(RADIATOR) FW: As requested.
Martin Edge
martinedge at kbs.net.au
Thu Sep 5 19:59:11 CDT 2002
Hey Hugh,
This is the reply from my supplier :-
The ID of a RADIUS packet is a 1 byte field, range 1-255. It's set by
the NAS so it's likely that different NAS's will set the same ID at the
same time. When proxying, the proxy-state attribute is added and this
becomes the new unique "ID" of the packet from the Proxy -> Customer
RADIUS perspective. If decoding the proxy-state you would see info like
NAS IP, RADIUS packet ID, Username, DNIS and a few other fields that
make the packet unique (perhaps a little excessive).
So I guess my next question is, would it be more effective for the
Proxy-State attribute to become the new identifier, and how would I go about
implementing it as the unique identifier in a packet. (Given the range of
the standard Identifier being so small)
Thanks,
Martin
-----Original Message-----
From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au]On
Behalf Of Hugh Irvine
Sent: Friday, September 06, 2002 10:13 AM
To: Martin Edge
Cc: Radiator
Subject: Re: (RADIATOR) FW: As requested.
Hello Martin -
As Toomas mentioned (thanks Toomas), it is the Identifier 167 that is
used to detect duplicates during the DupInterval that is defined for
this Client. The DupInterval is a sliding window in time within which
identical Identifiers are considered to be duplicates.
Note that this is the definition from the RFC.
regards
Hugh
On Thursday, September 5, 2002, at 05:16 PM, Martin Edge wrote:
> Hey Guys,
>
> On what conditions does a packet appear to Radiator as Duplicate?
>
> Below I attach two RADIUS packets I received, within 1 second of each
> other.
> Of course, the second packet was said to be duplicated, but the packets
> themselves would show they are completely different..
>
> Thanks,
> Martin :-)
>
> ------------------ FIRST PACKET IN ------------------------
> Thu Sep 5 00:14:46 2002: DEBUG: Packet dump:
> *** Received from 203.194.56.121 port 1813 ....
> Code: Accounting-Request
> Identifier: 167
> Authentic: h<254>]<166>V<243>.<18><245>V<248><0>Y<236><211>v
> Attributes:
> NAS-IP-Address = 203.220.252.241
> NAS-Port = 7204
> NAS-Port-Type = Async
> Called-Station-Id = "142330886300424"
> Calling-Station-Id = "886324356"
> Acct-Status-Type = Alive
> Acct-Authentic = RADIUS
> Service-Type = Framed-User
> Acct-Session-Id = "0009E3D8"
> Framed-Protocol = PPP
> Ascend-Session-Svr-Key = "AA9D6ABD"
> Acct-Link-Count = 1
> Ascend-Num-In-Multilink = 1
> Acct-Multi-Session-Id = "25972"
> Framed-IP-Address = 203.220.230.249
> Ascend-PreSession-Time = 24
> Ascend-Pre-Input-Octets = 157
> Ascend-Pre-Output-Octets = 113
> Ascend-Pre-Input-Packets = 5
> Ascend-Pre-Output-Packets = 4
> Acct-Input-Octets = 706094
> Acct-Output-Octets = 2766801
> Acct-Input-Packets = 5904
> Acct-Output-Packets = 5436
> Acct-Session-Time = 2286
> Ascend-Multilink-ID = 25972
> Acct-Delay-Time = 0
> User-Name = "andym"
> Proxy-State =
>
BSP2ims01-syd/72480B24F09399CB54AE56B24540BA02B5A54B62BCBA8CA37CCA09027797F0
> 3488D35E66BCBA8CADB716F56D71F9EC12
> 430FB8C3BCA889FA4DB97DF311AEA447CFE22D4ED3DCB5B22B8D68F213EE81
>
> Thu Sep 5 00:14:46 2002: DEBUG: Handling request with Handler ''
> Thu Sep 5 00:14:46 2002: DEBUG: mysessiondb Adding session for andym,
> 203.220.252.241, 7204
> Thu Sep 5 00:14:46 2002: DEBUG: do query is: delete from RADONLINE
> where
> NASIDENTIFIER='203.220.252.241' and NASPORT=07204
> ------------------- FIRST PACKET END -----------------------
>
> ------------------- FIRST PACKET RESPONSE START ------------
> Thu Sep 5 00:14:46 2002: DEBUG: Accounting accepted
> Thu Sep 5 00:14:46 2002: DEBUG: Packet dump:
> *** Sending to 203.194.56.121 port 1813 ....
> Code: Accounting-Response
> Identifier: 167
> Authentic: h<254>]<166>V<243>.<18><245>V<248><0>Y<236><211>v
> Attributes:
> Proxy-State =
>
BSP2ims01-syd/72480B24F09399CB54AE56B24540BA02B5A54B62BCBA8CA37CCA09027797F0
> 3488D35E66BCBA8CADB716F56D71F9EC12
> 430FB8C3BCA889FA4DB97DF311AEA447CFE22D4ED3DCB5B22B8D68F213EE81
> ------------------- FIRST PACKET RESPONSE STOP -------------
>
> ------------------- SECOND PACKET START---------------------
> Thu Sep 5 00:14:47 2002: DEBUG: Packet dump:
> *** Received from 203.194.56.121 port 1813 ....
> Code: Accounting-Request
> Identifier: 167
> Authentic: <2>I<136>PA<3>s<244>{<30>k<191><143>hN<196>
> Attributes:
> Acct-Session-Id = "00003541"
> Framed-Protocol = PPP
> Framed-IP-Address = 203.220.218.5
> Ascend-Connect-Progress = prLanSessionUp
> Ascend-PreSession-Time = 36
> Ascend-Xmit-Rate = 33600
> Ascend-Data-Rate = 33600
> Acct-Session-Time = 12200
> Connect-Info = "33600 V34+/V42bis/LAPM"
> Acct-Input-Octets = 817119
> Acct-Output-Octets = 4990544
> Ascend-Pre-Input-Octets = 122
> Ascend-Pre-Output-Octets = 114
> Acct-Input-Packets = 9177
> Acct-Output-Packets = 11655
> Ascend-Pre-Input-Packets = 5
> Ascend-Pre-Output-Packets = 5
> Acct-Terminate-Cause = Session-Timeout
> Ascend-Disconnect-Cause = sessTimeOut
> Acct-Authentic = RADIUS
> Acct-Status-Type = Stop
> NAS-Port = 7241
> Called-Station-Id = "142320198333414"
> Calling-Station-Id = "891881736"
> NAS-Port-Type = Async
> Service-Type = Framed-User
> NAS-IP-Address = 203.220.251.113
> Ascend-Session-Svr-Key = "EE3451F2"
> Event-Timestamp = 1031148888
> Acct-Delay-Time = 0
> User-Name = "noseeds"
> Proxy-State =
>
BSP2ims01-syd/7685C184EE7199F2CBEA363B01DDDD1E321B84656D6D2109E1F70235F83144
> 1D0F6D91616D6D21E52A2BF9E7FE5F5856
> C4B14B386D7F2682D08476F99E081003485CE249020B18CAB6B06CF98B543D307C
> Thu Sep 5 00:14:47 2002: INFO: Duplicate request id 167 received from
> 203.194.56.121(1813): ignored
> ------------------- SECOND PACKET STOP ---------------------
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list