[NNTP] Adding A Quota Command to NNTP
Ade Lovett
ade at lovett.com
Mon Feb 26 03:26:54 PST 2007
On Feb 25, 2007, at 14:41 , Samuel Kleiner wrote:
> On Feb 23, 2007, at 5:05 AM, Ade Lovett wrote:
>
> (I've added this objection to draft 01, I hope you don't mind)
Not at all. It's in the best interests of everyone to develop
procedures that ultimately have a positive effect on the protocol(s)
we're discussing.
> If the ISP really wanted to offer this extension and didn't want to
> require NNTP authentication(which would be the best way), I suppose
> the ISP and NSP could concievably WAN in the outsourced NSP server
> inside the ISP DHCP local address space.
Unfortunately, that doesn't solve the problem (see below).
> But if outsourced customers have individual news quotas (as opposed
> to total bytes used), it is not the ISP that enforces them, but the
> NSP, right? As long as outsourced customers have to log in, the
> quota data should be available to the NSP.
Bingo. Here's the issue. Corporate outsourced accounts are
generally sold on one of three pricing models:
(a) X number of total ports at Y KBps per port. cost is determined
by 'X' and 'Y'
(b) $A per GB. NSP simply takes total amount of data downloaded at
the end of the billing period, multiples by $A, and presents bill.
(c) $N per Mbps (usually on the 95th-percentile, ie: standard IP
transit billing mechanisms). An extension of (b) above, as far as
billing goes it's the same.
In none of these cases does the NSP care (nor should it) about the
ISP customer base. It is entirely up to the ISP to set port limits
(in the case of (a)) along with add-ons such as RADIUS accounting
packets being sent back at the end of each session.
> It is suboptimal for the ISP to be the quota enforcer for an
> outsourcing agreement, because they only know when someone is
> communicating with the NSP when it is done over their network, and
> not when the user is traveling.
Not really. Regardless of whether RADIUS *authentication* is in use
(ie: AUTHINFO USER/PASS), we (SuperNews) can send back RADIUS
*accounting* packets at the end of each session. In the case where
the outsourcing is IP-authentication based, we simply drop in the IP
address as the Framed-User-Name. It would then be up to the ISP as
to map that to a specific user and do whatever they need to do.
In terms of quota enforcement, the ISP *has* to be the enforcer,
since it has the direct contract with the end-users. The NSP simply
has a contract with the ISP.
-aDe
More information about the ietf-nntp
mailing list