(RADIATOR) Strange MySQL error.

Hugh Irvine hugh at open.com.au
Thu Sep 19 01:21:16 CDT 2002 

Hello Greg -

Does Radiator operate correctly the rest of the time?

And could you please send me a more complete trace 4 debug from 
Radiator showing the startup sequence and several requests thereafter, 
including access requests and accounting requests.

regards

Hugh


On Wednesday, September 18, 2002, at 07:16 PM, Greg Wildman wrote:

> Hi all,
>
> I am struggling with a MySQL error in the AuthSQL section. Let me shed
> some more light on my situation.
>
> I am in the process up upgrading our Radius server from version 2.16.1
> to 3.3.1. The new server is running Red Hat 7.3 with the following
> package versions.
>
> Radiator-3.3.1-1
> mysql-3.23.49-3
> perl-DBI-1.21-1
> perl-DBD-MySQL-1.2219-6
>
> The actual MySQL server located on the same switched network is also
> running version 3.23.49. It is currently configured for 300 max
> concurrent sessions.
>
> During my testing using radpwtest I get the following errors in my
> radiator logfile and then usually followed by LDAP failure errors.
>
> DBD::mysql::st fetchrow failed: fetch() without execute() at
> /usr/lib/perl5/site_perl/5.6.1/Radius/SqlDb.pm line 253.
> DBD::mysql::st fetchrow failed: fetch() without execute() at
> /usr/lib/perl5/site_perl/5.6.1/Radius/SqlDb.pm line 253.
>
>
> I have looked in the SqlDb.pm and can see that the function getOneRow 
> is
> called and seems to be failing because the connection has failed. I
> suspected that the "persistent" connection had closed for whatever
> reason at the time of the fetch().
>
> I hashed out the <SessionDatabase SQL> section of my config, restarted
> radiator and the problem persisted, so I unhashed my changes and then
> hashed out the <Auth SQL> section. My problem disappeared after a
> restart. The catch is that this section if necessary for auditing
> purposes.
>
> I run mytop on the MySQL server during my tests but the server never 
> has
> more than 40 open connection (of a possible 300) and only 2 are active
> at any one time. Another thing I noticed was that the connection from
> radiator lasts only 10 seconds before it closes and another one opens.
> The errors I get in the logfile "seem" to only happed on the first
> radpwtest after I stop testing for a few minutes.
>
> My config is as follows:
>
> <Handler Realm=XYZ>
>    #Continue trying to authenticate while rejected.
>    #SQL will force reject.
>    AuthByPolicy    ContinueWhileReject
>
>    # This will always reject, we use it to update the SQL server.
>    # Use the SQL database to only store accounting information.
>    <AuthBy SQL>
>       Identifier   vISP_accounting
>       DBSource    dbi:mysql:radius_db:db.some.server.net
>       DBUsername   radius
>       DBAuth       secret
>
>       Timeout      15
>       FailureBackoffTime 2
>
>       #Delete any possible broken sessions from the session DB
>       AuthSelect DELETE FROM RADONLINE WHERE USERNAME='%n' AND
> TIME_STAMP+1800 < %t
>
>       AccountingTable ACCOUNTING
>       AcctColumnDef   USERNAME,User-Name
>       AcctColumnDef   TIME_STAMP,Timestamp,integer
>       AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
>       AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
>       AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
>       AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>       AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>       AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
>       AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
>       AcctColumnDef   NASIDENTIFIER,NAS-IP-Address
>       AcctColumnDef   NASPORT,NAS-Port,integer
>       AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
>   </AuthBy>
>
>   # Now for the real authentication. If it fails here then the user is
> out of luck.
>   <AuthBy LDAP2>
>       DefaultSimultaneousUse  1
>
>       Host            localhost
>       Port            389
>       BaseDN          ou=radius,o=example,c=com
>       Version         2
>       HoldServerConnection
>
>       #LDAP Asstributes
>       UsernameAttr            uid
>       EncryptedPasswordAttr   userpassword
>       CheckAttr               check
>
>       AddToReply Service-Type=Framed-User,\
>            Framed-Protocol=PPP,\
>            Framed-IP-Address=255.255.255.254
>   </AuthBy>
> </Handler>
>
>
> Anybody had similar problems? Is there any way of tracing the MySQL
> calls or getting more debug than level 5?
>
> --
> Greg
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list