(RADIATOR) Ascend-Xmit-Rate problem
Romain Vergniol
romain.vergniol at cegedim.fr
Tue Jun 4 03:18:02 CDT 2002
Here is the trace 4 debug and the proxy config file.
The problem appears only with accounting requests.
Romain
=========================================================
Trace 4 debug
*** Received from 172.xxxxxxxxxxxxxx port 1027 ....
Code: Accounting-Request
Identifier: 102
Authentic: <3>G<12><205><215>s3y<200><191><6><221><139><143>w<159>
Attributes:
User-Name = "ADNZH0943 at teams.bak"
NAS-IP-Address = 172.xxxxxxxxxxxxxx
NAS-Port = 20103
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Id = "322590757"
Acct-Authentic = RADIUS
Acct-Session-Time = 72
Acct-Input-Octets = 24066
Acct-Output-Octets = 312231
Acct-Input-Packets = 726
Acct-Output-Packets = 678
Ascend-Disconnect-Cause = pppRcvTerminate
Ascend-Connect-Progress = prLanSessionUp
Ascend-Xmit-Rate = 28800
Ascend-Data-Rate = 26400
Ascend-PreSession-Time = 16
Ascend-Pre-Input-Octets = 377
Ascend-Pre-Output-Octets = 268
Ascend-Pre-Input-Packets = 8
Ascend-Pre-Output-Packets = 13
Ascend-First-Dest = xxxxxxxxxxx
Ascend-Modem-PortNo = 10
Ascend-Modem-SlotNo = 3
Calling-Station-Id = "915704200"
Called-Station-Id = "900800109"
Framed-Protocol = PPP
Framed-IP-Address = 172.yyyyyyyyyyyyyyyyy
Tue Jun 4 09:50:15 2002: DEBUG: Rewrote user name to ADNZH0943 at teams.bak
Tue Jun 4 09:50:15 2002: DEBUG: Rewrote user name to ADNZH0943 at teams.bak
Tue Jun 4 09:50:15 2002: DEBUG: Rewrote user name to ADNZH0943 at teams.bak
Tue Jun 4 09:50:15 2002: DEBUG: Rewrote user name to ADNZH0943 at teams.bak
Tue Jun 4 09:50:15 2002: DEBUG: Handling request with Handler
'Request-Type=Accounting-Request'
Tue Jun 4 09:50:15 2002: DEBUG: Deleting session for ADNZH0943 at teams.bak,
172.xxxxxxxxxxxxx, 20103
Tue Jun 4 09:50:15 2002: DEBUG: Handling with Radius::AuthRADIUS
Tue Jun 4 09:50:15 2002: WARNING: Invalid reply item Ascend-Xmit-Rate
ignored
Tue Jun 4 09:50:15 2002: DEBUG: Packet dump:
*** Sending to 172.zzzzzzzzzzzzz port 1646 ....
Code: Accounting-Request
Identifier: 108
Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Attributes:
User-Name = "ADNZH0943 at teams.bak"
NAS-IP-Address = 172.xxxxxxxxxxxxxxxx
NAS-Port = 20103
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Id = "322590757"
Acct-Authentic = RADIUS
Acct-Session-Time = 72
Acct-Input-Octets = 24066
Acct-Output-Octets = 312231
Acct-Input-Packets = 726
Acct-Output-Packets = 678
Ascend-Disconnect-Cause = pppRcvTerminate
Ascend-Connect-Progress = prLanSessionUp
Ascend-Xmit-Rate = 28800
Ascend-Data-Rate = 26400
Ascend-PreSession-Time = 16
Ascend-Pre-Input-Octets = 377
Ascend-Pre-Output-Octets = 268
Ascend-Pre-Input-Packets = 8
Ascend-Pre-Output-Packets = 13
Ascend-First-Dest = 224.0.1.22
Ascend-Modem-PortNo = 10
Ascend-Modem-SlotNo = 3
Calling-Station-Id = "915704200"
Called-Station-Id = "900800109"
Framed-Protocol = PPP
Framed-IP-Address = 172.yyyyyyyyyyyy
Timestamp = 1023177015
Tue Jun 4 09:50:15 2002: DEBUG: Handling with Radius::AuthRADIUS
Tue Jun 4 09:50:15 2002: WARNING: Invalid reply item Ascend-Xmit-Rate
ignored
Tue Jun 4 09:50:15 2002: DEBUG: Packet dump:
