Name
Acct-Session-ID
Synopsis
|
Attribute Number |
44 |
|
Length |
3 or more octets |
|
Value |
STRING |
|
Allowed in |
Accounting-Request |
|
Prohibited in |
Accounting-Response |
|
Presence in Packet |
Required |
|
Maximum Iterations |
1 |
This attribute is used to uniquely identify a session so that accounting stop and start records can be collated and recorded accurately. There are a few considerations as to the packets that these attributes can be found in:
- Accounting-Request packets
are required to have
Acct-Session-ID.- Access-Request packets
are allowed to contain this attribute. If this is the case, then the RADIUS client gear is required to use the same session ID in all packets pertaining to that connection for the duration of that session.
The RFC requires that this session ID be printed using the UTF-8 10646 character set. From RFC 2866: “For example, one implementation uses a string with an 8-digit upper case hexadecimal number, [sic] the first two digits increment on each reboot (wrapping every 256 reboots) and the next 6 digits counting from 0 for the first person logging in after a reboot up to 224-1, about 16 million. Other encodings are possible.”
In practice, however, RADIUS client equipment tends to not send the
Acct-Session-ID attributes using unique values.
Many reuse these values across reboots, which can make tracking a
session in its entirety using accounting data much more difficult.
Get RADIUS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
