EditDiscussionPage history

Difference between revisions of "Accounting"

 
(20 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Accounting 정보는 AP Controller와 같은 RADIUS Client에서 전송된 데이터이며 실시간이 아닌 특정 주기(1~5분)마다 수신되므로
+
There are two RADIUS logs that are the Accounting and Postauth.
실제 사용시간 및 사용량은 일정 시간이 지나야 기록됩니다.
+
The main difference is in which time a log is written. The Accounting log is saving while users are using a network after network access is granted.<br>However, the Postauth is written immediately after processing every ACCESS-REQUEST from users.
 +
For IEEE 802.1X Authenticators, this attribute is used to store the Supplicant MAC address.
 +
Some [[NAS]] devices may not support accounting. Also, depends on the [[NAS]] device, the according may be a little different.
  
 
{| class="wikitable"
 
{| class="wikitable"
! 열이름 !! Attribute name!! 설명
+
! style='width:200px' | Items !! style='width:180px'  | Attribute name!! Description
 
|-
 
|-
| 사용자이름 || User-Name || 로그인 사용자 이름(아이디)를 나타냅니다.
+
| Username|| User-Name || It indicates the name of the user to be authenticated.
 
|-
 
|-
| 호스트 MAC 주소 || Calling-Station-Id || 사용자 단말의 물리적 주소(이더넷 혹은 MAC 주소)를 나타냅니다.
+
| Calling-Station-ID || Calling-Station-Id || This Attribute allows the NAS to send in the Access-Request packet the phone number that the call came from, using Automatic Number Identification (ANI) or similar technology.
 +
For IEEE 802.1X Authenticators, this attribute is used to store the Supplicant MAC address. <br>
 +
The imRAD saves the Calling-Station-ID after stripping some delimiters, such as "-" or ":".
 
|-
 
|-
| 호스트 IPv4 주소 || Framed-IP-Address ||사용자 단말의 IPv4 주소를 나타냅니다.
+
| Calling-Station-ID(nostrip) || Calling-Station-Id || This is the same as the above except for stripping the delimiters.
 
|-
 
|-
| 호스트 IPv6 주소 || Framed-IPv6-Address ||사용자 단말의 IPv6 주소를 나타냅니다.
+
| Host IPv4 Address || Framed-IP-Address || It is the IPv4 address of a supplicant.
 
|-
 
|-
| realm || Realm || [[realm|realm]] 문서를 참고하세요.
+
| Host IPv6 Address || Framed-IPv6-Address || It is the IPv6 address of a supplicant.
 
|-
 
|-
| NAS || NAS-IP-Address|| NAS IP 주소를 의미하며 자세하 사항은 [[NAS|NAS]] 문서를 참고하세요.
+
| realm || Realm || It is the name of [[Realm and proxy| realm]] in a username.
 
|-
 
|-
| NAS ID || NAS-Identifier|| NAS 식별자이며 [[NAS Identifier|NAS Identifier]] 문서를 참고하세요.
+
| NAS || NAS-IP-Address|| It is the IP address of a [[NAS]].
 
|-
 
|-
| NAS 포트 ID || NAS-Port-Id || NAS 포트 식별자입니다.<br>이 식별자는 NAS의 이더넷 인터페이스 설명(description)을 의미합니다.<ref>https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/rd_naspt.html#wp1066674</ref>
+
| NAS ID || NAS-Identifier|| It is the the [[NAS Identifier | NAS Identifier]].
 
|-
 
|-
| NAS 포트 형식 || NAS-Port-Type || NAS의 물리적 포트 형식을 나타냅니다.<ref>https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/rd_naspt.html#wp1049275</ref>
+
| NAS Port ID || NAS-Port-Id || It identifies the port of the NAS which is authenticating the user. This typically matches the interface description.<ref>https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/rd_naspt.html#wp1066674</ref>
 
|-
 
|-
| 시작 시간 || - || RADIUS 인증 후 사용자가 네트워크에 연결된 시간을 의미합니다.
+
| NAS Port Type || NAS-Port-Type || It indicates the type of physical port the NAS is using to authenticate the user. <ref>https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/rd_naspt.html#wp1049275</ref>
 +
<ref>https://www.iana.org/assignments/radius-types/radius-types.xhtml#radius-types-13</ref>
 
|-
 
|-
| 중지 시간 || - || 사용자의 네트워크 사용이 중지(연결 해제)된 시간을 의미하며<br>네트워크를 계속 사용중인 경우 이 값은 표시되지 않습니다.<br>
+
| Save Time || - || The date and time that the Accounting was saved in the local database. This value changes whenever the Accounting is received.
따라서 이 값이 표시되지 않는 경우는 온라인 사용자로 간주됩니다.
 
