RADIUS Accounting
RFC 2139
Document | Type |
RFC - Informational
(April 1997; No errata)
Obsoleted by RFC 2866
Obsoletes RFC 2059
|
|
---|---|---|---|
Author | Carl Rigney | ||
Last updated | 2013-03-02 | ||
Stream | Legacy | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 2139 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group C. Rigney Request for Comments: 2139 Livingston Obsoletes: 2059 April 1997 Category: Informational RADIUS Accounting Status of this Memo This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Abstract This document describes a protocol for carrying accounting information between a Network Access Server and a shared Accounting Server. Implementation Note This memo documents the RADIUS Accounting protocol. There has been some confusion in the assignment of port numbers for this protocol. The early deployment of RADIUS Accounting was done using the erroneously chosen port number 1646, which conflicts with the "sa- msg-port" service. The officially assigned port number for RADIUS Accounting is 1813. Table of Contents 1. Introduction .......................................... 2 1.1 Specification of Requirements ................... 3 1.2 Terminology ..................................... 3 2. Operation ............................................. 4 3. Packet Format ......................................... 5 4. Packet Types .......................................... 7 4.1 Accounting-Request .............................. 7 4.2 Accounting-Response ............................. 8 5. Attributes ............................................ 10 5.1 Acct-Status-Type ................................ 11 5.2 Acct-Delay-Time ................................. 12 5.3 Acct-Input-Octets ............................... 13 5.4 Acct-Output-Octets .............................. 14 5.5 Acct-Session-Id ................................. 14 5.6 Acct-Authentic .................................. 15 5.7 Acct-Session-Time ............................... 16 5.8 Acct-Input-Packets .............................. 16 Rigney Informational [Page 1] RFC 2139 RADIUS Accounting April 1997 5.9 Acct-Output-Packets ............................. 17 5.10 Acct-Terminate-Cause ............................ 18 5.11 Acct-Multi-Session-Id ........................... 20 5.12 Acct-Link-Count ................................. 21 5.13 Table of Attributes ............................. 22 Security Considerations ...................................... 24 References ................................................... 24 Acknowledgements ............................................. 24 Chair's Address .............................................. 24 Author's Address ............................................. 25 1. Introduction Managing dispersed serial line and modem pools for large numbers of users can create the need for significant administrative support. Since modem pools are by definition a link to the outside world, they require careful attention to security, authorization and accounting. This can be best achieved by managing a single "database" of users, which allows for authentication (verifying user name and password) as well as configuration information detailing the type of service to deliver to the user (for example, SLIP, PPP, telnet, rlogin). The RADIUS (Remote Authentication Dial In User Service) document [4] specifies the RADIUS protocol used for Authentication and Authorization. This memo extends the use of the RADIUS protocol to cover delivery of accounting information from the Network Access Server (NAS) to a RADIUS accounting server. Key features of RADIUS Accounting are: Client/Server Model A Network Access Server (NAS) operates as a client of the RADIUS accounting server. The client is responsible for passing user accounting information to a designated RADIUS accounting server. The RADIUS accounting server is responsible for receiving the accounting request and returning a response to the client indicating that it has successfully received the request. The RADIUS accounting server can act as a proxy client to other kinds of accounting servers. Rigney Informational [Page 2] RFC 2139 RADIUS Accounting April 1997 Network Security Transactions between the client and RADIUS accounting server are authenticated through the use of a shared secret, which is never sent over the network.Show full document text