📄 rfc2139.txt
字号:
Session Timeout Maximum session length timer expired.
Admin Reset Administrator reset the port or session.
Admin Reboot Administrator is ending service on the NAS,
for example prior to rebooting the NAS.
Port Error NAS detected an error on the port which
required ending the session.
Rigney Informational [Page 19]
RFC 2139 RADIUS Accounting April 1997
NAS Error NAS detected some error (other than on the
port) which required ending the session.
NAS Request NAS ended session for a non-error reason not
otherwise listed here.
NAS Reboot The NAS ended the session in order to reboot
non-administratively ("crash").
Port Unneeded NAS ended session because resource usage fell
below low-water mark (for example, if a
bandwidth-on-demand algorithm decided that
the port was no longer needed).
Port Preempted NAS ended session in order to allocate the
port to a higher priority use.
Port Suspended NAS ended session to suspend a virtual
session.
Service Unavailable NAS was unable to provide requested service.
Callback NAS is terminating current session in order
to perform callback for a new session.
User Error Input from user is in error, causing
termination of session.
Host Request Login Host terminated session normally.
5.11. Acct-Multi-Session-Id
Description
This attribute is a unique Accounting ID to make it easy to link
together multiple related sessions in a log file. Each session
linked together would have a unique Acct-Session-Id but the same
Acct-Multi-Session-Id. It is strongly recommended that the Acct-
Multi-Session-Id be a printable ASCII string.
A summary of the Acct-Session-Id attribute format is shown below.
The fields are transmitted from left to right.
0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Rigney Informational [Page 20]
RFC 2139 RADIUS Accounting April 1997
Type
50 for Acct-Multi-Session-Id.
Length
>= 3
String
The String field SHOULD be a string of printable ASCII characters.
5.12. Acct-Link-Count
Description
This attribute gives the count of links which are known to have
been in a given multilink session at the time the accounting
record is generated. The NAS MAY include the Acct-Link-Count
attribute in any Accounting-Request which might have multiple
links.
A summary of the Acct-Link-Count attribute format is show below. The
fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Value (cont) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
51 for Acct-Link-Count.
Length
6
Value
The Value field is four octets, and contains the number of links
seen so far in this Multilink Session.
Rigney Informational [Page 21]
RFC 2139 RADIUS Accounting April 1997
It may be used to make it easier for an accounting server to know
when it has all the records for a given Multilink session. When
the number of Accounting-Requests received with Acct-Status-Type =
Stop and the same Acct-Multi-Session-Id and unique Acct-Session-
Id's equals the largest value of Acct-Link-Count seen in those
Accounting-Requests, all Stop Accounting-Requests for that
Multilink Session have been received.
An example showing 8 Accounting-Requests should make things
clearer. For clarity only the relevant attributes are shown, but
additional attributes containing accounting information will also
be present in the Accounting-Request.
Multi-Session-Id Session-Id Status-Type Link-Count
"10" "10" Start 1
"10" "11" Start 2
"10" "11" Stop 2
"10" "12" Start 3
"10" "13" Start 4
"10" "12" Stop 4
"10" "13" Stop 4
"10" "10" Stop 4
5.13. Table of Attributes
The following table provides a guide to which attributes may be found
in Accounting-Request packets. No attributes should be found in
Accounting-Response packets except Proxy-State and possibly Vendor-
Specific.
# Attribute
0-1 User-Name
0 User-Password
0 CHAP-Password
0-1 NAS-IP-Address [5]
0-1 NAS-Port
0-1 Service-Type
0-1 Framed-Protocol
0-1 Framed-IP-Address
0-1 Framed-IP-Netmask
0-1 Framed-Routing
0+ Filter-Id
0-1 Framed-MTU
0+ Framed-Compression
0+ Login-IP-Host
0-1 Login-Service
0-1 Login-TCP-Port
0 Reply-Message
Rigney Informational [Page 22]
RFC 2139 RADIUS Accounting April 1997
0-1 Callback-Number
0-1 Callback-Id
0+ Framed-Route
0-1 Framed-IPX-Network
0 State
0+ Class
0+ Vendor-Specific
0-1 Session-Timeout
0-1 Idle-Timeout
0-1 Termination-Action
0-1 Called-Station-Id
0-1 Calling-Station-Id
0-1 NAS-Identifier [4]
0+ Proxy-State
0-1 Login-LAT-Service
0-1 Login-LAT-Node
0-1 Login-LAT-Group
0-1 Framed-AppleTalk-Link
0-1 Framed-AppleTalk-Network
0-1 Framed-AppleTalk-Zone
1 Acct-Status-Type
0-1 Acct-Delay-Time
0-1 Acct-Input-Octets
0-1 Acct-Output-Octets
1 Acct-Session-Id
0-1 Acct-Authentic
0-1 Acct-Session-Time
0-1 Acct-Input-Packets
0-1 Acct-Output-Packets
0-1 Acct-Terminate-Cause
0+ Acct-Multi-Session-Id
0+ Acct-Link-Count
0 CHAP-Challenge
0-1 NAS-Port-Type
0-1 Port-Limit
0-1 Login-LAT-Port
[5] An Accounting-Request MUST contain either a NAS-IP-Address or a
NAS-Identifier, and it is permitted (but not recommended) for it to
contain both.
The following table defines the above table entries.
0 This attribute MUST NOT be present
0+ Zero or more instances of this attribute MAY be present.
0-1 Zero or one instance of this attribute MAY be present.
1 Exactly one instance of this attribute MUST be present.
Rigney Informational [Page 23]
RFC 2139 RADIUS Accounting April 1997
Security Considerations
Security issues are briefly discussed in sections concerning the
authenticator included in accounting requests and responses, using a
shared secret which is never sent over the network.
References
[1] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
USC/Information Sciences Institute, August 1980.
[2] Reynolds, J., and Postel, J., "Assigned Numbers", STD 2, RFC
1700, USC/Information Sciences Institute, October 1994.
[3] Rivest, R., and Dusse, S., "The MD5 Message-Digest Algorithm",
RFC 1321, MIT Laboratory for Computer Science, RSA Data
Security Inc., April 1992.
[4] Rigney, C., Rubens, A., Simpson, W., and Willens, S., "Remote
Authentication Dial In User Service (RADIUS)", RFC 2138,
April 1997.
Acknowledgments
RADIUS and RADIUS Accounting were originally developed by Livingston
Enterprises for their PortMaster series of Network Access Servers.
Chair's Address
The RADIUS working group can be contacted via the current chair:
Carl Rigney
Livingston Enterprises
4464 Willow Road
Pleasanton, California 94588
Phone: +1 510 426 0770
EMail: cdr@livingston.com
Rigney Informational [Page 24]
RFC 2139 RADIUS Accounting April 1997
Author's Address
Questions about this memo can also be directed to:
Carl Rigney
Livingston Enterprises
4464 Willow Road
Pleasanton, California 94588
EMail: cdr@livingston.com
Rigney Informational [Page 25]
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -