(RADIATOR) Session DB question

David Miller dmiller at newportnet.com
Fri Sep 7 16:10:05 CDT 2001 

 Recently installed radiator (radiator-2.18.3-2.noarch.rpm) on RedHat 7.1.
We are testing radiator using IBM DB2 database (ver7.2), and the database
schema as outlined in the goodies directory of the distribution
documentation. Using SessionDB, the RADONLINE table does not seem to be
getting correctly updated following an Accounting Stop packet (unless I
totally misunderstand what is suppose to happen). The user is not removed
from the RADONLINE table. Below is the simple configuration file we are
using, and a trace of a single Authentication Request and Accounting-Start,
followed by an Accounting-Stop packet sent using radpwtst.
 The construction of the delete query is interesting: it uses the username
(dmiller) as the NAS Identifier. Is this correct?

Configuration file
-----------------------------------------
# radius.cfg
#

#=====================
# Global Parameters
#=====================
LogDir /var/log/radius
DbDir /etc/radiator/raddb

AuthPort 1812
AcctPort 1813

# User a low trace level in production systems. Increase
# it to 4 or 5 for debugging, or use the -trace flag to radiusd
# Trace 3
Trace 5

#===============
# test clients
#===============
<Client 204.250.116.122>
    Secret xxxxxxx
</Client>

<Client 127.0.0.1>
    Secret xxxxxxx
</Client>

#==================
# Session Database
#==================
<SessionDatabase SQL>
    Identifier  SessionDB
    DBSource dbi:DB2:radius
    DBUsername xxxxxxx
    DBAuth   xxxxxx
</SessionDatabase SQL>

#==================
# Realms
#==================
<Realm DEFAULT>
    # Only allow one login
    MaxSessions 1

    # Session Database to use
    SessionDatabase SessionDB

    # Authorization handlers
    <AuthBy SQL>
 DBSource dbi:DB2:radius
 DBUsername xxxxxx
 DBAuth xxxxxx

 # Tailor these for your ACCOUNTING table
 AccountingTable ACCOUNTING
 AcctColumnDef USERNAME,User-Name
 AcctColumnDef TIME_STAMP,Timestamp,integer
 AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
 AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
 AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
 AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
 AcctColumnDef ACCTSESSIONID,Acct-Session-Id
 AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
 AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
 AcctColumnDef NASIDENTIFIER,NAS-Identifier
 AcctColumnDef NASPORT,NAS-Port,integer
 AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address

 # Log accounting to a file if the SQL insert fails
 AcctFailedLogFileName %L/missedaccounting
    </AuthBy>

</Realm>

-----------------------------------------
Trace 5 debug
-----------------------------------------
Fri Sep  7 12:56:15 2001: INFO: Server started: Radiator 2.18.3 on
dns3.newportnet.com
Fri Sep  7 12:56:45 2001: DEBUG: Packet dump:
*** Received from 204.250.116.122 port 1046 ....

Packet length = 93
01 7f 00 5d 31 32 33 34 35 36 37 38 39 30 31 32
33 34 35 36 01 09 64 6d 69 6c 6c 65 72 06 06 00
00 00 02 04 06 cc fa 74 7a 05 06 00 00 04 d2 1e
0b 31 32 33 34 35 36 37 38 39 1f 0b 39 38 37 36
35 34 33 32 31 3d 06 00 00 00 00 02 12 9c fd 3a
c1 d6 32 04 f6 bc 38 09 a0 d8 7d 78 99
Code:       Access-Request
Identifier: 127
Authentic:  1234567890123456
Attributes:
 User-Name = "dmiller"
 Service-Type = Framed-User
 NAS-IP-Address = 204.250.116.122
 NAS-Port = 1234
 Called-Station-Id = "123456789"
 Calling-Station-Id = "987654321"
 NAS-Port-Type = Async
 User-Password = "<156><253>:<193><214>2<4><246><188>8<9><160><216>}x<153>"

Fri Sep  7 12:56:45 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Sep  7 12:56:45 2001: DEBUG: SessionDB Deleting session for dmiller,
204.250.116.122, 1234
Fri Sep  7 12:56:45 2001: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='dmiller' and NASPORT=01234

Fri Sep  7 12:56:45 2001: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='dmiller'

Fri Sep  7 12:56:45 2001: DEBUG: Handling with Radius::AuthSQL
Fri Sep  7 12:56:45 2001: DEBUG: Handling with Radius::AuthSQL:
Fri Sep  7 12:56:45 2001: DEBUG: Query is: select PASSWORD from SUBSCRIBERS
where USERNAME='dmiller'

Fri Sep  7 12:56:45 2001: DEBUG: Radius::AuthSQL looks for match with
dmiller
Fri Sep  7 12:56:45 2001: DEBUG: Radius::AuthSQL ACCEPT:
Fri Sep  7 12:56:45 2001: DEBUG: Access accepted for dmiller
Fri Sep  7 12:56:45 2001: DEBUG: Packet dump:
*** Sending to 204.250.116.122 port 1046 ....

Packet length = 20
02 7f 00 14 8e ae c2 63 ef 98 f6 55 77 7b 67 af
1b 37 e8 09
Code:       Access-Accept
Identifier: 127
Authentic:  1234567890123456
Attributes:

Fri Sep  7 12:56:45 2001: DEBUG: Packet dump:
*** Received from 204.250.116.122 port 1046 ....

Packet length = 91
04 80 00 5b 86 2c 72 07 11 25 25 79 e7 e9 16 54
05 52 78 48 01 09 64 6d 69 6c 6c 65 72 06 06 00
00 00 02 04 06 cc fa 74 7a 05 06 00 00 04 d2 3d
06 00 00 00 00 2c 0a 30 30 30 30 31 32 34 31 28
06 00 00 00 01 1e 0b 31 32 33 34 35 36 37 38 39
1f 0b 39 38 37 36 35 34 33 32 31
Code:       Accounting-Request
Identifier: 128
Authentic:  <134>,r<7><17>%%y<231><233><22>T<5>RxH
Attributes:
 User-Name = "dmiller"
 Service-Type = Framed-User
 NAS-IP-Address = 204.250.116.122
 NAS-Port = 1234
 NAS-Port-Type = Async
 Acct-Session-Id = "00001241"
 Acct-Status-Type = Start
 Called-Station-Id = "123456789"
 Calling-Station-Id = "987654321"

Fri Sep  7 12:56:45 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Sep  7 12:56:45 2001: DEBUG: SessionDB Adding session for dmiller,
204.250.116.122, 1234
Fri Sep  7 12:56:45 2001: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='dmiller' and NASPORT=01234

Fri Sep  7 12:56:45 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('dmiller',
'204.250.116.122', 01234, '00001241', 999892605, '', 'Async', 'Framed-User')

Fri Sep  7 12:56:45 2001: DEBUG: Handling with Radius::AuthSQL
Fri Sep  7 12:56:45 2001: DEBUG: Handling accounting with Radius::AuthSQL
Fri Sep  7 12:56:45 2001: DEBUG: do query is: insert into ACCOUNTING
  (USERNAME, TIME_STAMP, ACCTSTATUSTYPE, ACCTSESSIONID, NASPORT)
  values
  ('dmiller', 999892605, 'Start', '00001241', 1234)

Fri Sep  7 12:56:45 2001: DEBUG: Accounting accepted
Fri Sep  7 12:56:45 2001: DEBUG: Packet dump:
*** Sending to 204.250.116.122 port 1046 ....

Packet length = 20
05 80 00 14 25 b2 ed 70 1b 10 de 6d 6e 83 d3 2a
7f 29 d9 17
Code:       Accounting-Response
Identifier: 128
Authentic:  <134>,r<7><17>%%y<231><233><22>T<5>RxH
Attributes:

Fri Sep  7 12:56:52 2001: DEBUG: Packet dump:
*** Received from 204.250.116.122 port 1046 ....

Packet length = 115
04 81 00 73 02 86 8c c3 82 e9 01 07 3a 45 af 7e
51 95 86 54 01 09 64 6d 69 6c 6c 65 72 06 06 00
00 00 02 04 06 cc fa 74 7a 05 06 00 00 04 d2 3d
06 00 00 00 00 2c 0a 30 30 30 30 31 32 34 31 28
06 00 00 00 02 1e 0b 31 32 33 34 35 36 37 38 39
1f 0b 39 38 37 36 35 34 33 32 31 29 06 00 00 00
00 2e 06 00 00 03 ef 2a 06 00 00 4e 27 2b 06 00
00 75 37
Code:       Accounting-Request
Identifier: 129
Authentic:  <2><134><140><195><130><233><1><7>:E<175>~Q<149><134>T
Attributes:
 User-Name = "dmiller"
 Service-Type = Framed-User
 NAS-IP-Address = 204.250.116.122
 NAS-Port = 1234
 NAS-Port-Type = Async
 Acct-Session-Id = "00001241"
 Acct-Status-Type = Stop
 Called-Station-Id = "123456789"
 Calling-Station-Id = "987654321"
 Acct-Delay-Time = 0
 Acct-Session-Time = 1007
 Acct-Input-Octets = 20007
 Acct-Output-Octets = 30007

Fri Sep  7 12:56:52 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Sep  7 12:56:52 2001: DEBUG: SessionDB Deleting session for dmiller,
204.250.116.122, 1234
Fri Sep  7 12:56:52 2001: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='dmiller' and NASPORT=01234

Fri Sep  7 12:56:52 2001: DEBUG: Handling with Radius::AuthSQL
Fri Sep  7 12:56:52 2001: DEBUG: Handling accounting with Radius::AuthSQL
Fri Sep  7 12:56:52 2001: DEBUG: do query is: insert into ACCOUNTING
  (USERNAME, TIME_STAMP, ACCTSTATUSTYPE, ACCTDELAYTIME, ACCTINPUTOCTETS,
ACCTOUTPUTOCTETS, ACCTSESSIONID, ACCTSESSIONTIME, NASPORT)
  values
  ('dmiller', 999892612, 'Stop', 0, 20007, 30007, '00001241', 1007, 1234)

Fri Sep  7 12:56:52 2001: DEBUG: Accounting accepted
Fri Sep  7 12:56:52 2001: DEBUG: Packet dump:
*** Sending to 204.250.116.122 port 1046 ....

Packet length = 20
05 81 00 14 6d 11 82 c1 93 a7 62 56 2b cd e0 87
4c 8f e1 45
Code:       Accounting-Response
Identifier: 129
Authentic:  <2><134><140><195><130><233><1><7>:E<175>~Q<149><134>T
Attributes:


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list