RADIUS Accounting Extensions for Traffic Statistics
draft-yeh-radext-ext-traffic-statistics-03
The information below is for an old version of the document.
| Document | Type | Active Internet-Draft (individual) | |
|---|---|---|---|
| Author | Leaf Yeh | ||
| Last updated | 2012-07-08 | ||
| Stream | (None) | ||
| Formats | plain text xml htmlized pdfized bibtex | ||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-yeh-radext-ext-traffic-statistics-03
Radext Working Group L. Yeh
Internet-Draft Huawei Technologies
Intended status: Standards Track July 9, 2012
Expires: January 10, 2013
RADIUS Accounting Extensions for Traffic Statistics
draft-yeh-radext-ext-traffic-statistics-03
Abstract
This document specifies the RADIUS extensions of attributes for the
traffic statistics with different type, which can be used to support
the differentiated accounting policies and traffic recording on the
AAA server.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 10, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Yeh Expires January 10, 2013 [Page 1]
Internet-Draft RADIUS Accounting Extensions July 2012
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology and Conventions . . . . . . . . . . . . . . . . . 4
3. Deployment Scenarios . . . . . . . . . . . . . . . . . . . . . 4
4. Acct-Traffic-Statistics attribute . . . . . . . . . . . . . . 4
4.1. Container attribute of Acct-Traffic-Statistics . . . . . . 5
4.2. Contained attribute of Acct-Traffic-Statistics . . . . . . 6
4.2.1. Acct-Traffic-Statistics.Stack-Type . . . . . . . . . . 6
4.2.2. Acct-Traffic-Statistics.Input-Octets . . . . . . . . . 7
4.2.3. Acct-Traffic-Statistics.Output-Octets . . . . . . . . 7
4.2.4. Acct-Traffic-Statistics.Input-Packets . . . . . . . . 8
4.2.5. Acct-Traffic-Statistics.Output-Packets . . . . . . . . 9
4.2.6. Acct-Traffic-Statistics.DSCP-Type . . . . . . . . . . 10
5. Table of Attribute . . . . . . . . . . . . . . . . . . . . . . 10
6. Diameter Considerations . . . . . . . . . . . . . . . . . . . 11
7. Security Considerations . . . . . . . . . . . . . . . . . . . 11
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
10.1. Normative References . . . . . . . . . . . . . . . . . . . 12
10.2. Informative References . . . . . . . . . . . . . . . . . . 12
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 13
Yeh Expires January 10, 2013 [Page 2]
Internet-Draft RADIUS Accounting Extensions July 2012
1. Introduction
RADIUS has been widely used as the centralized authentication,
authorization and user management method for the service provision in
Broadband access network. [RFC3162], [RFC4818] and
[ietf-radext-ipv6-access-09] has specified some attributes to support
the service provision for IPv6 access. In the meantime, Radius is
also a protocol for carrying accounting information between a Network
Access Server and a shared accounting server. In the scenarios of
dual-stack or any other IPv6 transition use case, there is a demand
to report the separated IPv4 & IPv6 traffic statistics for the
differential accounting and traffic recording.
[BBF TR-187], whose purpose is to describe the network architecture
and elements requirements in the PPPoE scenario to support IPv6-only
or dual-stack for Internet access service, explicitly expressed this
demand in its section 9.4, that the BNG must also be able to support
separate queues, input and output counters for IPv4 or IPv6 traffic.
And it recommended to use the Radius attributes of Acct-Input-Octets
(42), Acct-Output-Octets (43), Acct-Input-Packets (47), Acct-Output-
Packets (48) for the combination of IPv6 and IPv4 traffic. Note that
BNG of BBF is a kind of broadband NAS of IETF. The new RADIUS
attributes for reporting the separated IPv4 or IPv6 traffic
statistics are required.
[draft-hu-v6ops-radius-issues-ipv6-00] presented the same issue on
'protocol specific accounting' for the dual-stack traffic statistics,
but it also limits to the PPP case.
