HELP: Bandwidth Accounting using RADIUS?
Dear List I've been a SuSE user since 6.2. Recently, my boss presented me with a problem that has me completely stumped and I'm not sure what is the best way to go about things. Basically, we are in the early stages of setting up a simple ISP and we need: 1. An accounting system that will be able to track bandwidth usage (amount downloaded) by username / ip address. 2. Clients will be connecting to us via ethernet (they are in the same building), and later, wireless. 3. Clients need to authenticate against a server (can be RADIUS or some other) so that we can do proper accounting. I have tried: a. Setting up a RADIUS server (which seems to work) but all the example scripts I have from SuSE and the how-tos at linuxdoc.org all deal with setting RADIUS up with a modem server, but our clients will be connecting to us over ethernet. b. I'm not sure if RADIUS requires ppp to function (it seems to, but I might be wrong) and I am now stumped as to how to set up the radiusclient and pppd to dial-out using eth0 to request a static ip address and authenticate against RADIUS. I have how-tos that detail how to use radiusclient and pppd to dialout using a serial modem, but not eth0, and I have been unsuccessful in getting rp-pppoe to work with radiusclient. My questions: 1. Am I going about this the right way? Is there perhaps another accounting package that tracks bandwidth usage that is better than RADIUS for this particular scenario? I am happy with any solution that allows authentication and accounting. 2. Has anyone been successful in getting RADIUS to work with clients authenticating over an ethernet connection? Hoping that someone on this list will be able to lend me the benefit of their experience. Thank you and regards Luke Loh Senior Network Engineer Nicholls Price Pty Ltd Mb: 0412 022 311 Ph : 61 2 9222 9155 Fx : 61 2 9222 9166 www.nph.com.au Level 1, 70 Pitt Street Sydney NSW 2000
Hoping that someone on this list will be able to lend me the benefit of their experience. Well, what the guys next door have been using for the ethernet accounts is read out snmp-traps, that seems to work. Another guy told me, he had rigged something up using tcpdump. "man snmpwalk" might also get you somewhere. RADIUS is also only used for for dial-in into the joint here.
HTH Dan
why is authentication necessary? i would think a much easier solution would be to just monitor via snmp the ethernet ports to measure the bandwidth. if authentication is really necessary, consider setting up a proxy that you have to authenticate against to get through. radius and ehternet is most likely going to require pppoe. You said:
Dear List
I've been a SuSE user since 6.2. Recently, my boss presented me with a problem that has me completely stumped and I'm not sure what is the best way to go about things. Basically, we are in the early stages of setting up a simple ISP and we need:
1. An accounting system that will be able to track bandwidth usage (amount downloaded) by username / ip address. 2. Clients will be connecting to us via ethernet (they are in the same building), and later, wireless. 3. Clients need to authenticate against a server (can be RADIUS or some other) so that we can do proper accounting.
I have tried: a. Setting up a RADIUS server (which seems to work) but all the example scripts I have from SuSE and the how-tos at linuxdoc.org all deal with setting RADIUS up with a modem server, but our clients will be connecting to us over ethernet. b. I'm not sure if RADIUS requires ppp to function (it seems to, but I might be wrong) and I am now stumped as to how to set up the radiusclient and pppd to dial-out using eth0 to request a static ip address and authenticate against RADIUS.
I have how-tos that detail how to use radiusclient and pppd to dialout using a serial modem, but not eth0, and I have been unsuccessful in getting rp-pppoe to work with radiusclient.
My questions: 1. Am I going about this the right way? Is there perhaps another accounting package that tracks bandwidth usage that is better than RADIUS for this particular scenario? I am happy with any solution that allows authentication and accounting. 2. Has anyone been successful in getting RADIUS to work with clients authenticating over an ethernet connection?
Hoping that someone on this list will be able to lend me the benefit of their experience.
Thank you and regards
Luke Loh Senior Network Engineer Nicholls Price Pty Ltd Mb: 0412 022 311 Ph : 61 2 9222 9155 Fx : 61 2 9222 9166 www.nph.com.au Level 1, 70 Pitt Street Sydney NSW 2000
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
Chad Whitten Network/Systems Administrator neXband Communications cwhitten@nexband.com
participants (3)
-
Dan Am -
dog@intop.net -
Luke Loh