RADIUS Accounting Extensions for Traffic Statistics
draft-yeh-radext-ext-traffic-statistics-02
The information below is for an old version of the document.
| Document | Type | Active Internet-Draft (individual) | |
|---|---|---|---|
| Author | Leaf Yeh | ||
| Last updated | 2012-03-05 | ||
| Stream | (None) | ||
| Formats | plain text htmlized pdfized bibtex | ||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-yeh-radext-ext-traffic-statistics-02
Radext Working Group L. Yeh, Ed.
Internet-Draft Huawei Technologies
Intended status: Standards Track March 5, 2012
Expires: September 6, 2012
RADIUS Accounting Extensions for Traffic Statistics
draft-yeh-radext-ext-traffic-statistics-02
Abstract
This document specifies the RADIUS extensions of attributes for the
traffic statistics with different type, which can be used to support
the differentiated accounting policies and traffic recording on the
AAA server.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 6, 2012.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Yeh Expires September 6, 2012 [Page 1]
Internet-Draft RADIUS Accounting Extensions March 2012
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology and Language . . . . . . . . . . . . . . . . . . . 4
3. Deployment Scenarios . . . . . . . . . . . . . . . . . . . . . 4
4. Acct-Traffic-Statistics attribute . . . . . . . . . . . . . . 4
4.1. Container attribute of Acct-Traffic-Statistics . . . . . . 5
4.2. Contained attribute of Acct-Traffic-Statistics . . . . . . 6
4.2.1. Acct-Traffic-Statistics.Traffic-Type . . . . . . . . . 6
4.2.2. Acct-Traffic-Statistics.Input-Octets . . . . . . . . . 7
4.2.3. Acct-Traffic-Statistics.Output-Octets . . . . . . . . 7
4.2.4. Acct-Traffic-Statistics.Input-Packets . . . . . . . . 8
4.2.5. Acct-Traffic-Statistics.Output-Packets . . . . . . . . 9
5. Table of Attribute . . . . . . . . . . . . . . . . . . . . . . 10
6. Diameter Considerations . . . . . . . . . . . . . . . . . . . 10
7. Security Considerations . . . . . . . . . . . . . . . . . . . 10
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
10.1. Normative References . . . . . . . . . . . . . . . . . . . 11
10.2. Informative References . . . . . . . . . . . . . . . . . . 12
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 12
Yeh Expires September 6, 2012 [Page 2]
Internet-Draft RADIUS Accounting Extensions March 2012
1. Introduction
RADIUS has been widely used as the centralized authentication,
authorization and user management method for the service provision in
Broadband access network. [RFC3162], [RFC4818] and
[ietf-radext-ipv6-access-06] has specified some attributes to support
the service provision for IPv6 access. In the meantime, Radius is
also a protocol for carrying accounting information between a Network
Access Server and a shared accounting server. In the scenarios of
dual-stack or any other IPv6 transition use case, there is a demand
to report the separated IPv4 & IPv6 traffic statistics for the
differential accounting and traffic recording.
[BBF TR-187], whose purpose is to describe the network architecture
and elements requirements in the PPPoE scenario to support IPv6-only
or dual-stack for Internet access service, has explicitly expressed
this demand in its section 9.4. The BNG is required to support
separate queues and counters for IPv4 or IPv6 traffic, and the Radius
attributes of Acct-Input-Octets, Acct-Output-Octets, Acct-Input-
Packets, Acct-Output-Packets are recommended to use for the
combination traffic. New RADIUS attributes are required for the
reporting on the separated IPv4 or IPv6 traffic statistics. (Note
that BNG of BBF is a kind of broadband NAS of IETF.)
[draft-hu-v6ops-radius-issues-ipv6-00] presented the same issue on
'protocol specific accounting' for the dual-stack traffic statistics,
but it also limits to the PPP case.
