Connect-Info RADIUS Attribute 77
First Published: September 22, 2002
Last Published: July 31, 2009
The Connect-Info RADIUS Attribute 77 feature enables the Network Access Server (NAS) to report Connect-Info (attribute 77) in RADIUS accounting "start" and "stop" records that are sent to the RADIUS client (dial-in modem). These records allow the transmit and receive connection speeds, modulation, and compression to be compared in order to analyze a user session over a dial-in modem where speeds are often different at the end of the connection (after negotiation).
When the network access server (NAS) sends attribute 77 in accounting "start" and "stop" records, the connect rates can be measured across the platform. The "transmit" speed (the speed at which the NAS modem sends information) and "receive" speed (the speed at which the NAS receives information) can be recorded to determine whether user modem connections renegotiate to lower speeds shortly into a session. If the transmit and receive speeds are different from each other, attribute 77 reports both speeds, which allows the modem connection speeds that each customer gets from their session.
Attribute 77 is also used to send the Class string for broadband connections such as PPPoX, physical connection speeds for dial access, and the VRF string for any sessions on router interfaces defined with ip vrf forwarding command.
Note This feature requires no configuration.
Finding Feature Information
For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for Connect-Info RADIUS Attribute 77" section.
Use Cisco Feature Navigator to find information about platform support and Cisco IOS XE software image support. To access Cisco Feature Navigator, go tohttp://tools.cisco.com/ITDIT/CFN/jsp/index.jsp. An account on Cisco.com is not required.
Contents
•Prerequisites for Connect-Info RADIUS Attribute 77
•Information About Connect-Info RADIUS Attribute 77
•How to Verify the Connect-Info RADIUS Attribute 77
•Additional References
•Feature Information for Connect-Info RADIUS Attribute 77
Prerequisites for Connect-Info RADIUS Attribute 77
For information about release and platform support, see the "Feature Information for Connect-Info RADIUS Attribute 77" section.
Before the NAS can send attribute 77 in accounting "start" and "stop" records, you must perform the following tasks:
•Configure your NAS for authentication, authorization, and accounting (AAA) and to accept incoming modem calls.
•Enable AAA accounting by using the aaa accounting network default start-stop group radius command in global configuration mode.
•Change the modem poll timer by using the modem link-info poll time command in global configuration mode.
Note Changing the modem poll timer is required on the Cisco ASR 1000 Series Aggregation Services Routers.
Information About Connect-Info RADIUS Attribute 77
The Configurable Connect-Info Attributes feature introduces support for RADIUS attribute 77 (Connect-Info), which provides information about connection speeds, modulation, and compression for modem dial-in connections via RADIUS accounting "start" and "stop" records.
Before you configure connect-info attributes, you should understand the following concepts:
•Customizing Attribute 77 for Ethernet Connections
•Customizing Attribute 77 for ATM Connections
Customizing Attribute 77 for Ethernet Connections
To customize Attribute 77 for Ethernet connections, enter the connection information as the name of the service policy attached to the Ethernet subinterface. The router takes the policy name and copies it to Attribute 77.
For example, in the following configuration the outbound service policy named speed:eth:25100:5100:19/0 is attached to the QinQ Gigabit Ethernet subinterface 1/0/0.2696. The router copies the policy name to Attribute 77 and sends it to the RADIUS server in an Access-Request or Accounting-Start or Stop message.
interface GigabitEthernet1/0/0.2696
encapsulation dot1q 2696 second-dot1q 256
pppoe enable group global
service-policy input set_precedence_to_0
service-policy output speed:eth:25100:5100:19/0
Customizing Attribute 77 for ATM Connections
To customize Attribute 77 for ATM connections, configure the aaa connect-info string command in the following configuration modes:
•PVC (for a specific PVC)
•PVC range (for a range of PVCs)
•PVC-in-range (for a specific PVC in a range of PVCs)
•VC class (under a specific class-vc command)
The router takes the name of the VC class you specify under the class-vc command or the string you specify in the aaa connect-info string command and copies it to Attribute 77.
For example, in the following configuration the class-vc command is configured on both ATM PVCs 10/42 and 10/43 and the aaa connect-info command is configured on PVC 10/42:
interface ATM1/0/0.1 multipoint
description TDSL clients - default TDSL 1024 no ip mroute-cache
class-int speed:ubr:1184:160:10
class-vc speed:ubr:2303:224:10
aaa connect-info speed:ubr:2303:224:10:isp-specific-descr
class-vc speed:ubr:2303:224:10
For PVC 10/42, the router takes the string (speed:ubr:2303:224:10:isp-specific-descr) specified in the aaa connect-info command and copies it to Attribute 77. If the aaa connect-info command is not configured on the subinterface, the router takes the class name (speed:ubr:2303:224:10) specified in the class-vc command and copies it to Attribute 77.
For PVC 10/43, the router takes the class name (speed:ubr:2303:224:10) specified in the class-vc command and copies it to Attribute 77.
How to Verify the Connect-Info RADIUS Attribute 77
The following task describes how to verify the Connect-Info RADIUS Attribute 77.
•Verifying the Connect-Info RADIUS Attribute 77
Verifying the Connect-Info RADIUS Attribute 77
To verify attribute 77 in your accounting "start" and "stop" records, use the debug radius command in privileged EXEC mode.
