9.64.1.1 Radius Server Agent Overview
The Radius accounting data contains information about the last client that had logged in, the log-in time, the duration of the session etc. Other than collecting such data, the Radius Server agent may act as an extension to the NAS, creating accounting data itself. For instance, when receiving a packet containing a login request, it may reply with an accept or reject packet. The reply logic is handled through APL code (an Analysis or Aggregation node).
Example Radius workflow
Note the absence of a Decoder. For real-time workflows, field decoding is handled via APL commands. TheĀ Radius
Ā format is included when a Radius bundle is committed into the system. The format contains record identification information on the first level (code, identifier, length, authenticator and attributes) to be used by the Radius Server agent. Hence, the agent is responsible for recognizing the type of data, while the Analysis node does the actual decoding of the contents (the attributes). A UFDL format needs to be defined for this purpose.
When activated, the agent will bind to the configured port and wait for incoming UDP packets from NASes. Each received UDP will be converted to a UDR and forwarded into the workflow. If fields are missing in a UDP, the agent will still create a UDR, filling in all found fields. If the data in the UDP is corrupt, or if data arrives from a host not present in the configuration window of the node, a message will be sent to the System Log and the data will be discarded.
Since NASes cannot request historic data, the agent will lose all data that is delivered from the NAS while the agent is not executing.
The Radius Server agent supports IPv4 and IPv6 environments.