*** Sending to 172.wwwwwwww port 1646 ....
Code: Accounting-Request
Identifier: 129
Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Attributes:
User-Name = "ADNZH0943 at teams.bak"
NAS-IP-Address = 172.xxxxxxxxxxxx
NAS-Port = 20103
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Id = "322590757"
Acct-Authentic = RADIUS
Acct-Session-Time = 72
Acct-Input-Octets = 24066
Acct-Output-Octets = 312231
Acct-Input-Packets = 726
Acct-Output-Packets = 678
Ascend-Disconnect-Cause = pppRcvTerminate
Ascend-Connect-Progress = prLanSessionUp
Ascend-Xmit-Rate = 28800
Ascend-Data-Rate = 26400
Ascend-PreSession-Time = 16
Ascend-Pre-Input-Octets = 377
Ascend-Pre-Output-Octets = 268
Ascend-Pre-Input-Packets = 8
Ascend-Pre-Output-Packets = 13
Ascend-First-Dest = 224.0.1.22
Ascend-Modem-PortNo = 10
Ascend-Modem-SlotNo = 3
Calling-Station-Id = "915704200"
Called-Station-Id = "900800109"
Framed-Protocol = PPP
Framed-IP-Address = 172.yyyyyyyyyyyyyyy
Timestamp = 1023177015
Tue Jun 4 09:50:15 2002: DEBUG: Packet dump:
*** Received from 172.zzzzzzzzzzzz port 1646 ....
Code: Accounting-Response
Identifier: 108
Authentic: <227><28><186><142><16>h*<25><189>G<189>'<129><243>:<192>
Attributes:
User-Name = "ADNZH0943 at teams.bak"
NAS-IP-Address = 172.xxxxxxxxxxxx
NAS-Port = 20103
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Id = "322590757"
Acct-Authentic = RADIUS
Acct-Session-Time = 72
Acct-Input-Octets = 24066
Acct-Output-Octets = 312231
Acct-Input-Packets = 726
Acct-Output-Packets = 678
Ascend-Disconnect-Cause = pppRcvTerminate
Ascend-Connect-Progress = prLanSessionUp
Ascend-Data-Rate = 26400
Ascend-PreSession-Time = 16
Ascend-Pre-Input-Octets = 377
Ascend-Pre-Output-Octets = 268
Ascend-Pre-Input-Packets = 8
Ascend-Pre-Output-Packets = 13
Ascend-First-Dest = 224.0.1.22
Ascend-Modem-PortNo = 10
Ascend-Modem-SlotNo = 3
Calling-Station-Id = "915704200"
Called-Station-Id = "900800109"
Framed-Protocol = PPP
Framed-IP-Address = 172.yyyyyyyyyyyyyyy
Timestamp = 1023177015
User-Id = "ADNZH0943"
NAS-Identifier = "172.xxxxxxxxxxxxx"
User-Realm = "teams.bak"
Tue Jun 4 09:50:15 2002: DEBUG: Received reply in AuthRADIUS for req 108
from 172.xxxxxxxxxxxxxxx:1646
Tue Jun 4 09:50:15 2002: DEBUG: Packet dump:
*** Received from 172.xxxxxxxxxxx port 1646 ....
Code: Accounting-Response
Identifier: 129
Authentic: h'<165><1>DE<29><232>U~<150><190><203><185>3<181>
Attributes:
Tue Jun 4 09:50:15 2002: DEBUG: Received reply in AuthRADIUS for req 129
from 172.xxxxxxxxxxxxx :1646
Tue Jun 4 09:50:15 2002: DEBUG: Accounting accepted
Tue Jun 4 09:50:15 2002: DEBUG: Packet dump:
