RADIUS

From TBwiki
Jump to: navigation, search

Remote Authentication Dial In User Service, more popularly known as RADIUS, is used by telecom service providers for the purpose of authenticating, authorizing, and accounting (AAA) for the use of services by subscribers. A RADIUS server is an application server that provides this functionality. It can take as input as well as output Call detail record (CDR) data.


Contents

TelcoBridges and RADIUS

Starting with release v2.3 of Toolpack, explicit support for the accounting function of RADIUS is now offered. Previously, Toolpack stored Call detail record (CDR) data in a local database. Starting with Toolpack v2.3, CDR data is stored on a dedicated, external server running an implementation of the RADIUS standard. Configuration of the location of the RADIUS server is performed through the Toolpack web portal.

Starting with release v2.6 of Toolpack, multiple RADIUS servers can now be configured for backup purposes.

Starting with release v2.7 of Toolpack, calls can now be validated through a RADIUS server with authentication and authorization. The RADIUS server may also change routing parameters for calls.

Radius High-level drawing v2.jpg


Prerequisites

In order to enable RADIUS functionality in Toolpack, you must have a RADIUS server already up and running. It is highly recommended that the RADIUS server software being running on a separate machine from the one running the Toolpack software. Before configuring Toolpack, you will need the IP address of the RADIUS server(s). You will need to specify a ‘secret key’ which will authenticate the Toolpack server so that it can send accounting, authentication and authorization data and to the RADIUS server and the RADIUS server will accept it.


Configuration

Accounting

Authorization/Authentication

Authorization

If a Radius authorization server is configured, the call authorization is done externally (using the Radius protocol). The acceptance or refusal of the call is then returned into a routing script for further processing. Refer to Radius authorization for more details.

RADIUS Redundancy and Association

Toolpack to RADIUS CDR attributes remapping

When Toolpack sends Access-Request messages to a RADIUS server, some specific attributes are included in the message. These attributes have been improved through Toolpack releases to better meet accounting services requirements.

RADIUS CDR attributes list

Dealing with incoherent CDR entries

In some situations (during HA switchover for example), some CDR entries may be lost.

The following guide lines provide information on how to deal with these corner cases:

Deal with CDR entries loss

References

Personal tools