IP accounting
Document revision: | 2.1 (Fri Dec 17 18:28:01 GMT 2004) |
Applies to: | V2.9 |
General Information
Summary
Authentication, Authorization and Accounting feature provides a possibility of local and/or remote (on RADIUS server) Point-to-Point and HotSpot user management and traffic accounting (all IP traffic passing the router is accounted; local traffic acocunting is an option).
Specifications
Packages required: systemLicense required: Level1
Submenu level: /user, /ppp, /ip accounting, /radius
Standards and Technologies: RADIUS
Hardware usage: Traffic accounting requires additional memory
Related Documents
Local IP Traffic Accounting
Submenu level: /ip accountingDescription
As each packet passes through the router, the packet source and destination addresses are matched against an IP pair in the accounting table and the traffic for that pair is increased. The traffic of PPP, PPTP, PPPoE, ISDN and HotSpot clients can be accounted on per-user basis too. Both the number of packets and the number of bytes are accounted.
If no matching IP or user pair exists, a new entry will be added to the table
Only the packets that enter and leave the router are accounted. Packets that are dropped in the router are not counted. Packets that are NATted on the router will be accounted for with the actual IP addresses on each side. Packets that are going through bridged interfaces (i.e. inside the bridge interface) are also accounted correctly.
Traffic, generated by the router itself, and sent to it, may as well be accounted.
Property Description
enabled (yes | no; default: no) - whether local IP traffic accounting is enabled account-local-traffic (yes | no; default: no) - whether to account the traffic to/from the router itself threshold (integer; default: 256) - maximum number of IP pairs in the accounting table (maximal value is 8192)Notes
For bidirectional connections two entries will be created.
Each IP pair uses approximately 100 bytes
When the threshold limit is reached, no new IP pairs will be added to the accounting table. Each packet that is not accounted in the accounting table will then be added to the uncounted counter!
Example
Enable IP accounting:
[admin@MikroTik] ip accounting> set enabled=yes [admin@MikroTik] ip accounting> print enabled: yes account-local-traffic: no threshold: 256 [admin@MikroTik] ip accounting>
Example
See the uncounted packets:
[admin@MikroTik] ip accounting uncounted> print packets: 0 bytes: 0 [admin@MikroTik] ip accounting uncounted>
Local IP Traffic Accounting Table
Submenu level: /ip accounting snapshotDescription
When a snapshot is made for data collection, the accounting table is cleared and new IP pairs and traffic data are added. The more frequently traffic data is collected, the less likelihood that the IP pairs thereshold limit will be reached.
Property Description
bytes (read-only: integer) - total number of bytes, matched by this entrydst-address (read-only: IP address) - destination IP addressdst-user (read-only: text) - recipient's name (if aplicable)packets (read-only: integer) - total number of packets, matched by this entrysrc-address (read-only: IP address) - source IP addresssrc-user (read-only: text) - sender's name (if aplicable)Notes
Usernames are shown only if the users are connected to the router via a PPP tunnel or are authenticated by HotSpot.
Before the first snapshot is taken, the table is empty.
Example
To take a new snapshot:
[admin@MikroTik] ip accounting snapshot> take [admin@MikroTik] ip accounting snapshot> print # SRC-ADDRESS DST-ADDRESS PACKETS BYTES SRC-USER DST-USER 0 192.168.0.2 159.148.172.197 474 19130 1 192.168.0.2 10.0.0.4 3 120 2 192.168.0.2 192.150.20.254 32 3142 3 192.150.20.254 192.168.0.2 26 2857 4 10.0.0.4 192.168.0.2 2 117 5 159.148.147.196 192.168.0.2 2 136 6 192.168.0.2 159.148.147.196 1 40 7 159.148.172.197 192.168.0.2 835 1192962 [admin@MikroTik] ip accounting snapshot>
Web Access to the Local IP Traffic Accounting Table
Submenu level: /ip accounting web-accessDescription
The web page report make it possible to use the standard Unix/Linux tool wget to collect the traffic data and save it to a file or to use MikroTik shareware Traffic Counter to display the table. If the web report is enabled and the web page is viewed, the snapshot will be made when connection is initiated to the web page. The snapshot will be displayed on the web page. TCP protocol, used by http connections with the wget tool guarantees that none of the traffic data will be lost. The snapshot image will be made when the connection from wget is initiated. Web browsers or wget should connect to URL: http://routerIP/accounting/ip.cgi
Property Description
accessible-via-web (yes | no; default: no) - wheather the snapshot is available via webaddress (IP address/netmask; default: 0.0.0.0) - IP address range that is allowed to access the snapshotExample
To enable web access from 10.0.0.1 server only:
[admin@MikroTik] ip accounting web-access> set accessible-via-web=yes \ \... address=10.0.0.1/32 [admin@MikroTik] ip accounting web-access> print accessible-via-web: yes address: 10.0.0.1/32 [admin@MikroTik] ip accounting web-access>