*** Sending to 172.xxxxxxxxxxxxxxport 1027 ....
Code: Accounting-Response
Identifier: 102
Authentic: <3>G<12><205><215>s3y<200><191><6><221><139><143>w<159>
Attributes:
User-Name = "ADNZH0943 at teams.bak"
NAS-IP-Address = 172.yyyyyyyyyyyyy
NAS-Port = 20103
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Id = "322590757"
Acct-Authentic = RADIUS
Acct-Session-Time = 72
Acct-Input-Octets = 24066
Acct-Output-Octets = 312231
Acct-Input-Packets = 726
Acct-Output-Packets = 678
Ascend-Disconnect-Cause = pppRcvTerminate
Ascend-Connect-Progress = prLanSessionUp
Ascend-Data-Rate = 26400
Ascend-PreSession-Time = 16
Ascend-Pre-Input-Octets = 377
Ascend-Pre-Output-Octets = 268
Ascend-Pre-Input-Packets = 8
Ascend-Pre-Output-Packets = 13
Ascend-First-Dest = 224.0.1.22
Ascend-Modem-PortNo = 10
Ascend-Modem-SlotNo = 3
Calling-Station-Id = "915704200"
Called-Station-Id = "900800109"
Framed-Protocol = PPP
Framed-IP-Address = 172.yyyyyyyyyyyyyyy
Timestamp = 1023177015
User-Id = "ADNZH0943"
NAS-Identifier = "172.xxxxxxxxxxxxxxxx"
User-Realm = "teams.bak"
User-Name = "ADNZH0943 at teams.bak"
========================================================
Proxy config file
Foreground
LogStdout
LogDir /usr/local/etc/radius
DbDir /usr/local/etc/radius
PidFile /etc/proxy_radius.pid
BindAddress 172.xxxxxxxxxxx
AuthPort 1645
AcctPort 1646
# Caractères invalides
RewriteUsername
s/.*['\x00-\x24\x27\x3B\x3C\x3E\x5E\x60\x7E-\xFF].*/username-has-invalid-cha
rs/
# Convert a MSN realm/user into user at realm
RewriteUsername s/^(.*)\/(.*)/$2\@$1/
# Convert toto.tata at xxteams.net into toto.tata at teams.net
RewriteUsername s/\b(.*\@).{2}(teams\.net|teams\.bak)\b/$1$2/i
# Convert toto.tata at teamsgr.net into toto.tata
RewriteUsername s/^([^@]+).teamsgr\.net/$1/i
<ClientListSQL>
DBSource dbi:mysql:xxxxxxxx
DBUsername xxxxxxxx
DBAuth xxxxxxxxxxx
FailureBackoffTime 20
</ClientListSQL>
<AuthBy RADIUS>
Identifier TOTORO
Host 172.xxxxxxxxxxx
RetryTimeout 15
Retries 3
IgnoreAccountingResponse
AcctPort 1646
Secret xxxxxxxxxxxx
LocalAddress 172.xxxxxxxxxx
</AuthBy>
# AuthBy special pour GlobalExtranet
# Reecriture du 'NAS-IP-ADDRESS' avec l'adresse IP du proxy de GE
# pour l'authentification en fonction du NAS.
# A virer des la migration vers la version 2.19
# qui permet de placer les 'StripFromRequest' et 'AddToRequest'
# dans un Handler ou un Realm.
<AuthBy LOADBALANCE>
Identifier GE
FailureBackoffTime 15
RetryTimeout 10
Retries 2
StripFromRequest NAS-IP-Address
AddToRequest NAS-IP-Address=%c
AddToReply User-Name=%n
<Host 172.xxxxxxx>
AuthPort 1645
AcctPort 1646
Secret xxxxxxxxxxxxx
</Host>
<Host 172.xxxxxxx>
AuthPort 1645
AcctPort 1646
Secret xxxxxxxxxxxxx
</Host>
</AuthBy>
<AuthBy LOADBALANCE>
Identifier LOCAL
FailureBackoffTime 15
RetryTimeout 10
Retries 2
AddToReply User-Name=%n
<Host 172.xxxxxxx>
AuthPort 1645
AcctPort 1646
Secret xxxxxxxxxxxxx
</Host>
<Host 172.xxxxxxx>
AuthPort 1645
AcctPort 1646
Secret xxxxxxxxxxxxxx
</Host>
</AuthBy>
<AuthLog SQL>
Identifier AUTHLOG2
DBSource dbi:mysql:xxxxxxxx
DBUsername xxxxxxxx
DBAuth xxxxxxxxxxx
FailureBackoffTime 20
LogSuccess 1
LogFailure 1
Table RADAUTHLOG
SuccessQuery INSERT into RADAUTHLOG values("%t","%n" , "%N" , "OK.