[draft-maglione-radext-ipv6-acct-extensions-01] and
[draft-yeh-radext-dual-stack-access-02] tried to defined a batch of
attributes on the traffic statistics respectively for the IPv6-only
access and dual-stack access in the traditional type space with the
flat mode , while [draft-winter-radext-fancyaccounting-00] indicated
that the accounting attributes of Input-Octets, Output-Octets, Input-
Packets and Output-Packets can be grouped in the new basic data type
of TLV-nesting defined in the section 2.3 of
[draft-ietf-radext-radius-extensions-06] for the extended type space.
According to [RFC6158] and the section 6.3 of
[draft-ietf-radext-radius-extensions-06], Nesting-TLV is the only
recommendation for the new attribute design now, which intends to
employ multiple fields in the complex data type. Based on the judge
of the quickly-exhausted traditional type space, the Radext Working
Group tends to adopt the new data type of nesting-TLV defined for the
extended type space to report the traffic statistics for the
accounting extension.
Yeh Expires January 10, 2013 [Page 3]
Internet-Draft RADIUS Accounting Extensions July 2012
2. Terminology and Conventions
This document describes some new RADIUS attributes and the associated
usage on NAS and AAA server. This document should be read in
conjunction with the relevant RADIUS specifications, including
[RFC2865], [RFC2866], [RFC2869], and
[draft-ietf-radext-radius-extensions-06], for a complete mechanism.
Definitions for terms and acronyms not specifically defined in this
document are defined in [RFC2865], [RFC2866], [RFC2869], [RFC3575],
[RFC6158], and [draft-ietf-radext-radius-extensions-06].
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in BCP 14, [RFC2119].
3. Deployment Scenarios
Figure 1 show the typical use case of the traffic statistics
reporting for the dual-stack users.
+----------+ +----------+ +----------+
| Host / | PPPoE | | RADIUS | AAA |
| Customer | ------------ | NAS | ------------ | Server |
| Router | IPoE | | Accounting | |
+----------+ +----------+ +----------+
Dual-Stack Separated queues and counter
for IPv4 and IPv6 traffic
Figure 1: Traffic Statistics of Dual-Stack Users for RADIUS
Accounting
Note that traffic statistics reporting is also needed in the IPv6
transition cases, such as DS-Lite, 6rd or the potential MAP, where
AFTR (Address Family Transition Router) or BR (Border Router) acts as
the broadband NAS.
4. Acct-Traffic-Statistics attribute
The attribute of Acct-traffic-statistics is designed according to the
guidelines described in [RFC6158] and section 6 of
[draft-ietf-radext-radius-extensions-06]. It adopts the data
structure of the TLV nesting, has 1 container attribute, Acct-
Traffic-Statistics, and 6 contained sub-attributes, Stack-Type,
Input-Octets, Output-Octets, Input-Packets, Output-Packets, DSCP-Type
(Differentiated Services CodePoint) to support the extensible types
of traffic statistics. The sub-attribute of Stack-Type must be
Yeh Expires January 10, 2013 [Page 4]
Internet-Draft RADIUS Accounting Extensions July 2012
included in the container attribute; one or more of Input-Octets,
Output-Octets, Input-Packets or Output-Packets sub-attributes much be
also included; while the sub-attribute of DSCP-Type is optional for
the detailed specified traffic type in the container attribute.
Because each of the sub-attributes has its own type code, the
appearance of the contained sub-attributes is not necessary in a
fixed order.
4.1. Container attribute of Acct-Traffic-Statistics
Description
The container attribute of Acct-Traffic-Statistics, which includes
sub-attributes of Stack-Type, or DSCP-Type, and Input-Octets,
Output-Octets, Input-Packets or Output-Packets, reports how many
octets or packets of the specified traffic type, from the user or
sent to the user, from the starting of the associated service
provided. The sub-attributes of Stack-Type or DSCP-Type indicates
the specified traffic type. Acct-traffic-statistics can be
presented in Accounting-Request(4) message while the Acct-Status-
Type(40) is set to Interim-Update or Stop.
A summary of the Acct-Traffic-Statistics attribute format is shown
as below. The fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Extended-Type | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.)...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
241, which indicates the extended type space.
Length
The length of the whole attribute in octet.
