1. Field
This disclosure relates to network devices, more particularly to network devices in used for authentication, authorization or accounting (AAA) and other administrative functions.
2. Background
Many networks use AAA servers to control access and accounting for network use. For example, a wholesale network provider that owns the physical network of wires and cables sells time on the network to an Internet service provider (ISP). Generally, there is an agreement between the wholesaler and the ISP that governs how many calls per a given time period, such as calls per second, that ISP gets for a particular level of service. The parameters of this agreement are typically contained in a service level agreement (SLA).
However, many SLAs are not enforced or are not enforced consistently. This leaves the wholesaler in the position of having to buy or lease extra equipment to handle the maximum call traffic, or fail to meet their obligations to one customer when another customer exceeds their SLA. As a solution to this, many wholesalers and ISPs use single point solution to provide an AAA server, enforce port policy management (such as the number of ports allowed for a given endpoint), as well as handle the routing of the incoming calls. An example of this type of network configuration is shown in FIG. 1.
As can be seen in FIG. 1, the wholesale network AAA server 10 is accessed by equipment at several points-of-presence (POP), 12a-12n. This server then routes the AAA information to the various ISP AAA servers 14a-14n, as well as routing the incoming call. This single-point solution allows one network device, such as a server, to coordinate the port policy enforcement, enforce SLAs, and to provide AAA information to the correct data.
In current implementations, basic dial-up AAA administrative messages may be switched by an AAA proxy server. They act as a ‘proxy’ for the AAA servers, receiving AAA messages intended for more than one AAA server. The proxy server then routes the AAA message to the appropriate server.
However, as can be seen in FIG. 1, this single-point of either an AAA server or an AAA proxy server becomes a choke point in the network. If the system uses other resource management servers, these contribute to the traffic backlog at these single point implementations. This is further complicated as high-bandwidth-requirement services are desired, such as the ability to place voice calls over data networks as in Voice Over Internet Protocol (VoIP) services.
VoIP, and similar voice services, may place a strain on the network if managed poorly. Many providers set out their service levels for voice versus data calls in their SLAs. This makes the enforcement of these agreements even more critical. Similarly, the high-bandwidth requirements of these types of services consume network resources, contributing to the network delays that may occur at the AAA servers.
It would be useful to have a method and apparatus that could separate the various enforcement issues, such as AAA, port policy enforcement and SLA management, from the routing of the traffic itself.