[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]

Subscriber AAA Accounting Messages

Accounting messages identify service provisions and use on a per-user or per-tunnel basis. These messages keep track of when a particular service is initiated and terminated for a specific user.

JUNOSe software supports the Acct-On message on startup or configuration of the first accounting server. Acct-Off messages are supported when the last RADIUS accounting server in a virtual router is removed, when the router is shut down, and when a virtual router that has configured RADIUS accounting servers is deleted.

The router supports the following types of accounting messages:

Acct-Start
Acct-Stop
Interim-Acct
Acct-On
Acct-Off

Supported RADIUS IETF Attributes

Table 36 lists the RADIUS IETF attributes supported for Acct-Start, Acct-Stop, Interim-Acct, Acct-On, and Acct-Off messages.

The following notes are referred to in Table 36:

The attribute is used when terminating a PPP connection at the LNS or the initiating LAC.
For this attribute to be included, an IP address must be assigned to the subscriber.
The attribute is not included in Acct-Stop messages that are sent when a user session does not get established in one of the following situations.

The aaa accounting acct-stop on-access-deny command is enabled and the authentication server sends an Access-Reject (deny) message.
The aaa accounting acct-stop on-aaa-failure command is enabled and the authentication server issues an Access-Accept message (grant), but the AAA configuration denies access for the user. The aaa accounting acct-stop on-aaa-failure is enabled by default.
The aaa accounting acct-stop on-aaa-failure command is enabled and the user terminates before AAA receives the authentication response from the authentication server.

For this attribute to be included, an IPv6 interface ID must be assigned to the subscriber.
For this attribute to be included, at least one IPv6 prefix must be assigned to the subscriber.




 Table 36:   AAA Accounting Message RADIUS IETF Attributes Supported 

 Attribute Number
 Attribute Name
 Acct-Start 
 Acct-Stop
 Interim-Acct
 Acct-On
 Acct-Off

 [1]

 User-Name




 –

 –


 [4]

 NAS-IP-Address 







 [5]

 NAS-Port




 –

 –


 [6] 

 Service-Type




 –

 –


 [7]

 Framed-Protocol
(See Note 3 on 148.)




 –

 –


 [8]

 Framed-IP-Address
(See Note 2 on 148.)




 –

 –


 [9]

 Framed-IP-Netmask




 –

 –


 [13] 

 Framed-Compression
(See Note 3 on 148.)




 –

 –


 [25] 

 Class




 –

 –


 [30]

 Called-Station-Id




 –

 –


 [31] 

 Calling-Station-Id




 –

 –


 [32] 

 NAS-Identifier







 [40] 

 Acct-Status-Type







 [41] 

 Acct-Delay-Time







 [42] 

 Acct-Input-Octets

 –



 –

 –


 [43] 

 Acct-Output-Octets

 –



 –

 –


 [44]

 Acct-Session-Id 







 [45]

 Acct-Authentic







 [46] 

 Acct-Session-Time

 –



 –

 –


 [47] 

 Acct-Input-Packets

 –



 –

 –


 [48] 

 Acct-Output-Packets

 –



 –

 –


 [49] 

 Acct-Terminate-Cause

 –


 –

 –



 [50]

 Acct-Multi-Session-Id
(See Note 3 on 148.)




 –

 –


 [51]

 Acct-Link-Count
(See Note 3 on 148.)




 –

 –


 [52] 

 Acct-Input-Gigawords

 –



 –

 –


 [53] 

 Acct-Output-Gigawords

 –



 –

 –


 [55] 

 Event-Timestamp







 [61] 

 NAS-Port-Type 




 –

 –


 [64] 

 Tunnel-Type 
(See Note 1 on 148.)




 –

 –


 [65] 

 Tunnel-Medium-Type 
(See Note 1 on 148.)




 –

 –


 [66] 

 Tunnel-Client-Endpoint 
(See Note 1 on 148.)




 –

 –


 [67]

 Tunnel-Server-Endpoint 
(See Note 1 on 148.)




 –

 –


 [68] 

 Acct-Tunnel-Connection 
(See Note 1 on 148.)




 –

 –


 [77]

 Connect-Info




 –

 –


 [82] 

 Tunnel-Assignment-Id (LAC only) 
(See Note 1 on 148.) 




 –

 –


 [83]

 Tunnel-Preference (LAC only)




 –

 –


 [87] 

 NAS-Port-Id




 –

 –


 [90] 

 Tunnel-Client-Auth-Id 
(See Note 1 on 148.)




 –

 –


 [91] 

 Tunnel-Server-Auth-Id 
(See Note 1 on 148.)




 –

 –


 [96] 

 Framed-Interface-Id
(See Note 4 on 148.)




 –

 –


 [97] 

 Framed-Ipv6-Prefix
(See Note 5 on 148.)




 –

 –


 [188]

 Ascend-Num-In-Multilink
(See Note 3 on 148.)




