Home page logo
/

nanog logo nanog mailing list archives

Re: Identify amount of traffic to special IP address in Radius
From: Christian Kuhtz <kuhtzch () corp earthlink net>
Date: Wed, 1 Mar 2006 00:28:14 -0500



On Feb 28, 2006, at 11:59 PM, Joe Shen wrote:

why in the world
would you want to do something like that rather than
have another
device generate flow records which you then can
correlate with RADIUS
accounting data?


The reason is the cost of system building. As there
are a lot of broadband subscribers, if we want to
corelate subscriber with web site they visit we have
to make Radius allocate a fixed IP to a special
subscriber. Netflow based accounting is costy and we
could not guarantee its accuracy.

I would submit to you that getting such functionality built and operating via RADIUS is expensive as well. If you have a lot of broadband subscribers, your BRAS will already be busy doing what it does 'best': terminating subscriber sessions. Plus, you have to get your vendor to implement such a feature.. I haven't seen something like what you describe in the years of looking at BRAS requirements. But, that doesn't mean it doesn't exist in a scalable fashion.

In fact, we only need to identify a small set of IPs
which should not be considered in accounting.

If you need to generate IP accounting for just a small set of IPs, the above engineering challenge you describe is very straightforward for capturing flow records.

YMMV, of course. ;-)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault