From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Py21W-0003dE-Or for garchives@archives.gentoo.org; Fri, 11 Mar 2011 13:04:56 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5EFAEE0478 for ; Fri, 11 Mar 2011 13:04:54 +0000 (UTC) Received: from mail1.nippynetworks.com (mail1.nippynetworks.com [91.220.24.129]) by pigeon.gentoo.org (Postfix) with ESMTP id 654F41C00E for ; Fri, 11 Mar 2011 12:41:47 +0000 (UTC) Received: from localhost (mail1.nippynetworks.com [127.0.0.1]) by mail1.nippynetworks.com (Postfix) with ESMTP id D95AE340320 for ; Fri, 11 Mar 2011 12:41:46 +0000 (GMT) X-Virus-Scanned: amavisd-new at nippynetworks.com Received: from mail1.nippynetworks.com ([127.0.0.1]) by localhost (mail1.nippynetworks.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Jl9L2kQ4FAyA for ; Fri, 11 Mar 2011 12:41:46 +0000 (GMT) Received: from Ed-Wildgooses-MacBook-Pro.local (office.nippynetworks.com [212.69.49.94]) (Authenticated sender: edward@wildgooses.com) by mail1.nippynetworks.com (Postfix) with ESMTPSA id 8478934030E for ; Fri, 11 Mar 2011 12:41:46 +0000 (GMT) Message-ID: <4D7A188A.6050408@wildgooses.com> Date: Fri, 11 Mar 2011 12:41:46 +0000 From: Ed W User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.15) Gecko/20110303 Lightning/1.0b2 Thunderbird/3.1.9 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-embedded@lists.gentoo.org Reply-to: gentoo-embedded@lists.gentoo.org MIME-Version: 1.0 To: gentoo-embedded@lists.gentoo.org Subject: [gentoo-embedded] Suggestions for per user bandwidth accounting over a router device? Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: cf09a47215b13e9e3ad82c2843f8fad6 This is almost certainly the wrong place to ask, but have any clever folks here got some ideas for doing per user (and eventually per user/per protocol) accounting for data crossing a router box (running gentoo)? The situation is something like: users connect to the router, are authenticated and then the router forwards data through one of several WAN connections (wireless, 3g and dialup). The goal is to track usage per user across each *WAN connection* in order to bill appropriately (because it costs more to use dialup than to use wireless, but sometimes dialup is all that is available - the hotspot is mobile...) For various reasons we can't assume that the bytes in/out from the LAN to the router are the same as the bytes sent over the WAN, eg in the simplest case lets add a squid proxy to the router and now the billable WAN data may be much lower than the LAN data. Additionally the router will host a simple CMS/file share that won't cause data to go over the WAN I guess the pieces are: 1) User authentication on the wired/wireless (LAN) input side (802.1x + perhaps a captive portal which also auths via radius?) 2) Gateway which allows authenticated users to route through the various WANs 3) Packet accounting that collects info on the data used over each WAN I'm somewhat unsure what my options are though to pass through the per-user auth info collected in step 1 to other pieces of the puzzle? I could build a mapping of users to IP addresses and then IP becomes a synonym for "user". Are there other packet marking techniques I could use that will scale to hundreds of users? (eg vlans appear not to be a sensible option?) I think 3) will often require support from the applications running on the router itself, eg a web connection passing through squid is hard to account for across the WAN because it all looks like a mass of data from the squid process. Any thoughts on a scalable way to account for the data from each app and log it? (Radius / DB / some library which someone already wrote?) Ideally I would like to be able to show quite granular statistics for each user, eg connection at 8pm for 10 mins, 200KB of email, 5KB web, 2KB DNS. Can radius be (mis) used to track accounting to this low level? The WAN connections in this scenario are quite expensive and we have a requirement to track quite granularly... Thanks for any pointers to techniques I could use to solve any of the pieces above? Note: I'm currently pulling apart wifidog and coova to get some ideas about how some of the captive portals implement the gateway part, but their bandwidth accounting is all measured at the user side and I need to measure mine at the WAN side... Thanks Ed W