Mailing List Archive: RADIUS Support of 56-Bit Acct Session-Id -> bug?

RADIUS Support of 56-Bit Acct Session-Id -> bug?

achatz at forthnet

Jan 22, 2004, 8:34 AM

Post #1 of 8 (2564 views)

After having a look at the following doc on CCO
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftradaid.htm
i decided to try it.

But i can't understand exactly what is going on!!!

radius debugs (AS5300/AS5350 - 12.2(15)T8/12.3(1a))
---------------------------------------------------

RADIUS: Acct-Session-Id [44] 10 "000AE610"
RADIUS: Acct-Session-Id [44] 10 "000AE65D"

from CCO:
-------------------------------------------------------------------------------------------
"The acct-session-id variable is a 32-bit variable that can take on values from
00000000-FFFFFFFF"
-------------------------------------------------------------------------------------------

after configuring "radius-server unique-ident 0" on router

RADIUS: Acct-Session-Id [44] 10 "010AE610"
RADIUS: Acct-Session-Id [44] 10 "010AE65D"

from CCO:
-------------------------------------------------------------------------------------------
The acct-session-id-count and acct-session-id variables are concatenated before being sent
to the RADIUS server, resulting in the acct-session variable being represented as the
following:

##000000 00000000- ##FFFFFF FFFFFFFF
-------------------------------------------------------------------------------------------

So, where are the 56 bits?

--
***************************************
Chatzithomaoglou Anastasios
Network Design & Development Department
FORTHnet S.A.
<achatz@forthnet.gr>
***************************************

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

fizquierdo at l3consulting

Jan 22, 2004, 9:38 AM

Post #2 of 8 (2548 views)

Tassos Chatzithomaoglou wrote:

>
> So, where are the 56 bits?
>

32 bits from the standard Acct-Session-Id + the last 24 bits from the
new attribute Acct-Session-Id-Count ( it increments by 1 every time the
acct-session-id variable wraps ).

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

achatz at forthnet

Jan 22, 2004, 10:13 AM

Post #3 of 8 (2533 views)

My standard Acct-Session-Id is "000AE610". Is this 32 bits?

Félix Izquierdo wrote:

>
>
> Tassos Chatzithomaoglou wrote:
>
>>
>> So, where are the 56 bits?
>>
>
> 32 bits from the standard Acct-Session-Id + the last 24 bits from the
> new attribute Acct-Session-Id-Count ( it increments by 1 every time the
> acct-session-id variable wraps ).
>
>
>
>

--
***************************************
Chatzithomaoglou Anastasios
Network Design & Development Department
FORTHnet S.A.
<achatz@forthnet.gr>
***************************************

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

fizquierdo at l3consulting

Jan 22, 2004, 10:44 AM

Post #4 of 8 (2536 views)

Tassos Chatzithomaoglou wrote:

> My standard Acct-Session-Id is "000AE610". Is this 32 bits?

Sorry, I've used the name "attribute" in the previous message when they
are IOS internal variables. The only true radius attribute is
Acct-Session-Id, and it's a string, not an integer. You are receiving
digits in this string for 32 bits, it's true.

Perhaps the feature adds digits only after the counter wraps for the
first time because compatibility reasons?

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

Jan 22, 2004, 12:28 PM

Post #5 of 8 (2540 views)

There's been a mixup in the documentation. This feature is not
available until 12.3(4)T. So it is not available in 12.2(15)T or 12.3
mainline releases. I'll have the documentation corrected. It does work
in 12.3(4)T though. ;)

*Jan 22 17:03:17.993: RADIUS: Acct-Session-Id [44] 18 "5600000000000006"

Dennis

Tassos Chatzithomaoglou [achatz@forthnet.gr] wrote:
> After having a look at the following doc on CCO
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftradaid.htm
> i decided to try it.
>
> But i can't understand exactly what is going on!!!
>
> radius debugs (AS5300/AS5350 - 12.2(15)T8/12.3(1a))
> ---------------------------------------------------
>
> RADIUS: Acct-Session-Id [44] 10 "000AE610"
> RADIUS: Acct-Session-Id [44] 10 "000AE65D"
>
> from CCO:
> -------------------------------------------------------------------------------------------
> "The acct-session-id variable is a 32-bit variable that can take on values
> from 00000000-FFFFFFFF"
> -------------------------------------------------------------------------------------------
>
> after configuring "radius-server unique-ident 0" on router
>
> RADIUS: Acct-Session-Id [44] 10 "010AE610"
> RADIUS: Acct-Session-Id [44] 10 "010AE65D"
>
> from CCO:
> -------------------------------------------------------------------------------------------
> The acct-session-id-count and acct-session-id variables are concatenated
> before being sent to the RADIUS server, resulting in the acct-session
> variable being represented as the following:
>
> ##000000 00000000- ##FFFFFF FFFFFFFF
> -------------------------------------------------------------------------------------------
>
> So, where are the 56 bits?
>
> --
> ***************************************
> Chatzithomaoglou Anastasios
> Network Design & Development Department
> FORTHnet S.A.
> <achatz@forthnet.gr>
> ***************************************
>
>
> _______________________________________________
> cisco-nas mailing list
> cisco-nas@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

