[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fixes Issue: Interim-Accounting-Interval and Local Configuration

To: radiusext@ops.ietf.org
Subject: Fixes Issue: Interim-Accounting-Interval and Local Configuration
From: Bernard Aboba <aboba@internaut.com>
Date: Thu, 14 Jul 2005 10:05:32 -0700 (PDT)

Sai --

The Interim Accounting Interval is often set in order to ensure against
loss of income by billing systems.  So I can understand why there is
concern if an Interim-Accounting-Interval attribute sent by a RADIUS
server would be ignored by the NAS.

Although I do not recall the conversations that lead to this paragraph
being inserted, I think the concern may relate to inappropriately small
values being sent by a RADIUS server.  For example, if the implementation
has a setting for "minimum Interim-Accounting-Interval" then I would say
that this should not be overridden by a smaller value, but could be
overridden by a larger one.

However, if the nature of the implementation setting is "use value X by
default, but allow the RADIUS server to override it" I don't understand
why that should be prohibited.

--------------------------------------------------------------------------------
From: Saikrishnan [mailto:saig@cisco.com]
Sent: Thu 7/14/2005 9:47 AM
To: cdr@telemancy.com; ward@cyno.com; Glen Zorn
Cc: dnelson@enterasys.com; Bernard Aboba
Subject: RFC 2869 and draft-aboba-radext-fixes-00.txt

Hi,

In section 2.1 of RFC 2869, it is mentioned that the interim-accounting-interval
coming from the RADIUS server is superceded by the local config on the
NAS.

Pl. find below the snippet.

-----

 2.1.  RADIUS support for Interim Accounting Updates

   When a user is authenticated, a RADIUS server issues an Access-Accept
   in response to a successful Access-Request. If the server wishes to
   receive interim accounting messages for the given user it must
   include the Acct-Interim-Interval RADIUS attribute in the message,
   which indicates the interval in seconds between interim messages.

   It is also possible to statically configure an interim value on the
   NAS itself. Note that a locally configured value on the NAS MUST
   override the value found in an Access-Accept.

----

But in terms of priority it makes more sense for the finer granularity
config overriding the global config. For instance, if you want to apply
an umbrella policy that all the sessions are done periodic accounting every
30 mins but for Jane's session, we need to do periodic accounting every
45 mins, the only way for provisioning this is by adding 45' to Jane's
user profile.

But the RFC MUSTs it out. I am copying the authors for clarification.

Please note that in all the other attributes in Cisco IOS, the PER-USER
attribute (the attribute defined in the user profile) overrides what is
configured globally on the box. At minimum, this should be left for
implementation. Pl. let me know if I am missing something.

Thanks and Warm regards
sai.




--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: Fixes Issue: Interim-Accounting-Interval and Local Configuration
  - From: Barney Wolff <barney@databus.com>

Prev by Date: Issue: WGLC comments about NAS/QoS-Filter-Rule
Next by Date: Re: Fixes Issue: Interim-Accounting-Interval and Local Configuration
Previous by thread: Issue: WGLC comments about NAS/QoS-Filter-Rule
Next by thread: Re: Fixes Issue: Interim-Accounting-Interval and Local Configuration
Index(es):
- Date
- Thread