(RADIATOR) NULL usernames in Radius Packets

Mahesh Neelakanta Mahesh at ifxcorp.com
Wed Oct 1 11:20:45 CDT 2003


Elias and Hugh,
 Thanks for your responses. We had though about this but what we are
getting is a Start Accounting packet (captured from radstock):

  NAS-IP-Address         Len  6         XX.XX.XX.XX
  NAS-Port-Id            Len  6         111
  NAS-Port-Type          Len  6         Async
  Acct-Status-Type       Len  6         Start
  Acct-Delay-Time        Len  6         75841
  Acct-Session-Id        Len 12         "432625102*"
  Acct-Authentic         Len  6         Local
  Idle-Timeout           Len  6         0
  Ascend-Modem-PortNo    Len  6         21
  Ascend-Modem-SlotNo    Len  6         7
  Ascend-Modem-ShelfNo   Len  6         1
  Calling-Station-Id     Len 12         "2122859024"
  Called-Station-Id      Len  6         "1111"

What is strange is the "Acct-Autentic" (Local?) and the
"Acct-Delay-Time" (over 21 hours). We believe this is definitely a local
RAS issue but are not sure what it could be. It's almost as if the RAS
has a HUGE backlog of old accounting which it is trying to re-send but
only sends a portion of the full information.

We did set "acct-drop-stop-on-auth-fail = no" to no avail.

mahesh

-----Original Message-----
From: Elias [mailto:elias at tmnet.com.my] 
Sent: Tuesday, September 30, 2003 11:10 PM
To: Mahesh Neelakanta
Cc: Hugh Irvine
Subject: Re: (RADIATOR) NULL usernames in Radius Packets


***********************
Your mail has been scanned by TMnet VirusWall.
***********************


Hi Mahesh,

We've had the same thing happen to us before. Its actually a
configuration
on the tnt boxes. If I remember correctly it will send an Stop
accounting
packet with a blank username if the line gets dropped prematurely
(before a
proper connection gets established).


- Elias -

----- Original Message ----- 
From: "Hugh Irvine" <hugh at open.com.au>
To: "Mahesh Neelakanta" <Mahesh at ifxcorp.com>
Cc: <radiator at open.com.au>
Sent: Wednesday, October 01, 2003 6:41 AM
Subject: Re: (RADIATOR) NULL usernames in Radius Packets


> ***********************
> Your mail has been scanned by TMnet VirusWall.
> ***********************
>
>
>
> Hello Mahesh -
>
> Unless you are using a RewriteUsername, Radiator does not do anything
> with the username. I suspect that the NAS is sending an empty
username,
> but without seeing a copy of your configuration file (no secrets) and
a
> trace 4 debug from Radiator showing what is happening it is not
> possible to say any more.
>
> regards
>
> Hugh
>
>
> On Wednesday, Oct 1, 2003, at 07:02 Australia/Melbourne, Mahesh
> Neelakanta wrote:
>
> > Hello,
> >  We are seeing the following error in radiator.log:
> >
> > Tue Sep 30 16:56:20 2003: ERR: do failed for 'insert into RADONLINE
> > (USERNAME, NASIDENTIFIER, NASPORT,ACCTSESSIONID, TIMESTAMP,
> > FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,CALLERID,CLIENTPORTDNIS)
> > values ('', 'XX.XX.XX.XX', 01071,'432626086', to_date('30 09 2003
> > 16:56:20', 'DD MM YYYY HH24:MI:SS'), '','Async',
> > '','2126823450','5000')': ORA-01400: cannot insert NULL into
> > ("RADIUS"."RADONLINE"."USERNAME") (DBD ERROR: OCIStmtExecute)
> >
> >  From what we can tell, the RAS XX.XX.XX.XX is sending us start or
stop
> > packets with no username. Is there something in the configuration
(on
> > the radiator side or the ras, which is a lucent tnt) which could
cause
> > this. My guess is that it is a RAS issue but we are not sure
what/why
> > this is occuring.
> >
> > mahesh
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>



===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list