%u" )
FailureQuery INSERT into RADAUTHLOG values("%t","%n" , "%N" , "NOK.
%1 %u" )
</AuthLog>
# AuthLog spécial GE
# NAS = Adresse IP source du paquet
# et non 'NAS-IP-Address' du paquet
<AuthLog SQL>
Identifier AUTHLOG_GE
DBSource dbi:mysql:xxxxxxxx
DBUsername xxxxxxxx
DBAuth xxxxxxxxxxx
FailureBackoffTime 20
LogSuccess 1
LogFailure 1
Table RADAUTHLOG
SuccessQuery INSERT into RADAUTHLOG values("%t","%n" , "%c" , "OK.
%u" )
FailureQuery INSERT into RADAUTHLOG values("%t","%n" , "%c" , "NOK.
%1 (%N) %u" )
</AuthLog>
<AuthLog SQL>
Identifier AUTHLOG_INVALID
DBSource dbi:mysql:xxxxxxxx
DBUsername xxxxxxxx
DBAuth xxxxxxxxxxx
FailureBackoffTime 20
LogSuccess 1
LogFailure 1
Table RADAUTHLOG
FailureQuery INSERT into RADAUTHLOG values("%t","%n" , "%N" , "NOK.
%1 (Caractères invalides dans le login)" )
</AuthLog>
############################################################################
######################
########################################## <HANDLERS>
############################################
############################################################################
######################
# Scripts de fail-over
# Ne pas toucher
<Handler Request-Type=Access-Request,Realm=test.fr>
AuthBy LOCAL
</Handler>
<Handler Realm=test.cegedim>
AuthBy LOCAL
#AuthBy GE
AuthLog AUTHLOG2
</Handler>
####################
# Test ADSL FreeSP #
####################
<Handler Realm=/cegedim1.fsa|cegedim2.fsa/>
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername s/\%/\@/
#AuthBy LOCAL
<AuthBy RADIUS>
RetryTimeout 15
Retries 3
FailureBackoffTime 20
Host 172.xxxxxxxx
Secret xxxxxxxxxxxxxxx
AuthPort 1645
LocalAddress 172.xxxxxxxxx
</AuthBy>
</Handler>
<Handler User-Name=username-has-invalid-chars>
<AuthBy FILE>
Filename %D/users
</AuthBy FILE>
AuthLog AUTHLOG_INVALID
</Handler>
####################################################################
# AT&T
# Strip the realm (att.cegedim.fr, att.cegedim.com, att.cegedim.net)
<Handler Realm=/att.cegedim.fr|att.cegedim.com|att.cegedim.net/>
RewriteUsername s/^([^@]+).*/$1/
AuthBy LOCAL
AuthLog AUTHLOG2
</Handler>
####################################################################
# Teams.bak FreeSP
<Handler
Request-Type=Access-Request,NAS-IP-Address=172.xxxxxxx,Realm=teams.bak>
# Reecriture du realm (teams.bak => teams.net)
RewriteUsername s/^([^@]+).*/$1\@teams\.net/
AuthBy LOCAL
AuthLog AUTHLOG2
# PacketTrace
</Handler>
#####################################################################
# Accounting CISCO
<Handler
Request-Type=Accounting-Request,NAS-IP-Address=/172.xxxxxxx|172.xxxxxxx|172.
