[NNTP] Adding A Quota Command to NNTP

Ade Lovett ade at lovett.com
Mon Feb 26 03:26:54 PST 2007 

On Feb 25, 2007, at 14:41 , Samuel Kleiner wrote:

> On Feb 23, 2007, at 5:05 AM, Ade Lovett wrote:
>
> (I've added this objection to draft 01, I hope you don't mind)

Not at all.  It's in the best interests of everyone to develop  
procedures that ultimately have a positive effect on the protocol(s)  
we're discussing.

> If the ISP really wanted to offer this extension and didn't want to  
> require NNTP authentication(which would be the best way), I suppose  
> the ISP and NSP could concievably WAN in the outsourced NSP server  
> inside the ISP DHCP local address space.

Unfortunately, that doesn't solve the problem (see below).

> But if outsourced customers have individual news quotas (as opposed  
> to total bytes used), it is not the ISP that enforces them, but the  
> NSP, right? As long as outsourced customers have to log in, the  
> quota data should be available to the NSP.

Bingo.  Here's the issue.  Corporate outsourced accounts are  
generally sold on one of three pricing models:

(a)  X number of total ports at Y KBps per port.  cost is determined  
by 'X' and 'Y'
(b)  $A per GB.  NSP simply takes total amount of data downloaded at  
the end of the billing period, multiples by $A, and presents bill.
(c)  $N per Mbps (usually on the 95th-percentile, ie: standard IP  
transit billing mechanisms).  An extension of (b) above, as far as  
billing goes it's the same.

In none of these cases does the NSP care (nor should it) about the  
ISP customer base.  It is entirely up to the ISP to set port limits  
(in the case of (a)) along with add-ons such as RADIUS accounting  
packets being sent back at the end of each session.

> It is suboptimal for the ISP to be the quota enforcer for an  
> outsourcing agreement, because they only know when someone is  
> communicating with the NSP when it is done over their network, and  
> not when the user is traveling.

Not really.  Regardless of whether RADIUS *authentication* is in use  
(ie: AUTHINFO USER/PASS), we (SuperNews) can send back RADIUS  
*accounting* packets at the end of each session.  In the case where  
the outsourcing is IP-authentication based, we simply drop in the IP  
address as the Framed-User-Name.  It would then be up to the ISP as  
to map that to a specific user and do whatever they need to do.

In terms of quota enforcement, the ISP *has* to be the enforcer,  
since it has the direct contract with the end-users.  The NSP simply  
has a contract with the ISP.

-aDe

More information about the ietf-nntp mailing list