 
|-
 
|-
| 세션 시간 || Acct-Session-Time || 세션 시작 후 사용자가 얼마나 네트워크를 사용했는지를 의미합니다(업데이트 시간 - 시작 시간).
+
| Start Time || - || The first date and time that network access is granted.
 
|-
 
|-
| 업데이트 시간 || - || 사용자가 네트워크를 사용한 최근 시간을 의미합니다.
+
| Stop Time || - || The date and time that network access is closed. If this value is blank, it means that the user is still using network.
 
|-
 
|-
| 업로드 || Acct-Input-Packets || 사용자가 업로드한 전체 트래픽을 의미합니다.
+
| Update Time || - || The recent date and time of the Accounting was received.
 
|-
 
|-
| 다운로드 || Acct-Output-Packets || 사용자가 다운로드한 전체 트래픽을 의미합니다.
+
| Session Time || Acct-Session-Time || This attribute indicates how many seconds the user has received service for.
 
|-
 
|-
| Authentic || Acct-Authentic || 사용자가 어떻게 인증되었는지를 나타내며 RADIUS, Local 또는 Remote중 하나로 표시됩니다.<ref>https://tools.ietf.org/html/rfc2866#page-16</ref><br>
+
| Input || Acct-Input-Packets || This attribute indicates how many packets have been received from the port over the course of this service being provided to a Framed User.
RADIUS: RADIUS를 통해 인증<br>
 
Local: NAS가 직접 인증<br>
 
Remote: 다른 인증 프로토콜을 통해 인증<br>
 
 
|-
 
|-
| 간격 || Acct-Interim-Interval || Accouting이 갱신되는 주기를 의미하며 단위는 초(second)입니다.<ref>https://tools.ietf.org/html/rfc2869#page-36</ref>
+
| Output|| Acct-Output-Packets || This attribute indicates how many packets have been sent to the port in the course of delivering this service to a Framed User.
 
|-
 
|-
| 종료사유 || Acct-Terminate-Cause || 사용자 세션이 왜 종료되었는지를 나타냅니다.<ref>https://tools.ietf.org/html/rfc2866#page-19</ref><br>
+
| Authentic || Acct-Authentic || It indicates how the user was authenticated and is either RADIUS, Local, or Remote.<ref>https://tools.ietf.org/html/rfc2866#page-16</ref><br>
종료사유에대한 전체 종류는 [https://tools.ietf.org/html/rfc2866#page-19 reference]를 참고하세요.
+
The RADIUS means that a user was authenticated by a RADIUS server. The Local means that a user was authenticated by a NAS.
 +
The Remote means that a user was authenticated by others.
 
|-
 
|-
|Called-Station-ID || Called-Station-ID || 사용자 단말과 연결된 NAS(AP Controller, AP 등)의 인터페이스 주소를 나타냅니다.<ref>https://www.oreilly.com/library/view/radius/0596003226/re07.html</ref>
+
| Interval || Acct-Interim-Interval || It indicates the number of seconds between each interim update in seconds.<ref>https://tools.ietf.org/html/rfc2869#page-36</ref>
 
|-
 
|-
| 서비스 형식 || Service-Type || 사용자가 요청한 서비스 형식 혹은 제공된 서비스 형식을 의미합니다.<ref>https://tools.ietf.org/html/rfc2865#page-31</ref>
+
| Terminate-Cause|| Acct-Terminate-Cause || It indicates how the session was terminated.<ref>https://tools.ietf.org/html/rfc2866#page-19</ref>
 
|-
 
|-
| 연결 시작 형태<br>연결 중지 형태 || Connect-Info || 사용자의 네트워크 연결 속성을 의미하며 무선랜 환경에서는 802.11xx 또는 11xx와 같이 기록됩니다.<ref>https://tools.ietf.org/html/rfc2869#page-30</ref>
+
|Called-Station-ID || Called-Station-ID || For IEEE 802.1X Authenticators, this attribute is used to store the bridge or Access Point MAC address.<ref>https://www.oreilly.com/library/view/radius/0596003226/re07.html</ref><ref>https://tools.ietf.org/html/rfc2865#page-50</ref>
 +
|-
 +
| Service Type || Service-Type || This Attribute indicates the type of service the user has requested, or the type of service to be provided.<ref>https://tools.ietf.org/html/rfc2865#page-31</ref>
 +
|-
 +
| coning || Connect-Info || This attribute is sent from the NAS to indicate the nature of the user's connection.<ref>https://tools.ietf.org/html/rfc2869#page-30</ref>
 +
|-
 +
| Message || - || It is generated by authentication processing results, refer to the "[[Authentication Processing Messages]]" section for the main messages originating from Access-Reject.
 
