|
|
Table Of Contents
RADIUS Accounting Start/Interim/Stop
About the RADIUS Listener LEG
This module describes the Subscriber Manager RADIUS Listener LEG software module and the terms and concepts used in this guide.
•
About the RADIUS Listener LEG
About the RADIUS Listener LEG
The RADIUS Listener LEG is a software module that receives RADIUS Accounting messages, and according to their content, invokes logon operations to the Subscriber Manager (SM). The RADIUS Listener LEG is an extension to the SM software and runs concurrently with the SM.
When the RADIUS Listener LEG receives an Accounting-Start message, it extracts the subscriber ID, the subscriber IP-address, and optionally, the subscriber package index from the message attributes, and triggers a login operation to the SM. In the same manner, Accounting-Interim-Update triggers a login operation, and the Accounting-Stop message triggers a logout operation.
The RADIUS Listener LEG was carefully developed and thoroughly tested with several RADIUS AAA servers and NAS devices.
Terms and Concepts
The following is a list of some terms and concepts that are necessary to understand the RADIUS Listener and SM configuration and operation. Additional information regarding the various issues can be found in the Cisco SCMS Subscriber Manager User Guide .
•
NAS (Network Access System)
A network device that serves as an access point for a remote user. It initiates RADIUS transactions to the RADIUS server to authenticate a remote user.
The RADIUS Listener LEG refers to all of its RADIUS clients as NAS devices, even though they might be RADIUS servers acting as a proxy or forwarding messages.
RADIUS Accounting Start/Interim/Stop
The RADIUS Accounting messages must hold an attribute called Acct-Status-Type . This attribute can receive the value of start, interim-update, stop, or other RADIUS Accounting messages. An Accounting-Start message contains the Acct-Status-Type with the value start.
For additional information, see the relevant RADIUS RFC documentation.
Subscriber Mappings
The SCE platform requires mappings between the network IDs (IP addresses) of the flows it encounters and the subscriber IDs. The SM database contains the network IDs that map to the subscriber IDs. The SCE network-ID-to-subscriber mappings are constantly updated from the SM database.
The main function of the RADIUS Listener LEG is to provide the SM with network-ID-to-subscriber mappings in real time.
For information about the SCE platforms, see the Cisco SCE 1000 2xGBE Installation and Configuration Guide and the Cisco SCE 2000 4xGBE Installation and Configuration Guide .
Subscriber Domain
The SM provides the option of partitioning SCE platforms and subscribers into subscriber domains. A subscriber domain is a group of SCE platforms that share a group of subscribers. Subscriber domains can be configured using the SM configuration file and can be viewed using the SM CLU.
For additional information about domains and domain aliases, see the "Configuration File Options" module of the Cisco SCMS Subscriber Manager User Guide .
Subscriber Package
A subscriber policy package usually defines the policy enforced by Cisco SCMS solutions on each subscriber. The RADIUS Listener LEG can handle the package ID in any of the following ways:
•
•
•
For additional information, see Mapping of RADIUS Attribute to Subscriber Package, page 3-3, and the Cisco Service Control Application for Broadband (SCA BB) User Guide .
Topologies
The following diagram illustrates a topology in which a RADIUS server/proxy forwards or proxies the RADIUS Accounting messages to the RADIUS Listener LEG.
Figure 1-1 Example of Radius Server Forwarding Radius Accounting Messages to Radius Listener LEG
The following diagram illustrates a topology in which the NAS performs authentication with the RADIUS server, and sends RADIUS Accounting messages to the RADIUS Listener LEG and, optionally, to the RADIUS server.
Figure 1-2 Example of NAS Sending Radius Accounting Messages to both the Radius Listener LEG and the Radius Server
Posted: Mon Jan 21 23:29:30 PST 2008
All contents are Copyright © 1992--2008 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
