RADIUS Accounting
RFC 2139
| Document | Type |
RFC - Informational
(April 1997; No errata)
Obsoleted by RFC 2866
Obsoletes RFC 2059
|
|
|---|---|---|---|
| Last updated | 2013-03-02 | ||
| Stream | Legacy | ||
| Formats | plain text pdf html bibtex | ||
| Stream | Legacy state | (None) | |
| Consensus Boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | RFC 2139 (Informational) | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
Network Working Group C. Rigney
Request for Comments: 2139 Livingston
Obsoletes: 2059 April 1997
Category: Informational
RADIUS Accounting
Status of this Memo
This memo provides information for the Internet community. This memo
does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
Abstract
This document describes a protocol for carrying accounting
information between a Network Access Server and a shared Accounting
Server.
Implementation Note
This memo documents the RADIUS Accounting protocol. There has been
some confusion in the assignment of port numbers for this protocol.
The early deployment of RADIUS Accounting was done using the
erroneously chosen port number 1646, which conflicts with the "sa-
msg-port" service. The officially assigned port number for RADIUS
Accounting is 1813.
Table of Contents
1. Introduction .......................................... 2
1.1 Specification of Requirements ................... 3
1.2 Terminology ..................................... 3
2. Operation ............................................. 4
3. Packet Format ......................................... 5
4. Packet Types .......................................... 7
4.1 Accounting-Request .............................. 7
4.2 Accounting-Response ............................. 8
5. Attributes ............................................ 10
5.1 Acct-Status-Type ................................ 11
5.2 Acct-Delay-Time ................................. 12
5.3 Acct-Input-Octets ............................... 13
5.4 Acct-Output-Octets .............................. 14
5.5 Acct-Session-Id ................................. 14
5.6 Acct-Authentic .................................. 15
5.7 Acct-Session-Time ............................... 16
5.8 Acct-Input-Packets .............................. 16
Rigney Informational [Page 1]
RFC 2139 RADIUS Accounting April 1997
5.9 Acct-Output-Packets ............................. 17
5.10 Acct-Terminate-Cause ............................ 18
5.11 Acct-Multi-Session-Id ........................... 20
5.12 Acct-Link-Count ................................. 21
5.13 Table of Attributes ............................. 22
Security Considerations ...................................... 24
References ................................................... 24
Acknowledgements ............................................. 24
Chair's Address .............................................. 24
Author's Address ............................................. 25
1. Introduction
Managing dispersed serial line and modem pools for large numbers of
users can create the need for significant administrative support.
Since modem pools are by definition a link to the outside world, they
require careful attention to security, authorization and accounting.
This can be best achieved by managing a single "database" of users,
which allows for authentication (verifying user name and password) as
well as configuration information detailing the type of service to
deliver to the user (for example, SLIP, PPP, telnet, rlogin).
The RADIUS (Remote Authentication Dial In User Service) document [4]
specifies the RADIUS protocol used for Authentication and
Authorization. This memo extends the use of the RADIUS protocol to
cover delivery of accounting information from the Network Access
Server (NAS) to a RADIUS accounting server.
Key features of RADIUS Accounting are:
Client/Server Model
A Network Access Server (NAS) operates as a client of the
RADIUS accounting server. The client is responsible for
passing user accounting information to a designated RADIUS
accounting server.
The RADIUS accounting server is responsible for receiving the
accounting request and returning a response to the client
indicating that it has successfully received the request.
The RADIUS accounting server can act as a proxy client to other
kinds of accounting servers.
Rigney Informational [Page 2]
RFC 2139 RADIUS Accounting April 1997
Network Security
Transactions between the client and RADIUS accounting server
are authenticated through the use of a shared secret, which is
never sent over the network.
Show full document text