|-
 
|-
 
|}
 
|}
 +
 +
=== References ===

Latest revision as of 18:19, 9 August 2023

There are two RADIUS logs that are the Accounting and Postauth. The main difference is in which time a log is written. The Accounting log is saving while users are using a network after network access is granted.
However, the Postauth is written immediately after processing every ACCESS-REQUEST from users. For IEEE 802.1X Authenticators, this attribute is used to store the Supplicant MAC address. Some NAS devices may not support accounting. Also, depends on the NAS device, the according may be a little different.

Items Attribute name Description
Username User-Name It indicates the name of the user to be authenticated.
Calling-Station-ID Calling-Station-Id This Attribute allows the NAS to send in the Access-Request packet the phone number that the call came from, using Automatic Number Identification (ANI) or similar technology.

For IEEE 802.1X Authenticators, this attribute is used to store the Supplicant MAC address.
The imRAD saves the Calling-Station-ID after stripping some delimiters, such as "-" or ":".

Calling-Station-ID(nostrip) Calling-Station-Id This is the same as the above except for stripping the delimiters.
Host IPv4 Address Framed-IP-Address It is the IPv4 address of a supplicant.
Host IPv6 Address Framed-IPv6-Address It is the IPv6 address of a supplicant.
realm Realm It is the name of realm in a username.
NAS NAS-IP-Address It is the IP address of a NAS.
NAS ID NAS-Identifier It is the the NAS Identifier.
NAS Port ID NAS-Port-Id It identifies the port of the NAS which is authenticating the user. This typically matches the interface description.[1]
NAS Port Type NAS-Port-Type It indicates the type of physical port the NAS is using to authenticate the user. [2]

[3]

Save Time - The date and time that the Accounting was saved in the local database. This value changes whenever the Accounting is received.
Start Time - The first date and time that network access is granted.
Stop Time - The date and time that network access is closed. If this value is blank, it means that the user is still using network.
Update Time - The recent date and time of the Accounting was received.
Session Time Acct-Session-Time This attribute indicates how many seconds the user has received service for.
Input Acct-Input-Packets This attribute indicates how many packets have been received from the port over the course of this service being provided to a Framed User.
Output Acct-Output-Packets This attribute indicates how many packets have been sent to the port in the course of delivering this service to a Framed User.
Authentic Acct-Authentic It indicates how the user was authenticated and is either RADIUS, Local, or Remote.[4]

The RADIUS means that a user was authenticated by a RADIUS server. The Local means that a user was authenticated by a NAS. The Remote means that a user was authenticated by others.

Interval Acct-Interim-Interval It indicates the number of seconds between each interim update in seconds.[5]
Terminate-Cause Acct-Terminate-Cause It indicates how the session was terminated.[6]
Called-Station-ID Called-Station-ID For IEEE 802.1X Authenticators, this attribute is used to store the bridge or Access Point MAC address.[7][8]
Service Type Service-Type This Attribute indicates the type of service the user has requested, or the type of service to be provided.[9]
coning Connect-Info This attribute is sent from the NAS to indicate the nature of the user's connection.[10]
Message - It is generated by authentication processing results, refer to the "Authentication Processing Messages" section for the main messages originating from Access-Reject.

References

  1. https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/rd_naspt.html#wp1066674
  2. https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/rd_naspt.html#wp1049275
  3. https://www.iana.org/assignments/radius-types/radius-types.xhtml#radius-types-13
  4. https://tools.ietf.org/html/rfc2866#page-16
  5. https://tools.ietf.org/html/rfc2869#page-36
  6. https://tools.ietf.org/html/rfc2866#page-19
  7. https://www.oreilly.com/library/view/radius/0596003226/re07.html
  8. https://tools.ietf.org/html/rfc2865#page-50
  9. https://tools.ietf.org/html/rfc2865#page-31
  10. https://tools.ietf.org/html/rfc2869#page-30