service Control Management Suite (SCMS) Subscriber Manager (SM) RADIUS listener Login Event Generator (LEG) software module.
•About the RADIUS Listener LEG
About the RADIUS Listener LEG
The RADIUS listener LEG is a software module that receives RADIUS accounting messages, and according to their content, invokes logon operations to the SM. It also provides dynamic integration for subscribers over virtual private network (VPN). The RADIUS listener LEG is an extension to the SM software and runs concurrently with the SM.
When the RADIUS listener LEG receives an Accounting-Start message, it extracts the subscriber ID, the subscriber IP-address, the VLAN-ID, and optionally, the subscriber package index from the message attributes, and triggers a login operation to the SM. In the same manner, Accounting-Interim-Update triggers a login operation, and the Accounting-Stop message triggers a logout operation.
If configured by the user, when no interim update message is received over an aging time, the SM removes the subscriber's mappings and triggers a logout operation. This feature is disabled by default and configurable on each RADIUS listener or sniffer LEG.
The RADIUS listener LEG also contains a regular expression utility. This command-line utility (CLU) can be used to test regular expression "spelling" validity, test and show the reduction and pattern-matching of an input list of strings against certain regular-expression patterns, and provide the user with detailed output for each manipulation operation result.
The RADIUS listener LEG was carefully developed and thoroughly tested with several RADIUS AAA servers and NAS devices.
Figure 14-1 illustrates a topology in which a RADIUS server/proxy forwards or proxies the RADIUS accounting messages to the RADIUS listener LEG.
Figure 14-1 Example of RADIUS Server Forwarding RADIUS Accounting Messages to RADIUS Listener LEG
Figure 14-2 illustrates a topology in which the NAS performs authentication with the RADIUS server, and sends RADIUS accounting messages to the RADIUS listener LEG and, optionally, to the RADIUS server.
Figure 14-2 Example of NAS Sending RADIUS Accounting Messages to both the RADIUS Listener LEG and the RADIUS Server