[draft-maglione-radext-ipv6-acct-extensions-01] and
[draft-yeh-radext-dual-stack-access-02] tried to defined a batch of
attributes on the traffic statistics respectively for the IPv6-only
access and dual-stack access in the traditional flat mode, while
[draft-winter-radext-fancyaccounting-00] indicated that the
accounting attributes of Input-Octets, Output-Octets, Input-Packets
and Output-Packets can be grouped in the new basic and standardizing
data type of nesting-TLV for the extended type defined in
[draft-ietf-radext-radius-extensions-04]. Nesting-TLV is also a
recommended substitute of the data type for the potential attribute
design, which intends to employ multiple fields of a new complex data
type, in the section 6.3 of [draft-ietf-radext-radius-extensions-04].
Based on the judge on the quickly-exhausted standard type space, the
Radext Working Group tends to adopt the new data type of nesting-TLV
for the accounting report of the traffic statistics. (Note that some
text in this section might not be necessary after the draft turns to
be WG item.)
Yeh Expires September 6, 2012 [Page 3]
Internet-Draft RADIUS Accounting Extensions March 2012
2. Terminology and Language
This document describes some new RADIUS attributes and the associated
usage on NAS and AAA server. This document should be read in
conjunction with the relevant RADIUS specifications, including
[RFC2865], [RFC2866], [RFC2869], and
[draft-ietf-radext-radius-extensions-04], for a complete mechanism.
Definitions for terms and acronyms not specifically defined in this
document are defined in [RFC2865], [RFC2866], [RFC2869], [RFC3575],
[RFC6158], and [draft-ietf-radext-radius-extensions-04].
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in BCP 14, [RFC2119].
3. Deployment Scenarios
Figure 1 show the typical use case of the traffic statistics
reporting for the dual-stack users.
+----------+ +----------+ +----------+
| Host / | PPPoE | | RADIUS | AAA |
| Customer | ------------ | NAS | ------------ | Server |
| Router | IPoE | | Accounting | |
+----------+ +----------+ +----------+
Dual-Stack Separated queues and counter
for IPv4 and IPv6 traffic
Figure 1: Traffic Statistics of Dual-Stack Users for RADIUS
Accounting
Note that traffic statistics reporting is also needed in the IPv6
transition cases, such as DS-Lite, 6rd or the potential MAP, where
AFTR (Address Family Transition Router) or BR (Border Router) acts as
the broadband NAS.
4. Acct-Traffic-Statistics attribute
The attribute of Acct-traffic-statistics is designed according to the
guidelines described in [RFC6158] and section 6 of
[draft-ietf-radext-radius-extensions-04]. It adopts the data
structure of the newly defined nesting TLV, has 1 container
attribute, Acct-Traffic-Statistics, and 5 contained sub-attributes,
Traffic-Type, Input-Octets, Output-Octets, Input-Packets, Output-
Packets, to support the extensible types of traffic statistics. The
sub-attribute of Acct-Traffic-Statistics.Traffic-Type, must be
Yeh Expires September 6, 2012 [Page 4]
Internet-Draft RADIUS Accounting Extensions March 2012
included in the container attribute; one or more of the other 4 sub-
attributes much be included in the container attribute; Because sub-
attribute has its own type code, the appearance of the contained sub-
attribute in the container attribute is not necessary in order.
4.1. Container attribute of Acct-Traffic-Statistics
Description
The attribute of Acct-Traffic-Statistics, which includes sub-
attributes of Traffic-Type and Input-Octets, Output-Octets, Input-
Packets or Output-Packets, reports how many octets or packets of
the traffic class specified in the sub-attributes of Acct-Traffic-
Statistics.Traffic-Type, from the user or sent to the user, from
the starting of the associated service provided. Acct-traffic-
statistics can be present in Accounting-Request(4) message while
the Acct-Status-Type(40) is set to Interim-Update or Stop.
A summary of the Acct-Traffic-Statistics attribute format is shown as
below. The fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Extended-Type | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.)...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
Supposed to be 241, which indicates the extended type space.
