Table of Contents

Chapter 1 Traffic Accounting Configuration. 1-1

1.1 Traffic Accounting Introduction. 1-1

1.1.1 Related Concepts of Traffic Accounting. 1-1

1.1.2 Implementation Process of the Traffic Accounting. 1-2

1.2 Configuring Traffic Accounting. 1-2

1.2.1 Prerequisites. 1-2

1.2.2 Configuring Traffic Accounting. 1-3

1.3 Displaying and Maintaining Traffic Accounting. 1-4

1.4 Traffic Accounting Configuration Example. 1-4

 

Chapter 1  Traffic Accounting Configuration

 

 

When performing traffic accounting configuration, go to these sections for information you are interested in:

l           Traffic Accounting Introduction

l           Configuring Traffic Accounting

l           Displaying and Maintaining Traffic Accounting

l           Traffic Accounting Configuration Example

1.1  Traffic Accounting Introduction

Some accounting servers, such as CAMS, can perform the accounting on the users who have passed the 802.1X or Portal authentication by time or traffic. Traffic accounting is to account the traffic generated by the authenticated online users in their switches, and send the traffic accounting statistics to the accounting servers to charge the internet users.

1.1.1  Related Concepts of Traffic Accounting

l           Traffic group: a mechanism to classify the object network by accounting attributes. The accounting attributes of a traffic group include charge/no charge and charge rate.

l           Accounting address of traffic group: some network segment addresses are configured in the traffic group to account the traffic of the destination address in these network segment addresses.

l           Traffic collection ports: ports that connect internet users or external networks. The traffic of accessing to external networks passes in and out through these ports.

l           Traffic accounting board: the board which provides analysis, calculation and statistics of the traffic.

l           Traffic collection: a process of sending the traffic which passes the traffic collection port to the traffic accounting board by setting port mirror.

l           Traffic statistics: a process of the traffic accounting board analyzing and calculating the traffic collected from the traffic collection ports. Traffic statistics bases on the internet users’ IP addresses and the traffic group which the accessed network belongs to.

1.1.2  Implementation Process of the Traffic Accounting

The implementation of traffic accounting is shown in Figure 1-1 in the H3C S9500 series switches.

Figure 1-1 Implementation process of the traffic accounting

Detailed implementation procedure:

1)         The user uses 802.1X or PORTAL authentication client to access to the network.

2)         The equipment acquires the user name and password and requests authentication from CAMS. The equipment and CAMS use the Radius protocol to communicate.

3)         Authentication succeeds. The equipment acquires the IP address and MAC address for the user to access to the network.

4)         The user normally accesses to the network and traffic is generated.

5)         The port of the switch collects the traffic and mirrors the traffic to the traffic accounting board.

6)         Traffic accounting board is in charge of the traffic statistics.

7)         The main control board collects the user’s traffic from the traffic accounting board periodically.

8)         The switch sends the updated message which carries the acquired user’s traffic to CAMS periodically. The traffic is accumulated.

9)         The user requests to be offline.

10)     The main control board collects the user’s traffic for the last time.

11)     The switch sends an accounting finish message which carries all the user’s traffic information this time.

12)     The user is offline and this process of accessing to the network is over.

1.2  Configuring Traffic Accounting

1.2.1  Prerequisites

l           Traffic accounting board is plugged into the switch.

l           802.1X or Portal is enabled in the switch.

l           CAMS server finishes the configuration.

 

 

1.2.2  Configuring Traffic Accounting

Follow these steps to configure traffic accounting:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Configure the port mirror group of traffic collection	mirroring-group groupid { inbound | outbound } mirroring-port-list mirrored-to monitor-port	Required Refer to QoS Commands in the QoS ACL Volume for more information.
Configure the slot for traffic statistics	traffic-accounting accounting-slot slot-num	Required l      Specify the traffic accounting slot where the traffic accounting board resides in. l      Enter traffic statistics view automatically after successful configuration.
Enable the traffic statistics function	accounting enable	Required This command is configured in the traffic statistic view.
Configure the traffic group	traffic-accounting traffic-group group-name	Required Enter traffic group view automatically after successful configuration.
Display the configured traffic group information	display traffic-accounting traffic-group [ group-name ]	Optional
Configure the traffic group address	network ip-address { mask | masklen }	Required This command is configured in the traffic group view.
Enter ISP domain view	domain domain-name	—
Specify the accounting mode as traffic accounting	accounting-mode traffic	Required
Configure the domain-applied traffic group	traffic-group group-name rate idnum	Required

 

 

1.3  Displaying and Maintaining Traffic Accounting

To do…	Use the command…
Display the information of traffic group	display traffic-accounting traffic-group [ group-name ]
Display the configuration information of traffic statistics	display traffic-accounting accounting-slot [ slot-num ]
Display the traffic statistics of the current online users	display traffic-accounting statistics [ ip-address ]

 

1.4  Traffic Accounting Configuration Example

I. Network requirements

l           The user accesses to the network by a switch and uses 802.1X or Portal authentication client. The user can access to the external network after passing the authentication. The accounting mode is traffic accounting. When the user accesses to network segment 11.127.1.0/24 and 12.127.1.0/24, accounting server CAMS charges the user according to his network traffic. When the user accesses to other network segment, CAMS does not accounts.

l           Perform traffic collection on the user’s side.

II. Network diagram

Figure 1-2  Network diagram for traffic accounting configuration

III. Configuration procedure.

# Configure the traffic accounting group somegroup.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] traffic-accounting traffic-group somegroup

# Configure the destination network segment address of the traffic accounting group.

[H3C-traffic-group-somegroup] network 11.127.1.0 24

[H3C-traffic-group-somegroup] network 12.127.1.0 24

# Configure the domain aaa for traffic accounting users, set the accounting mode as traffic accounting, and specify the traffic accounting group to be used.

[H3C] domain aaa

[H3C-isp-aaa] accounting-mode traffic

[H3C-isp-aaa] traffic-group somegroup rate 1

# Configure the traffic collection port, and mirror the traffic collection port to the traffic accounting board.

[H3C] mirroring-group 1 inbound Ethernet 2/1/1 mirrored-to slot 3

[H3C] mirroring-group 2 outbound Ethernet 2/1/1 mirrored-to slot 3

# Configure the traffic accounting board to enable the traffic accounting function.

[H3C] traffic-accounting accounting-slot 3

[H3C-accounting-slot-3] accounting enable