 –

 –

Attribute Number	Attribute Name	Acct-Start	Interim-Acct	Acct-On	Acct-Off
[1]	User-Name			–	–
[4]	NAS-IP-Address
[5]	NAS-Port			–	–
[6]	Service-Type			–	–
[7]	Framed-Protocol (See Note 3 on 148.)			–	–
[8]	Framed-IP-Address (See Note 2 on 148.)			–	–
[9]	Framed-IP-Netmask			–	–
[13]	Framed-Compression (See Note 3 on 148.)			–	–
[25]	Class			–	–
[30]	Called-Station-Id			–	–
[31]	Calling-Station-Id			–	–
[32]	NAS-Identifier
[40]	Acct-Status-Type
[41]	Acct-Delay-Time
[42]	Acct-Input-Octets	–		–	–
[43]	Acct-Output-Octets	–		–	–
[44]	Acct-Session-Id
[45]	Acct-Authentic
[46]	Acct-Session-Time	–		–	–
[47]	Acct-Input-Packets	–		–	–
[48]	Acct-Output-Packets	–		–	–
[49]	Acct-Terminate-Cause	–	–	–
[50]	Acct-Multi-Session-Id (See Note 3 on 148.)			–	–
[51]	Acct-Link-Count (See Note 3 on 148.)			–	–
[52]	Acct-Input-Gigawords	–		–	–
[53]	Acct-Output-Gigawords	–		–	–
[55]	Event-Timestamp
[61]	NAS-Port-Type			–	–
[64]	Tunnel-Type (See Note 1 on 148.)			–	–
[65]	Tunnel-Medium-Type (See Note 1 on 148.)			–	–
[66]	Tunnel-Client-Endpoint (See Note 1 on 148.)			–	–
[67]	Tunnel-Server-Endpoint (See Note 1 on 148.)			–	–
[68]	Acct-Tunnel-Connection (See Note 1 on 148.)			–	–
[77]	Connect-Info			–	–
[82]	Tunnel-Assignment-Id (LAC only) (See Note 1 on 148.)			–	–
[83]	Tunnel-Preference (LAC only)			–	–
[87]	NAS-Port-Id			–	–
[90]	Tunnel-Client-Auth-Id (See Note 1 on 148.)			–	–
[91]	Tunnel-Server-Auth-Id (See Note 1 on 148.)			–	–
[96]	Framed-Interface-Id (See Note 4 on 148.)			–	–
[97]	Framed-Ipv6-Prefix (See Note 5 on 148.)			–	–
[188]	Ascend-Num-In-Multilink (See Note 3 on 148.)			–	–

Supported Juniper Networks VSAs

Table 37 lists the Juniper Networks (Vendor ID 4874) VSAs supported for Acct-Start, Acct-Stop, Interim-Acct, Acct-On, and Acct-Off messages.

The following note is referred to in Table 37:

The attribute is not included in Acct-Stop messages that are sent when a user session does not get established in one of the following situations.

The aaa accounting acct-stop on-access-deny command is enabled and the authentication server sends an Access-Reject (deny) message.
The aaa accounting acct-stop on-aaa-failure command is enabled and the authentication server issues an Access-Accept message (grant), but the AAA configuration denies access for the user. The aaa accounting acct-stop on-aaa-failure is enabled by default.
The aaa accounting acct-stop on-aaa-failure command is enabled and the user terminates before AAA receives the authentication response from the authentication server.




 Table 37:   AAA Accounting Message Juniper Network (Vendor ID 4874) VSAs Supported 

 Attribute Number
 Attribute Name
 Acct-Start 
 Acct-Stop
 Interim-Acct
 Acct-On
 Acct-Off

 [26-10] 

 Ingress-Policy-Name




 –

 –


 [26-11]

 Egress-Policy-Name




 –

 –


 [26-24]

 Pppoe-Description
(See Note 1 on 150.)




 –

 –


 [26-42]

 Acct-Input-Gigapackets

 –



 –

 –


 [26-43]

 Acct-Output-Gigapackets

 –



 –

 –


 [26-44]

 Tunnel-Interface-Id




 –

 –


 [26-51]

 Disconnect-Cause

 –


 –

 –

 –


 [26-53]

 Service-Description




 –

 –


 [26-55]

 DHCP-Options
(See Note 1 on 150.)




 –

 –


 [26-56]

 DHCP-MAC-Address
(See Note 1 on 150.)




 –

 –


 [26-57]

 DHCP-GI-Address
(See Note 1 on 150.)




