|
|
RADIUS Virtual Circuit (VC) Logging allows the Cisco 6400 Universal Access Concentrator to accurately record the virtual path interface (VPI) and virtual circuit interface (VCI) of an incoming subscriber session.
With RADIUS VC Logging enabled, the RADIUS network access server (NAS) port field is extended and modified to carry VPI/VCI information. This information is logged in the RADIUS accounting record that was created at session startup.
The VPI/VCI of an incoming permanent virtual circuit (PVC) is recorded at the point of entry on the Cisco 6400 node switch processor (NSP), offering the RADIUS client a unique VPI/VCI for each incoming PVC.
Both PPPoE and PPPoA support RADIUS VC Logging in Cisco IOS Release 12.1(1)DC and later. In earlier releases, only PPPoA supports RADIUS VC Logging.
To use the RADIUS VC Logging feature on the Cisco 6400 NRP and the Combined Network Management Ethernet (NME) Interface feature on the Cisco 6400 system, the Cisco 6400 NSP must be running Cisco IOS Release 12.1(3)DB or later. See CSCdr81919 for more information.
RADIUS VC Logging is supported on the Cisco 6400.
None
None
Perform the following tasks to configure RADIUS VC logging:
The NAS-IP-Address field in the RADIUS accounting packet contains the IP address of the Network Management Ethernet (NME) port on the NSP, even if the NME is shutdown.
On an NSP that is pre-loaded with the Cisco IOS Release 12.0(5)DB or newer software image, the combined NME interface is included in the default configuration. If your NRP does not use a DHCP server to obtain an IP address, you must configure a static IP address. To configure a static combined NME IP address, enter the following commands beginning in global configuration mode:
| Command | Purpose |
|---|---|
Switch(config)# interface BVI1 | Selects the combined NME interface. |
Switch(config-if)# ip address address subnet | Configures a static IP and subnetwork address. |
Instead of the combined NME interface, you can choose to use the Ethernet port as a separate NME interface. To configure the NME IP address, enter the following commands beginning in global configuration mode:
| Command | Purpose |
|---|---|
Switch(config)# interface ethernet 0/0/0 | Selects the NME interface. |
Switch(config-if)# ip address address subnet or Switch(config-if)# ip address negotiated | Configures a static IP and subnetwork address.
Allows the interface to obtain an IP address, subnet mask, router address, and static routes from a DHCP server. |
To verify the NME IP address, enter the show interface bvi1 or show interface e0/0/0 EXEC command on the NSP. Check the Internet address statement (indicated with an arrow).
Switch# show interface bvi1 BVI1 is up, line protocol is up Hardware is BVI, address is 0010.7ba9.c783 (bia 0000.0000.0000)
Internet address is 10.1.1.33/16 MTU 1500 bytes, BW 10000 Kbit, DLY 5000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type:ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Queueing strategy:fifo Output queue 0/0, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1540 packets input, 302775 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 545 packets output, 35694 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out Switch#
To enable RADIUS VC logging on the Cisco 6400 NRP, enter the following command in global configuration mode:
| Command | Purpose |
|---|---|
Router(config)# radius-server attribute nas-port format d | Selects the ATM VC extended format for the NAS port field. |
To verify RADIUS VC Logging on the RADIUS server, examine a RADIUS accounting packet. If RADIUS VC logging is enabled on the Cisco 6400, the RADIUS accounting packet will appear similar to the following example:
Wed Jun 16 13:57:31 1999 NAS-IP-Address = 192.168.100.192
NAS-Port = 268566560 NAS-Port-Type = Virtual User-Name = "cisco" Acct-Status-Type = Start Service-Type = Framed
Acct-Session-Id = "1/0/0/2.32_00000009" Framed-Protocol = PPP Framed-IP-Address = 172.16.7.254 Acct-Delay-Time = 0
The NAS-Port line shows that RADIUS VC logging is enabled. If this line does not appear in the display, then RADIUS VC logging is not enabled on the Cisco 6400.
The Acct-Session-Id line should also identify the incoming NSP interface and VPI/VCI information, in this format:
Acct-Session-Id = "slot/subslot/port/VPI.VCI_acct-session-id"
In the following example, a RADIUS server is identified, and the NAS port field is set to ATM VC Extended format:
radius-server host 10.31.5.96 auth-port 1645 acct-port 1646 radius-server attribute nas-port format d
This section documents the new command that configures the RADIUS VC Logging feature.
To select the NAS port format used for RADIUS accounting features, use the radius-server attribute nas-port format global configuration command. To restore the default NAS port format, use the no form of this command.
[no] radius-server attribute nas-port format format
format | Choose one of the following keywords: a---Standard NAS port format. b---Extended NAS port format. c---Shelf-slot NAS port format. d---ATM VC extended NAS port format. |
Standard NAS port format.
EXEC
| Release | Modification |
|---|---|
11.3(7)T | This command was first introduced. |
11.3(9)DB and 12.0(5)DC | The d format was added for the Cisco 6400 NRP. |
This command replaces the deprecated radius-server attribute nas-port extended command.
The radius-server attribute nas-port format command configures RADIUS to change the size and format of the NAS port attribute field (RADIUS IETF Attribute 5).
The following example selects the ATM VC extended NAS port format, used for RADIUS VC Logging:
radius-server attribute nas-port format d
| Command | Description |
radius-server host non-standard | Specifies a vendor-proprietary RADIUS server host |
NAS---network access server.
NME---Network Management Ethernet. The local area network used to control and manage equipment in a Central Office and branch locations. The NME connection on the Cisco 6400 is an RJ-45 connector for a 10BaseT port on the NSP module.
NSP---node switch processor. A component module responsible for all ATM switching and control functions within the Cisco 6400.
PPP---Point-to-Point Protocol. A protocol that encapsulates network layer protocol information over point-to-point links. PPP is defined in RFC 1661.
PPPoA---PPP over ATM
PPPoE---PPP over Ethernet
PVC---permanent virtual circuit. Virtual circuit that is permanently established. PVCs save bandwidth associated with circuit establishment and tear down in situations where certain virtual circuits must exist all the time.
RADIUS---Remote Access Dial-In User Service. Database for authenticating modem and ISDN connections and for tracking connection time.
VC---virtual circuit. Logical circuit created to ensure reliable communication between two network devices. A virtual circuit is defined by a VPI/VCI pair, and can be either permanent (PVC) or switched (SVC).
VCI---virtual channel identifier. 16-bit field in the header of an ATM cell. The VCI, together with the VPI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination.
VPI---virtual path identifier. Eight-bit field in the header of an ATM cell. The VPI, together with the VCI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination.
Posted: Thu Jul 20 09:49:08 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.