Jan 22, 2004, 12:36 PM

Post #6 of 8 (2527 views)

Sorry, made a mistake. The feature is supported in 12.3(2)T and later,
not 12.3(4)T as I initially wrote.

Dennis

Dennis Peng [dpeng@cisco.com] wrote:
> There's been a mixup in the documentation. This feature is not
> available until 12.3(4)T. So it is not available in 12.2(15)T or 12.3
> mainline releases. I'll have the documentation corrected. It does work
> in 12.3(4)T though. ;)
>
> *Jan 22 17:03:17.993: RADIUS: Acct-Session-Id [44] 18 "5600000000000006"
>
> Dennis
>
> Tassos Chatzithomaoglou [achatz@forthnet.gr] wrote:
> > After having a look at the following doc on CCO
> > http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftradaid.htm
> > i decided to try it.
> >
> > But i can't understand exactly what is going on!!!
> >
> > radius debugs (AS5300/AS5350 - 12.2(15)T8/12.3(1a))
> > ---------------------------------------------------
> >
> > RADIUS: Acct-Session-Id [44] 10 "000AE610"
> > RADIUS: Acct-Session-Id [44] 10 "000AE65D"
> >
> > from CCO:
> > -------------------------------------------------------------------------------------------
> > "The acct-session-id variable is a 32-bit variable that can take on values
> > from 00000000-FFFFFFFF"
> > -------------------------------------------------------------------------------------------
> >
> > after configuring "radius-server unique-ident 0" on router
> >
> > RADIUS: Acct-Session-Id [44] 10 "010AE610"
> > RADIUS: Acct-Session-Id [44] 10 "010AE65D"
> >
> > from CCO:
> > -------------------------------------------------------------------------------------------
> > The acct-session-id-count and acct-session-id variables are concatenated
> > before being sent to the RADIUS server, resulting in the acct-session
> > variable being represented as the following:
> >
> > ##000000 00000000- ##FFFFFF FFFFFFFF
> > -------------------------------------------------------------------------------------------
> >
> > So, where are the 56 bits?
> >
> > --
> > ***************************************
> > Chatzithomaoglou Anastasios
> > Network Design & Development Department
> > FORTHnet S.A.
> > <achatz@forthnet.gr>
> > ***************************************
> >
> >
> > _______________________________________________
> > cisco-nas mailing list
> > cisco-nas@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nas

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

achatz at forthnet

Jan 22, 2004, 1:15 PM

Post #7 of 8 (2539 views)

Is 12.3.5 in it? What about 7200's?

Dennis Peng wrote:

> Sorry, made a mistake. The feature is supported in 12.3(2)T and later,
> not 12.3(4)T as I initially wrote.
>
> Dennis
>
> Dennis Peng [dpeng@cisco.com] wrote:
>
>>There's been a mixup in the documentation. This feature is not
>>available until 12.3(4)T. So it is not available in 12.2(15)T or 12.3
>>mainline releases. I'll have the documentation corrected. It does work
>>in 12.3(4)T though. ;)
>>
>>*Jan 22 17:03:17.993: RADIUS: Acct-Session-Id [44] 18 "5600000000000006"
>>
>>Dennis
>>
>>Tassos Chatzithomaoglou [achatz@forthnet.gr] wrote:
>>
>>>After having a look at the following doc on CCO
>>>http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftradaid.htm
>>>i decided to try it.
>>>
>>>But i can't understand exactly what is going on!!!
>>>
>>>radius debugs (AS5300/AS5350 - 12.2(15)T8/12.3(1a))
>>>---------------------------------------------------
>>>
>>>RADIUS: Acct-Session-Id [44] 10 "000AE610"
>>>RADIUS: Acct-Session-Id [44] 10 "000AE65D"
>>>
>>>from CCO:
>>>-------------------------------------------------------------------------------------------
>>>"The acct-session-id variable is a 32-bit variable that can take on values
>>>from 00000000-FFFFFFFF"
>>>-------------------------------------------------------------------------------------------
>>>
>>>after configuring "radius-server unique-ident 0" on router
>>>
>>>RADIUS: Acct-Session-Id [44] 10 "010AE610"
>>>RADIUS: Acct-Session-Id [44] 10 "010AE65D"
>>>
>>>from CCO:
>>>-------------------------------------------------------------------------------------------
>>>The acct-session-id-count and acct-session-id variables are concatenated
>>>before being sent to the RADIUS server, resulting in the acct-session
>>>variable being represented as the following:
>>>
>>>##000000 00000000- ##FFFFFF FFFFFFFF
>>>-------------------------------------------------------------------------------------------
>>>
>>>So, where are the 56 bits?
>>>
>>>--
>>>***************************************
>>> Chatzithomaoglou Anastasios
>>>Network Design & Development Department
>>> FORTHnet S.A.
>>> <achatz@forthnet.gr>
>>>***************************************
>>>
>>>
>>>_______________________________________________
>>>cisco-nas mailing list
>>>cisco-nas@puck.nether.net
>>>https://puck.nether.net/mailman/listinfo/cisco-nas
>
>