 –

 –


 [26-62]

 MLPPP-Bundle-Name




 –

 –


 [26-63]

 Interface-Description




 –

 –


 [26-92]

 L2C-Up-Stream-Data 




 –

 –


 [26-93]

 L2C-Down-Stream-Data 




 –

 –


 [26-110]

 Acc-Loop-Cir-Id




 –

 –


 [26-111]

 Acc-Aggr-Cir-Id-Bin 




 –

 –


 [26-112]

 Acc-Aggr-Cir-Id-Asc




 –

 –


 [26-113]

 Act-Data-Rate-Up




 –

 –


 [26-114]

 Act-Data-Rate-Dn




 –

 –


 [26-115]

 Min-Data-Rate-Up




 –

 –


 [26-116]

 Min-Data-Rate-Dn




 –

 –


 [26-117]

 Att-Data-Rate-Up




 –

 –


 [26-118]

 Att-Data-Rate-Dn




 –

 –


 [26-119]

 Max-Data-Rate-Up




 –

 –


 [26-120]

 Max-Data-Rate-Dn




 –

 –


 [26-121]

 Min-LP-Data-Rate-Up




 –

 –


 [26-122]

 Min-LP-Data-Rate-Dn




 –

 –


 [26-123]

 Max-Interlv-Delay-Up




 –

 –


 [26-124]

 Act-Interlv-Delay-Up




 –

 –


 [26-125]

 Max-Interlv-Delay-Dn




 –

 –


 [26-126]

 Act-Interlv-Delay-Dn




 –

 –


 [26-127]

 DSL-Line-State




 –

 –


 [26-128]

 DSL-Type




 –

 –

Attribute Number	Attribute Name	Acct-Start	Interim-Acct	Acct-On	Acct-Off
[26-10]	Ingress-Policy-Name			–	–
[26-11]	Egress-Policy-Name			–	–
[26-24]	Pppoe-Description (See Note 1 on 150.)			–	–
[26-42]	Acct-Input-Gigapackets	–		–	–
[26-43]	Acct-Output-Gigapackets	–		–	–
[26-44]	Tunnel-Interface-Id			–	–
[26-51]	Disconnect-Cause	–	–	–	–
[26-53]	Service-Description			–	–
[26-55]	DHCP-Options (See Note 1 on 150.)			–	–
[26-56]	DHCP-MAC-Address (See Note 1 on 150.)			–	–
[26-57]	DHCP-GI-Address (See Note 1 on 150.)			–	–
[26-62]	MLPPP-Bundle-Name			–	–
[26-63]	Interface-Description			–	–
[26-92]	L2C-Up-Stream-Data			–	–
[26-93]	L2C-Down-Stream-Data			–	–
[26-110]	Acc-Loop-Cir-Id			–	–
[26-111]	Acc-Aggr-Cir-Id-Bin			–	–
[26-112]	Acc-Aggr-Cir-Id-Asc			–	–
[26-113]	Act-Data-Rate-Up			–	–
[26-114]	Act-Data-Rate-Dn			–	–
[26-115]	Min-Data-Rate-Up			–	–
[26-116]	Min-Data-Rate-Dn			–	–
[26-117]	Att-Data-Rate-Up			–	–
[26-118]	Att-Data-Rate-Dn			–	–
[26-119]	Max-Data-Rate-Up			–	–
[26-120]	Max-Data-Rate-Dn			–	–
[26-121]	Min-LP-Data-Rate-Up			–	–
[26-122]	Min-LP-Data-Rate-Dn			–	–
[26-123]	Max-Interlv-Delay-Up			–	–
[26-124]	Act-Interlv-Delay-Up			–	–
[26-125]	Max-Interlv-Delay-Dn			–	–
[26-126]	Act-Interlv-Delay-Dn			–	–
[26-127]	DSL-Line-State			–	–
[26-128]	DSL-Type			–	–

Tunnel Accounting Messages

Table 38 lists RADIUS attributes supported by the following tunnel-related accounting messages:

Acct-Tunnel-Start
Acct-Tunnel-Stop
Acct-Tunnel-Reject
Acct-Tunnel-Link-Start
Acct-Tunnel-Link-Stop
Acct-Tunnel-Link-Reject




 Table 38:   AAA Accounting Tunnel Message RADIUS Attributes Supported 

 Attribute Number
 Attribute Name
 Acct-Tunnel-Start 
 Acct-Tunnel-Stop
 Acct-Tunnel-Reject
 Acct-Tunnel-Link-Start
 Acct-Tunnel-Link-Stop
 Acct-Tunnel-Link-Reject

 [1]

 User-Name

 –

 –

 –



 –


 [4]

 NAS-IP-Address 








 [26-51]

 Disconnect-Cause

 –

 –

 –

 –


 –


 [32] 

 NAS-Identifier








 [40] 

 Acct-Status-Type








 [41] 

 Acct-Delay-Time








 [44]

 Acct-Session-Id 








 [46] 

 Acct-Session-Time

 –


 –

 –


 –


 [49] 

 Acct-Terminate-Cause

 –



 –




 [55] 

 Event-Timestamp








 [64] 

 Tunnel-Type








 [65] 

 Tunnel-Medium-Type








 [66] 

 Tunnel-Client-Endpoint








 [67]

 Tunnel-Server-Endpoint








 [68] 

 Acct-Tunnel-
Connection








 [82] 

 Tunnel-Assignment-Id (LAC only)








 [83]

 Tunnel-Preference (LAC only)

 –

 –

 –





 [86]

 Acct-Tunnel-Packets-
Lost

 –

 –

 –

 –




 [90] 

 Tunnel-Client-Auth-Id








 [91] 

 Tunnel-Server-Auth-Id

[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]