AAA - accounting start-stop and start-only

When deploying AAA with an external AAA server such as RADIUS or TACACS+, the aaa accounting command is used. With this command, there are several options concerning when to send accounting information.

In particular, the start-stop and start-only keywords can be used. According to Cisco's CLI command reference, linked below, these are their functions:

start-stop - Sends a “start” accounting notice at the beginning of a process and a “stop” accounting notice at the end of a process. The “start” accounting record is sent in the background. The requested user process begins regardless of whether the “start” accounting notice was received by the accounting server. stop-only - Sends a stop accounting record for all cases including authentication failures regardless of whether the aaa accounting send stop-record authentication failure command is configured.

The choice of which to use depends on your specific requirements for tracking and recording network activity. If you only need to know when a process has ended, stop-only should suffice. But if you need to track the entire lifecycle of a process, from start to finish, you would use start-stop.

Links:

https://forum.networklessons.com/t/aaa-and-802-1x-authentication/1153/40?u=lagapidis

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a1.html#wp3330656416