Connect-Info RADIUS Attribute 77

The Connect-Info RADIUS Attribute 77 feature enables the Network Access Server (NAS) to report Connect-Info (attribute 77) in RADIUS accounting “start” and “stop” records that are sent to the RADIUS client (dial-in modem). These records allow the transmit and receive connection speeds, modulation, and compression to be compared in order to analyze a user session over a dial-in modem where speeds are often different at the end of the connection (after negotiation).

When the network access server (NAS) sends attribute 77 in accounting “start” and “stop” records, the connect rates can be measured across the platform. The “transmit” speed (the speed at which the NAS modem sends information) and “receive” speed (the speed at which the NAS receives information) can be recorded to determine whether user modem connections renegotiate to lower speeds shortly into a session. If the transmit and receive speeds are different from each other, attribute 77 reports both speeds, which allows the modem connection speeds that each customer gets from their session.

Attribute 77 is also used to send the Class string for broadband connections such as PPPoX, physical connection speeds for dial access, and the VRF string for any sessions on router interfaces defined with ip vrf forwarding command.


Note

This feature requires no configuration.

Prerequisites for Connect-Info RADIUS Attribute 77

For information about release and platform support, see the Feature Information for Connect-Info RADIUS Attribute 77.

Before the NAS can send attribute 77 in accounting “start” and “stop” records, you must perform the following tasks:

  • Configure your NAS for authentication, authorization, and accounting (AAA) and to accept incoming modem calls.

  • Enable AAA accounting by using the aaa accounting network default start-stop group radius command in global configuration mode.

  • Change the modem poll timer by using the modem link-info poll time command in global configuration mode.


Note

Changing the modem poll timer is required on the Cisco ASR 1000 Series Aggregation Services Routers.

Information About Connect-Info RADIUS Attribute 77

The Configurable Connect-Info Attributes feature introduces support for RADIUS attribute 77 (Connect-Info), which provides information about connection speeds, modulation, and compression for modem dial-in connections via RADIUS accounting “start” and “stop” records.

Customizing Attribute 77 for Ethernet Connections

To customize Attribute 77 for Ethernet connections, enter the connection information as the name of the service policy attached to the Ethernet subinterface. The router takes the policy name and copies it to Attribute 77.

For example, in the following configuration the outbound service policy named speed:eth:25100:5100:19/0 is attached to the QinQ Gigabit Ethernet subinterface 1/0/0.2696. The router copies the policy name to Attribute 77 and sends it to the RADIUS server in an Access-Request or Accounting-Start or Stop message. 


interface GigabitEthernet1/0/0.2696
encapsulation dot1q 2696 second-dot1q 256
pppoe enable group global
no snmp trap link-status
service-policy input set_precedence_to_0

service-policy output speed:eth:25100:5100:19/0

Customizing Attribute 77 for ATM Connections

To customize Attribute 77 for ATM connections, configure the aaa connect-info string command in the following configuration modes:

  • PVC (for a specific PVC)

  • PVC range (for a range of PVCs)

  • PVC-in-range (for a specific PVC in a range of PVCs)

  • VC class (under a specific class-vc command)

The router takes the name of the VC class you specify under the class-vc command or the string you specify in the aaa connect-info string command and copies it to Attribute 77.

For example, in the following configuration the class-vc command is configured on both ATM PVCs 10/42 and 10/43 and the aaa connect-info command is configured on PVC 10/42: 


interface ATM1/0/0.1 multipoint
description TDSL clients - default TDSL 1024 no ip mroute-cache
class-int speed:ubr:1184:160:10
range pvc 10/41 10/160
!
pvc-in-range 10/42
class-vc speed:ubr:2303:224:10
aaa connect-info speed:ubr:2303:224:10:isp-specific-descr
!
pvc-in-range 10/43
class-vc speed:ubr:2303:224:10

For PVC 10/42, the router takes the string (speed:ubr:2303:224:10:isp-specific-descr) specified in the aaa connect-info command and copies it to Attribute 77. If the aaa connect-info command is not configured on the subinterface, the router takes the class name (speed:ubr:2303:224:10) specified in the class-vc command and copies it to Attribute 77.

For PVC 10/43, the router takes the class name (speed:ubr:2303:224:10) specified in the class-vc command and copies it to Attribute 77.

How to Verify the Connect-Info RADIUS Attribute 77

Verifying the Connect-Info RADIUS Attribute 77

To verify attribute 77 in your accounting “start” and “stop” records, use the debug radius command in privileged EXEC mode.

SUMMARY STEPS

  1. enable
  2. debug radius

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:


Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

debug radius

Example:


Router# debug radius

Displays information associated with RADIUS.

Example

The following example shows the Connect-Info [77] accounting attributes: 