SUMMARY STEPS
1. enable
2. debug radius
DETAILED STEPS
|
|
|
Step 1 |
enable
Router> enable |
Enables privileged EXEC mode. •Enter your password if prompted. |
Step 2 |
debug radius
Router# debug radius |
Displays information associated with RADIUS. |
Examples
The following example shows the Connect-Info [77] accounting attributes:
Sep 8 21:53:05.242: RADIUS/ENCODE(00007D34):Orig. component type = PPPoE
Sep 8 21:53:05.242: RADIUS: AAA Unsupported Attr: interface [208] 10
Sep 8 21:53:05.242: RADIUS: 30 2F 31 2F 30 2F 39 2E [ 0/1/0/9.]
Sep 8 21:53:05.242: RADIUS: AAA Unsupported Attr: client-mac-address[45] 14
Sep 8 21:53:05.242: RADIUS: 30 30 30 30 2E 63 30 30 31 2E 30 31 [ 0000.c001.01]
Sep 8 21:53:05.242: RADIUS(00007D34): Config NAS IP: 0.0.0.0
Sep 8 21:53:05.242: RADIUS/ENCODE(00007D34): acct_session_id: 32042
Sep 8 21:53:05.242: RADIUS(00007D34): sending
Sep 8 21:53:05.242: RADIUS/ENCODE: Best Local IP-Address 10.3.8.2 for Radius-Server
10.3.1.107
Sep 8 21:53:05.242: RADIUS(00007D34): Send Access-Request to 10.3.1.107:1645 id 1645/1,
len 116
Sep 8 21:53:05.242: RADIUS: authenticator FC 82 50 DB 65 8F 21 A9 - F3 0A A8 09 29 E5 56
65
Sep 8 21:53:05.242: RADIUS: Framed-Protocol [7] 6 PPP [1]
Sep 8 21:53:05.242: RADIUS: User-Name [1] 8 ''user1''
Sep 8 21:53:05.242: RADIUS: User-Password [2] 18 *
Sep 8 21:53:05.242: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
Sep 8 21:53:05.242: RADIUS: NAS-Port [5] 6 0
Sep 8 21:53:05.242: RADIUS: NAS-Port-Id [87] 12 ''0/1/0/9.32''
Sep 8 21:53:05.242: RADIUS: Connect-Info [77] 28 ''speed:ubr:3456:448:10/0000''
Sep 8 21:53:05.242: RADIUS: Service-Type [6] 6 Framed [2]
Sep 8 21:53:05.242: RADIUS: NAS-IP-Address [4] 6 10.3.8.2
Sep 8 21:53:05.242: RADIUS(00007D34): Started 5 sec timeout
Sep 8 21:53:05.244: RADIUS: Received from id 1645/1 10.3.1.107:1645, Access-Accept, len 32
Sep 8 21:53:05.244: RADIUS: authenticator 9A F1 29 01 66 53 17 CB - 73 FB 1B CE 7D 80 04
F2
Sep 8 21:53:05.244: RADIUS: Service-Type [6] 6 Framed [2]
Sep 8 21:53:05.244: RADIUS: Framed-Protocol [7] 6 PPP [1]
Sep 8 21:53:05.244: RADIUS(00007D34): Received from id 1645/1
Sep 8 21:53:05.248: RADIUS/ENCODE(00007D34):Orig. component type = PPPoE
Sep 8 21:53:05.248: RADIUS(00007D34): Config NAS IP: 0.0.0.0
Sep 8 21:53:05.248: RADIUS(00007D34): sending
Sep 8 21:53:05.248: RADIUS/ENCODE: Best Local IP-Address 10.3.8.2 for Radius-Server
5.3.1.107
Sep 8 21:53:05.248: RADIUS(00007D34): Send Accounting-Request to 10.3.1.107:1646 id
1646/3, len 126
Sep 8 21:53:05.248: RADIUS: authenticator 71 6E 73 9B FD 7E 82 81 - 10 2A CD 83 A8 BD D2
F0
Sep 8 21:53:05.248: RADIUS: Acct-Session-Id [44] 10 ''00007D2A''
Sep 8 21:53:05.248: RADIUS: Framed-Protocol [7] 6 PPP [1]
Sep 8 21:53:05.248: RADIUS: User-Name [1] 8 ''user1''
Sep 8 21:53:05.248: RADIUS: Acct-Authentic [45] 6 RADIUS [1]
Sep 8 21:53:05.248: RADIUS: Acct-Status-Type [40] 6 Start [1]
Sep 8 21:53:05.248: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
Sep 8 21:53:05.248: RADIUS: NAS-Port [5] 6 0
Sep 8 21:53:05.248: RADIUS: NAS-Port-Id [87] 12 ''0/1/0/9.32''
Sep 8 21:53:05.248: RADIUS: Connect-Info [77] 28 ''speed:ubr:3456:448:10/0000
Additional References
The following sections provide references related to the Connect-Info RADIUS Attribute 77 feature.
Related Documents
Standards
|
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. |
— |
MIBs
|
|
No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs |
RFCs
Technical Assistance
|
|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
http://www.cisco.com/techsupport |
Feature Information for Connect-Info RADIUS Attribute 77
Table 1 lists the release history for this feature.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS XE software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for Connect-Info RADIUS Attribute 77
|
|
|
Connect-Info RADIUS Attribute 77 |
Cisco IOS XE Release 2.1 |
The Connect-Info RADIUS Attribute 77 feature enables the network access server (NAS) to report Connect-Info (attribute 77) in RADIUS accounting "start" and "stop" records that are sent to the RADIUS client (dial-in modem). These "start" and "stop" records allow the transmit and receive connection speeds, modulation, and compression to be compared in order to analyze a user session over a dial-in modem where speeds are often different at the end of the connection (after negotiation). In Cisco IOS XE Release 2.1, this feature was introduced on the Cisco ASR 1000 series routers. |
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2002-2009 Cisco Systems, Inc. All rights reserved.