(RADIATOR) Discard queries based on attribute values

Hugh Irvine hugh at open.com.au
Tue Sep 16 18:45:24 CDT 2003 

Hello Robert -

This is really a problem with the PPPoE clients, not Radiator. This 
topic has been discussed on the list before and the consensus of 
opinion is that it is better to apply filters rather than NAK'ing. The 
reason for this of course is that a NAK will not stop the requests.

See the mail from Joao Pedro Goncalves <joaop at co.sapo.pt> describing 
his solution.

regards

Hugh


On Tuesday, Sep 16, 2003, at 22:09 Australia/Melbourne, Robert Blayzor 
wrote:

> I'm having a problem on our RADIUS cluster with PPPoE clients being 
> way to
> aggressive.  Sometimes when a user is shut off, the PVC in the DSL 
> network
> isn't turned down for some time and it leaves aggressive PPPoE clients
> trying to connect at a sometimes ungodly rate. (dozens per minute).  
> This
> litters our logs and creates a lot of unnecessary IO's to the backend, 
> etc.
>
> I'm wondering what the best practice is to be able to discard these 
> requests
> before they even go to any handler, and to dump the packet/request
> completely without even logging it.  Well not discard these, but send 
> back
> an instant NAK to the NAS...
>
> I assume some PreHandlerHook (or PreClientHook) would be needed, but is
> there an example how to?  ie:  Say I have a list of usernames in a 
> file that
> I want to discard on..
>
> --
> Robert Blayzor, BOFH
> INOC, LLC
> rblayzor at inoc.net
> PGP: http://www.inoc.net/~dev/
> Key fingerprint = A445 7D1E 3D4F A4EF 6875  21BB 1BAA 10FE 5748 CFE9
>
> Stock item: We shipped it once before, and we can do it again, 
> probably.
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list