(RADIATOR) Problems with Session Database.

Hugh Irvine hugh at open.com.au
Wed May 16 07:52:10 CDT 2001 

Hello Shon -

At 14:02 -0400 15/5/01, Shon Stephens wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Alright, I know this is a much covered topic, but I'm still having
>some difficulty.
>I believe this is how Radiator should be working. I am using
><SessionDatabase SQL> and <AuthBy SQL>. Please tell me if this is
>incorrect.


Unfortunately your understanding is not helped by a slight error in the manual.


>The NAS sends an Auth-Request to Radiator. Radiator will execute the
>DeleteQuery "delete from RADONLINE where USERNAME='%n' and
>NASIDENITIFIER='%N' and NASPORT='%{Nas-Port}' This is to correct for
>dupes.

No. The DeleteQuery only uses the NAS and NAS-Port, not the username.


>Once this is done, it executes the CountQuery "select
>NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME =
>'%n'; If the number of unique sessions doesn't exceed the set limit,
>then the AuthSelect query is executed.

Correct.


>If the user authenticates
>correctly, Radiator will send an Auth-Accept back to the NAS. Which
>then (in most cases) will send an Acct-Start request. When this
>request is recieved, Radiator will then insert the Acct-Start data
>into the Accounting Database. It will also insert the session data
>into the SessionDB using the AddQuery "insert into RADONLINE
>(USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,
>TIME_STAMP,FRAMEDIPADDRESS,PORTYTPE,SERVICETYPE) values ('%n', '%N',
>'%{Nas-Port}', '%{Acct-Session-Id}', '%{Timestamp}',
>'%{Framed-IP-Address}', '%{Port-Type}', '%{Service-Type}')


Correct.


>I may have the order of the insert into Accounting and Session
>reversed. I am not sure. Either way, my session database never
>updates. Here is my configuration:
>
><SessionDatabase SQL>
>     Identifier DefaultSDB
>     DBSource dbi:mysql:radius:mysqlhost
>     DBUsername mysqluser
>     DBAuth password
>     AddQuery insert into sessions (username, time_stamp, session_id,
>\
>     nas_identifier, nas_port, framed_ip_addr) values ('%U', \
>     '%{GlobalVar:TimestampFormatted}', '%{Acct-Session-Id}', \
>     '%{NAS-Identifier}', '%{NAS-Port}', '%{Framed-IP-Address}')


Your AddQuery does not look correct to me (the GlobalVar....).


>     DeleteQuery delete from sessions where username='%U' and \
>     nas_identifier='%{NAS-Identifier}' and nas_port='%{NAS-Port}'
>     ClearNasQuery delete from sessions where nas_identifier= \
>     '%{NAS-Identifier}'
>     CountQuery select nas_identifier,nas_port,session_id from
>sessions \
>     where username='%U'
></SessionDatabase>
>
><Realm static.goamerica.net>
>     SessionDatabase DefaultSDB
>     MaxSessions 1
>   <AuthBy SQL>
>       DBSource dbi:mysql:radius:mysqlhost
>       DBUsername mysqluser
>       DBAuth password
>       Timeout 120
>       FailureBackoffTime  150
>       AuthSelect select password, check, reply from users where \
>       username='%U'
>       AuthColumnDef 0, User-Password, check
>       AuthColumnDef 1, GENERIC, check
>       AuthColumnDef 2, GENERIC, reply
>       AccountingTable accounting
>       DateFormat %x-%d%M%Y
>       AcctColumnDef username, User-Name, string
>       AcctColumnDef time_stamp, Timestamp, integer-date
>       AcctColumnDef status_type, Acct-Status-Type, integer
>       AcctColumnDef input_octets, Acct-Input-Octets, integer
>       AcctColumnDef output_octets, Acct-Output-Octets, integer
>       AcctColumnDef session_id, Acct-Session-Id, string
>       AcctColumnDef session_time, Acct-Session-Time, integer
>       AcctColumnDef terminate_cause, Acct-Terminate-Cause, integer
>       AcctColumnDef nas_identifier, NAS-Identifier, string
>       AcctColumnDef nas_port, NAS-Port, integer
>       AcctColumnDef framed_ip_addr, Framed-IP-Address, string
>   </AuthBy>
></Realm>
>
>I am using radpwtst to test this. To make sure that the entry is not
>deleted from the session database, I do not send an Acct-Stop. I also
>change my Nas-Port. However, even on the first attempt, without a
>Acct-Stop Request, Radiator never attempts to execute the AddQuery. I
>have looked at my Radiator log files. There are no errors reported. I
>have looked at the packet dumps. Everything appears good. When
>looking at the query logs on my SQL server, there is never an attempt
>to perform an insert into sessions. It just doesn't happen, no
>errors, no hiccups, just no session tracking. Why isn't this
>happening. I have looked at this a dozen times. Yes, my table names
>and formats are different from the default, but I compensate for this
>by changing the query statements in the radius.cfg file. Thanks for
>looking at this novel.

I would suggest two things: first - send me a copy of the 
configuration file (no secrets) together with a trace 4 debug so I 
can see what is happening. Second - set up a test system using the 
standard Radiator defaults and verify that it works correctly.

hth

Hugh

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list