Router# debug radius
Sep 8 21:53:05.242: RADIUS/ENCODE(00007D34):Orig. component type = PPPoE 
Sep 8 21:53:05.242: RADIUS: AAA Unsupported Attr: interface [208] 10 
Sep 8 21:53:05.242: RADIUS: 30 2F 31 2F 30 2F 39 2E [ 0/1/0/9.] 
Sep 8 21:53:05.242: RADIUS: AAA Unsupported Attr: client-mac-address[45] 14 
Sep 8 21:53:05.242: RADIUS: 30 30 30 30 2E 63 30 30 31 2E 30 31 [ 0000.c001.01] 
Sep 8 21:53:05.242: RADIUS(00007D34): Config NAS IP: 0.0.0.0 
Sep 8 21:53:05.242: RADIUS/ENCODE(00007D34): acct_session_id: 32042 
Sep 8 21:53:05.242: RADIUS(00007D34): sending 
Sep 8 21:53:05.242: RADIUS/ENCODE: Best Local IP-Address 10.3.8.2 for Radius-Server 10.3.1.107 
Sep 8 21:53:05.242: RADIUS(00007D34): Send Access-Request to 10.3.1.107:1645 id 1645/1, len 116 
Sep 8 21:53:05.242: RADIUS: authenticator FC 82 50 DB 65 8F 21 A9 - F3 0A A8 09 29 E5 56 65 
Sep 8 21:53:05.242: RADIUS: Framed-Protocol [7] 6 PPP [1] 
Sep 8 21:53:05.242: RADIUS: User-Name [1] 8 ''user1'' 
Sep 8 21:53:05.242: RADIUS: User-Password [2] 18 * 
Sep 8 21:53:05.242: RADIUS: NAS-Port-Type [61] 6 Virtual [5] 
Sep 8 21:53:05.242: RADIUS: NAS-Port [5] 6 0 
Sep 8 21:53:05.242: RADIUS: NAS-Port-Id [87] 12 ''0/1/0/9.32'' 
Sep 8 21:53:05.242: RADIUS: Connect-Info [77] 28 ''speed:ubr:3456:448:10/0000'' 
Sep 8 21:53:05.242: RADIUS: Service-Type [6] 6 Framed [2] 
Sep 8 21:53:05.242: RADIUS: NAS-IP-Address [4] 6 10.3.8.2 
Sep 8 21:53:05.242: RADIUS(00007D34): Started 5 sec timeout 
Sep 8 21:53:05.244: RADIUS: Received from id 1645/1 10.3.1.107:1645, Access-Accept, len 32 
Sep 8 21:53:05.244: RADIUS: authenticator 9A F1 29 01 66 53 17 CB - 73 FB 1B CE 7D 80 04 F2 
Sep 8 21:53:05.244: RADIUS: Service-Type [6] 6 Framed [2] 
Sep 8 21:53:05.244: RADIUS: Framed-Protocol [7] 6 PPP [1] 
Sep 8 21:53:05.244: RADIUS(00007D34): Received from id 1645/1 
Sep 8 21:53:05.248: RADIUS/ENCODE(00007D34):Orig. component type = PPPoE 
Sep 8 21:53:05.248: RADIUS(00007D34): Config NAS IP: 0.0.0.0 
Sep 8 21:53:05.248: RADIUS(00007D34): sending 
Sep 8 21:53:05.248: RADIUS/ENCODE: Best Local IP-Address 10.3.8.2 for Radius-Server 5.3.1.107 
Sep 8 21:53:05.248: RADIUS(00007D34): Send Accounting-Request to 10.3.1.107:1646 id 1646/3, len 126 
Sep 8 21:53:05.248: RADIUS: authenticator 71 6E 73 9B FD 7E 82 81 - 10 2A CD 83 A8 BD D2 F0 
Sep 8 21:53:05.248: RADIUS: Acct-Session-Id [44] 10 ''00007D2A'' 
Sep 8 21:53:05.248: RADIUS: Framed-Protocol [7] 6 PPP [1] 
Sep 8 21:53:05.248: RADIUS: User-Name [1] 8 ''user1'' 
Sep 8 21:53:05.248: RADIUS: Acct-Authentic [45] 6 RADIUS [1] 
Sep 8 21:53:05.248: RADIUS: Acct-Status-Type [40] 6 Start [1] 
Sep 8 21:53:05.248: RADIUS: NAS-Port-Type [61] 6 Virtual [5] 
Sep 8 21:53:05.248: RADIUS: NAS-Port [5] 6 0 
Sep 8 21:53:05.248: RADIUS: NAS-Port-Id [87] 12 ''0/1/0/9.32'' 
Sep 8 21:53:05.248: RADIUS: Connect-Info [77] 28 ''speed:ubr:3456:448:10/0000

Configuration Example for Connect-Info RADIUS Attribute 77

Example: Configure NAS for AAA and Incoming Modem Calls

The following example is a sample NAS configuration for AAA and incoming modem calls: 


interface Serial0:15
  no ip address
  isdn switch-type primary-net5
  isdn incoming-voice modem
!
interface Async1
  ip address 192.0.2.2 255.255.255.0
  encapsulation ppp
  async default routing
  async mode interactive
  no peer default ip address
  ppp authentication chap
!
line 1
  modem InOu
  transport preferred none
  transport input all
  autoselect ppp
!

Additional References

The following sections provide references related to the Connect-Info RADIUS Attribute 77 feature.

Related Documents

Related Topic

Document Title

IOS dial technologies

Cisco IOS XE Dial Technologies Configuration Guide, Release 2

Cisco IOS Dial Technologies Command Reference

Security commands

Cisco IOS Security Command Reference

Standards

Standard

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

--

MIBs

MIB

MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFC

Title

RFC 2869

RADIUS Extensions

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport

Feature Information for Connect-Info RADIUS Attribute 77

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for Connect-Info RADIUS Attribute 77

Feature Name

Releases

Feature Information

Connect-Info RADIUS Attribute 77

Cisco IOS XE Release 2.1

The Connect-Info RADIUS Attribute 77 feature enables the network access server (NAS) to report Connect-Info (attribute 77) in RADIUS accounting “start” and “stop” records that are sent to the RADIUS client (dial-in modem). These “start” and “stop” records allow the transmit and receive connection speeds, modulation, and compression to be compared in order to analyze a user session over a dial-in modem where speeds are often different at the end of the connection (after negotiation).

In Cisco IOS XE Release 2.1, this feature was introduced on the Cisco ASR 1000 series routers.