xxxxxxxxx/>
AuthBy LOCAL
</Handler>
#################################################
# Global-Extranet => Reecriture du Nas-IP-Address
<Handler
Request-Type=Access-Request,Client-Id=/194.xxxxxxx|194.xxxxxxx|195.xxxxxx|19
5.xxxxxxxxx/>
AuthBy GE
AuthLog AUTHLOG_GE
</Handler>
<Handler
Request-Type=Accounting-Request,Client-Id=/194.xxxxxxxx|194.xxxxxxxx|195.xxx
xxxxxx|195.xxxxxxxxxx/>
AuthBy GE
AuthBy TOTORO
</Handler>
##################################################
# Default
<Handler Request-Type=Accounting-Request>
AuthBy TOTORO
AuthBy LOCAL
</Handler>
<Handler Request-Type=Access-Request>
AuthBy LOCAL
AuthLog AUTHLOG2
</Handler>
<Handler>
DEFAULT Auth-Type = Reject
AuthLog AUTHLOG2
</Handler>
############################################################################
##################################################
############################################ </HANDLERS>
#####################################################################
############################################################################
##################################################
<Log SQL>
DBSource dbi:mysql:xxxxxxxx
DBUsername xxxxxxxx
DBAuth xxxxxxxxxxx
FailureBackoffTime 20
Trace 3
Table RADLOG
LogQuery insert into %3 (TIME_STAMP, PRIORITY, MESSAGE) values (%t,
%0,"Proxy : %2")
</Log>
<SNMPAgent>
Port 2002
BindAddress 172xxxxxxxxxx
ROCommunity xxxxxxxxx
</SNMPAgent>
<Monitor>
# Specifies the TCP port to use. Defaults to 9048
#Port 7777
#Port %{GlobalVar:monitorport}
# BindAddress allows you to bind to a different network address
# for multihomed hosts. Defaults to 0.0.0.0
BindAddress 172.xxxxxxxxxx
# You can have one or more AuthBy clauses or AuthBy parameters
# to specify how to authenticate connections. AuthByPolicy is also
# supported. If the last AuthBy returns ACCEPT, the connection
# is accepted. If the last AuthBy returns IGNORE, or there are
# no AuthBy, then fall back to the hardwired Username and
# Password parameters
# <AuthBy FILE>
# Filename ./users
# </AuthBy>
# This is the fallback username and password that clients must LOGIN
as
# if there are no AuthBy clauses, or they return IGNORE
Username xxxxxxxxxx
Password xxxxxxxxxxx
</Monitor>
<StatsLog SQL>
# You need to specify which database to connect to:
DBSource dbi:mysql:xxxxxxxx
DBUsername xxxxxxxx
DBAuth xxxxxxxxxxx
FailureBackoffTime 20
# The logging interval in seconds
Interval 300
# You can configure the SQL query to be used for each log.
# %0, %1 etc are replaced by each statistic, in alphabetical order
# of their name.This example just logs the time, object type, id and
# average responseTime
# InsertQuery insert into MYTABLE (TIME_STAMP, TYPE, ID, RESPONSETIME)
values (%0, %1, %2, %23)
</StatsLog>
----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: "Romain Vergniol" <romain.vergniol at cegedim.fr>; "Mailing-List Radiator"
<radiator at open.com.au>
Sent: Monday, June 03, 2002 10:54 PM
Subject: Re: (RADIATOR) Ascend-Xmit-Rate problem
>
> Salut Romain -
>
> Could you please send me a copy of the configuration file (no secrets),
> together with a trace 4 debug from Radiator showing what is going on?
>
> thanks
>
> Hugh
>
>
> On Mon, 3 Jun 2002 19:29, Romain Vergniol wrote:
> > Hello,
> >
> > I've got another problem with Radiator 3.1,
> > it seems that the attribute 'Ascend-Xmit-Rate' has become invalid....
> >
> > In my ' Log SQL' table, there are many messages saying :
> > 'Warning : "Invalid reply item Ascend-Xmit-Rate ignored"'
> >
> > This attribute is no longer logged into the accounting table.
> > I think I will come back to Radiator 3.0 until I find the solution.
> >
> > The dictionary is the same before and after the upgrade.
> >
> > Any ideas ?
> >
> > Romain Vergniol
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list