Length
19, 29 or 49, depend on 2, 3 or 5 sub-attributes contained.
Extended-Type
TBA for Acct-Traffic-Statistics (by IANA)
Value
The Value of the container attribute are the sub-attributes in TLV
mode. At least the sub-attribute of Traffic-Type, and one of the
other 4 sub-attributes, Input-Octets, Output-Octets, Input-
Packets, Output-Packets should be included.
Yeh Expires September 6, 2012 [Page 5]
Internet-Draft RADIUS Accounting Extensions March 2012
4.2. Contained attribute of Acct-Traffic-Statistics
4.2.1. Acct-Traffic-Statistics.Traffic-Type
Description
The sub-attribute of Acct-Traffic-Statistics.Traffic-Type
indicates the type of the separated and combined traffic of IPv4
and IPv6. (Note that [draft-winter-radext-fancyaccounting-00]
intended to cover 'its DSCP'.)
A summary of the Acct-Traffic-Statistics.Traffic-Type attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.1 for Acct-Traffic-Statistics.Traffic-Type (by IANA)
Length
6
Value
Enumerated Data Type in 4-Octet unsigned integer defined in
[RFC6158]. The beginning 3 Octets are reserved for future usage,
and are set to Ox00. The decimal value are as follows:
0 the combined traffic of IPv4 and IPv6
1 the separated traffic of IPv4
2 the separated traffic of IPv6
Discussion 1: If the Traffic-Type intends to cover the separated
or combined IPv4 and IPv6 traffic type, and its
DSCP(Differentiated Services Code Point), then the beginning 6
bits of the last octet (as per RFC2474) might be used for the
DSCP. Or let the traffic class based on DSCP be determined in the
Yeh Expires September 6, 2012 [Page 6]
Internet-Draft RADIUS Accounting Extensions March 2012
future.
Discussion 2: Is it a good idea to use the bits in this field to
cover the change with Input/Output and Octets/Packets?
4.2.2. Acct-Traffic-Statistics.Input-Octets
Description
This attribute indicates how many octets in IP layer have been
received from the user from the starting of the service
authorized. (Note that IP layer is explicit here because is
definitely related to the service.)
A summary of the Acct-Traffic-Statistics.Input-Octets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.2 for Acct-Traffic-Statistics.Input-Octets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-04].
4.2.3. Acct-Traffic-Statistics.Output-Octets
Description
This attribute indicates how many octets in IP layer sent to the
user from the starting of the service authorized.
Yeh Expires September 6, 2012 [Page 7]
Internet-Draft RADIUS Accounting Extensions March 2012
A summary of the Acct-Traffic-Statistics.Output-Octets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.3 for Acct-Traffic-Statistics.Output-Octets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-04].
4.2.4. Acct-Traffic-Statistics.Input-Packets
Description
This attribute indicates how many packets in IP layer received
from the user from the starting of the service authorized.
A summary of the Acct-Traffic-Statistics.Input-Packets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Yeh Expires September 6, 2012 [Page 8]
Internet-Draft RADIUS Accounting Extensions March 2012
Type
TBA.4 for Acct-Traffic-Statistics.Input-Packets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-04].
4.2.5. Acct-Traffic-Statistics.Output-Packets
Description
This attribute indicates how many packets in IP layer sent to the
user from the starting of the service authorized.
A summary of the Acct-Traffic-Statistics.Output-Packets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.5 for Acct-Traffic-Statistics.Output-Packets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-04].
Yeh Expires September 6, 2012 [Page 9]
Internet-Draft RADIUS Accounting Extensions March 2012
5. Table of Attribute
The following table provides a guide to which attributes may be found
in which kinds of packets, and in what quantity.
Req- Acc- Rej- Chall Accounting # Attribute
uest ept ect -enge Request
0 0 0 0 0-1 TBA Acct-Traffic-Statistics
The meaning of the above table entries is as follows:
0 This attribute MUST NOT be present.
0+ Zero or more instances of this attribute MAY be present.
0-1 Zero or one instance of this attribute MAY be present.
1 Exactly one instance of this attribute MUST be present.
1+ One or more of these attributes MUST be present.
6. Diameter Considerations
Given that the Attributes defined in this document are allocated from
the RADIUS type space, no special handling is required by Diameter
entities.
7. Security Considerations
Known security vulnerabilities of the RADIUS protocol may apply to
its attributes. Security issues related RADIUS are described in
section 8 of [RFC2865], section 5 of [RFC3162].
8. IANA Considerations
IANA is requested to assign 1 new attribute type code and 5 type
codes for its sub-attributes in the extended type space of "Radius
Types" registry
(http://www.iana.org/assignments/radius-types/radius-types.xml) for
the following attributes:
Acct-Traffic-Statistics
Acct-Traffic-Statistics.Traffic-Type
Acct-Traffic-Statistics.Input-Octets
Acct-Traffic-Statistics.Output-Octets
Acct-Traffic-Statistics.Input-Packets
Acct-Traffic-Statistics.Output-Packets
IANA should allocate these codes from the standardized extended type
Yeh Expires September 6, 2012 [Page 10]
Internet-Draft RADIUS Accounting Extensions March 2012
space of the RADIUS attributes using the "IETF Review" policy
[RFC5226].
9. Acknowledgements
The authors would like to thank Roberta Maglione, Jie Hu for their
efforts in the history to bring this problem to IETF, and Alan DeKok,
Peter Deacon for their valuable discussion and comments on the RADIUS
solution for this problem.
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000.
[RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[RFC2869] Rigney, C., Willats, W., and P. Calhoun, "RADIUS
Extensions", RFC 2869, June 2000.
[RFC3162] Aboba, B., Zorn, G., and D. Mitton, "RADIUS and IPv6",
RFC 3162, August 2001.
[RFC3575] Aboba, B., "IANA Considerations for RADIUS (Remote
Authentication Dial In User Service)", RFC 3575,
July 2003.
[RFC4818] Salowey, J. and R. Droms, "RADIUS Delegated-IPv6-Prefix
Attribute", RFC 4818, April 2007.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
[draft-ietf-radext-radius-extensions-04]
DeKok, A. and A. Lior, "Remote Authentication Dial In User
Service (RADIUS) Protocol Extensions", Oct 2011.
Yeh Expires September 6, 2012 [Page 11]
Internet-Draft RADIUS Accounting Extensions March 2012
10.2. Informative References
[BBF TR-187]
Broadband Forum, "IPv6 for PPP Broadband Access, Issue 1",
May 2010.
[RFC6158] DeKok, A. and G. Weber, "RADIUS Design Guidelines",
BCP 158, RFC 6158, March 2011.
[draft-hu-v6ops-radius-issues-ipv6-00]
Hu, J., Yan, L., Wang, Q., and J. Qin, "RADIUS issues in
IPv6 deployments", February 2011.
[draft-maglione-radext-ipv6-acct-extensions-01]
Maglione, R., Krishnan, S., Kavanagh, A., Varga, B., and
J. Kaippallimalil, "RADIUS Accounting Extensions for
IPv6", January 2011.
[draft-winter-radext-fancyaccounting-00]
Winter, S., "RADIUS Accounting for traffic classes",
March 2011.
[draft-yeh-radext-dual-stack-access-02]
Yeh, L. and T. Tsou, "RADIUS Attributes for Dual Stack
Access", March 2011.
[ietf-radext-ipv6-access-06]
Lourdelet, B., Dec, W., Sarikaya, B., Zorn, G., and D.
Miles, "RADIUS attributes for IPv6 Access Networks",
July 2011.
Author's Address
Leaf Y. Yeh (editor)
Huawei Technologies
Shenzhen
P. R. China
Phone: +86-755-28978851
Email: leaf.y.yeh@huawei.com
Yeh Expires September 6, 2012 [Page 12]