--
***************************************
Chatzithomaoglou Anastasios
Network Design & Development Department
FORTHnet S.A.
<achatz@forthnet.gr>
***************************************

Re: RADIUS Support of 56-Bit Acct Session-Id -> bug? [ In reply to ]

Jan 22, 2004, 1:29 PM

Post #8 of 8 (2536 views)

No, 12.3(5) or any future release of 12.3(x) will not have the
feature. You need a 12.3(x)T. It is supported on all platforms.

Dennis

Tassos Chatzithomaoglou [achatz@forthnet.gr] wrote:
>
> Is 12.3.5 in it? What about 7200's?
>
> Dennis Peng wrote:
>
> >Sorry, made a mistake. The feature is supported in 12.3(2)T and later,
> >not 12.3(4)T as I initially wrote.
> >
> >Dennis
> >
> >Dennis Peng [dpeng@cisco.com] wrote:
> >
> >>There's been a mixup in the documentation. This feature is not
> >>available until 12.3(4)T. So it is not available in 12.2(15)T or 12.3
> >>mainline releases. I'll have the documentation corrected. It does work
> >>in 12.3(4)T though. ;)
> >>
> >>*Jan 22 17:03:17.993: RADIUS: Acct-Session-Id [44] 18
> >>"5600000000000006"
> >>
> >>Dennis
> >>
> >>Tassos Chatzithomaoglou [achatz@forthnet.gr] wrote:
> >>
> >>>After having a look at the following doc on CCO
> >>>http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ftradaid.htm
> >>>i decided to try it.
> >>>
> >>>But i can't understand exactly what is going on!!!
> >>>
> >>>radius debugs (AS5300/AS5350 - 12.2(15)T8/12.3(1a))
> >>>---------------------------------------------------
> >>>
> >>>RADIUS: Acct-Session-Id [44] 10 "000AE610"
> >>>RADIUS: Acct-Session-Id [44] 10 "000AE65D"
> >>>
> >>>from CCO:
> >>>-------------------------------------------------------------------------------------------
> >>>"The acct-session-id variable is a 32-bit variable that can take on
> >>>values from 00000000-FFFFFFFF"
> >>>-------------------------------------------------------------------------------------------
> >>>
> >>>after configuring "radius-server unique-ident 0" on router
> >>>
> >>>RADIUS: Acct-Session-Id [44] 10 "010AE610"
> >>>RADIUS: Acct-Session-Id [44] 10 "010AE65D"
> >>>
> >>>from CCO:
> >>>-------------------------------------------------------------------------------------------
> >>>The acct-session-id-count and acct-session-id variables are concatenated
> >>>before being sent to the RADIUS server, resulting in the acct-session
> >>>variable being represented as the following:
> >>>
> >>>##000000 00000000- ##FFFFFF FFFFFFFF
> >>>-------------------------------------------------------------------------------------------
> >>>
> >>>So, where are the 56 bits?
> >>>
> >>>--
> >>>***************************************
> >>> Chatzithomaoglou Anastasios
> >>>Network Design & Development Department
> >>> FORTHnet S.A.
> >>> <achatz@forthnet.gr>
> >>>***************************************
> >>>
> >>>
> >>>_______________________________________________
> >>>cisco-nas mailing list
> >>>cisco-nas@puck.nether.net
> >>>https://puck.nether.net/mailman/listinfo/cisco-nas
> >
> >
>
> --
> ***************************************
> Chatzithomaoglou Anastasios
> Network Design & Development Department
> FORTHnet S.A.
> <achatz@forthnet.gr>
> ***************************************