Extended-Type
TBA for Acct-Traffic-Statistics (by IANA)
Value
Yeh Expires January 10, 2013 [Page 5]
Internet-Draft RADIUS Accounting Extensions July 2012
The Value of the container attribute are the sub-attributes
defined in section 4.2 in TLV nesting mode. At least the sub-
attribute of Stack-Type, and one of Input-Octets, Output-Octets,
Input-Packets or Output-Packets sub-attributes must be included.
4.2. Contained attribute of Acct-Traffic-Statistics
4.2.1. Acct-Traffic-Statistics.Stack-Type
Description
The sub-attribute of Acct-Traffic-Statistics.Stack-Type indicates
the type of the separated and combined traffic of IPv4 and IPv6.
A summary of the Acct-Traffic-Statistics.Stack-Type attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.1 for Acct-Traffic-Statistics.Stack-Type (by IANA)
Length
6
Value
Enumerated Data Type in 4-Octet unsigned integer defined in
[RFC6158]. The beginning 3 Octets are reserved for future use,
and are set to 0x00 now. The decimal value of the last octet is
defined as follows:
0 the combined traffic of IPv4 and IPv6
1 the separated traffic of IPv4
2 the separated traffic of IPv6
Yeh Expires January 10, 2013 [Page 6]
Internet-Draft RADIUS Accounting Extensions July 2012
4.2.2. Acct-Traffic-Statistics.Input-Octets
Description
This attribute indicates how many octets in IP layer have been
received from the user from the starting of the service
authorized. Note that IP layer is explicit here because this
accounting attribute is definitely related to the IP service.
A summary of the Acct-Traffic-Statistics.Input-Octets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.2 for Acct-Traffic-Statistics.Input-Octets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-06].
4.2.3. Acct-Traffic-Statistics.Output-Octets
Description
This attribute indicates how many octets in IP layer sent to the
user from the starting of the service authorized.
A summary of the Acct-Traffic-Statistics.Output-Octets attribute
format is shown as below. The fields are transmitted from left to
right.
Yeh Expires January 10, 2013 [Page 7]
Internet-Draft RADIUS Accounting Extensions July 2012
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.3 for Acct-Traffic-Statistics.Output-Octets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-06].
4.2.4. Acct-Traffic-Statistics.Input-Packets
Description
This attribute indicates how many packets in IP layer received
from the user from the starting of the service authorized.
A summary of the Acct-Traffic-Statistics.Input-Packets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
Yeh Expires January 10, 2013 [Page 8]
Internet-Draft RADIUS Accounting Extensions July 2012
TBA.4 for Acct-Traffic-Statistics.Input-Packets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-06].
4.2.5. Acct-Traffic-Statistics.Output-Packets
Description
This attribute indicates how many packets in IP layer sent to the
user from the starting of the service authorized.
A summary of the Acct-Traffic-Statistics.Output-Packets attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.5 for Acct-Traffic-Statistics.Output-Packets (by IANA)
Length
10
Value
Integer64 data type in 8-Octet unsigned integer defined in
[draft-ietf-radext-radius-extensions-06].
Yeh Expires January 10, 2013 [Page 9]
Internet-Draft RADIUS Accounting Extensions July 2012
4.2.6. Acct-Traffic-Statistics.DSCP-Type
Description
The sub-attribute of Acct-Traffic-Statistics.DSCP-Type indicates
the DSCP type of the separated or combined IPv4 and IPv6 traffic.
A summary of the Acct-Traffic-Statistics.DSCP-Type attribute
format is shown as below. The fields are transmitted from left to
right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
TBA.6 for Acct-Traffic-Statistics.DSCP-Type (by IANA)
Length
6
Value
Enumerated Data Type in 4-Octet unsigned integer defined in
[RFC6158]. The beginning 3 Octets are reserved for future use,
and are set to 0x00 now. The last 6 bits of the last octet is
used to contain the DSCP value as per [RFC2474]
5. Table of Attribute
The following table provides a guide to which attributes may be found
in which kinds of packets, and in what quantity.
Req- Acc- Rej- Chall Accounting # Attribute
uest ept ect -enge Request
0 0 0 0 0-1 TBA Acct-Traffic-Statistics
The meaning of the above table entries is as follows:
Yeh Expires January 10, 2013 [Page 10]
Internet-Draft RADIUS Accounting Extensions July 2012
0 This attribute MUST NOT be present.
0+ Zero or more instances of this attribute MAY be present.
0-1 Zero or one instance of this attribute MAY be present.
1 Exactly one instance of this attribute MUST be present.
1+ One or more of these attributes MUST be present.
6. Diameter Considerations
Given that the Attributes defined in this document are allocated from
the RADIUS extended type space, no special handling is required by
Diameter entities.
7. Security Considerations
Known security vulnerabilities of the RADIUS protocol may apply to
its attributes. Security issues related RADIUS are described in
section 8 of [RFC2865], section 5 of [RFC3162].
8. IANA Considerations
The authors of this document request to assign new Radius type codes
for Acct-Traffic-Statistics and its following sub-attributes.
Acct-Traffic-Statistics.Stack-Type
Acct-Traffic-Statistics.Input-Octets
Acct-Traffic-Statistics.Output-Octets
Acct-Traffic-Statistics.Input-Packets
Acct-Traffic-Statistics.Output-Packets
Acct-Traffic-Statistics.DSCP-Type
These type codes should be allocated from the RADIUS extended type
space based on section 10 of [draft-ietf-radext-radius-extensions-06]
and "IETF Review" policy [RFC5226].
9. Acknowledgements
Thanks to Roberta Maglione, Jie Hu for their efforts in the history
to bring this problem to IETF, Stefan Winter for his effort to
introduce TLV in the attribute design, and Alan DeKok, Peter Deacon
for their valuable comments in the mailing list of Radext.
10. References
Yeh Expires January 10, 2013 [Page 11]
Internet-Draft RADIUS Accounting Extensions July 2012
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black,
"Definition of the Differentiated Services Field (DS
Field) in the IPv4 and IPv6 Headers", RFC 2474,
December 1998.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000.
[RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[RFC2869] Rigney, C., Willats, W., and P. Calhoun, "RADIUS
Extensions", RFC 2869, June 2000.
[RFC3162] Aboba, B., Zorn, G., and D. Mitton, "RADIUS and IPv6",
RFC 3162, August 2001.
[RFC3575] Aboba, B., "IANA Considerations for RADIUS (Remote
Authentication Dial In User Service)", RFC 3575,
July 2003.
[RFC4818] Salowey, J. and R. Droms, "RADIUS Delegated-IPv6-Prefix
Attribute", RFC 4818, April 2007.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
[draft-ietf-radext-radius-extensions-06]
DeKok, A. and A. Lior, "Remote Authentication Dial In User
Service (RADIUS) Protocol Extensions", Apr. 2012.
10.2. Informative References
[BBF TR-187]
Broadband Forum, "IPv6 for PPP Broadband Access, Issue 1",
May 2010.
[RFC6158] DeKok, A. and G. Weber, "RADIUS Design Guidelines",
BCP 158, RFC 6158, March 2011.
[draft-hu-v6ops-radius-issues-ipv6-00]
Hu, J., Yan, L., Wang, Q., and J. Qin, "RADIUS issues in
Yeh Expires January 10, 2013 [Page 12]
Internet-Draft RADIUS Accounting Extensions July 2012
IPv6 deployments", February 2011.
[draft-maglione-radext-ipv6-acct-extensions-01]
Maglione, R., Krishnan, S., Kavanagh, A., Varga, B., and
J. Kaippallimalil, "RADIUS Accounting Extensions for
IPv6", January 2011.
[draft-winter-radext-fancyaccounting-00]
Winter, S., "RADIUS Accounting for traffic classes",
March 2011.
[draft-yeh-radext-dual-stack-access-02]
Yeh, L. and T. Tsou, "RADIUS Attributes for Dual Stack
Access", March 2011.
[ietf-radext-ipv6-access-09]
Lourdelet, B., Dec, W., Sarikaya, B., Zorn, G., and D.
Miles, "RADIUS attributes for IPv6 Access Networks",
May 2012.
Author's Address
Leaf Y. Yeh
Huawei Technologies
Shenzhen
P. R. China
Email: leaf.y.yeh@huawei.com
Yeh Expires January 10, 2013 [Page 13]