(RADIATOR) Discard queries based on attribute values

[Herman verschooten]

Robert,

We kind of solved is by adding Port-Limit=1.  In our case this makes
Redback refuse more connections from the same VP/VC, until the stuck
session has been removed.  The reason for the stuck sessions, is usually
an unclean logoff, no PPP tear-down.  We had a problem with users
assigned a fixed IP, they would sometimes get a dynamic... the stuck
session had the fixed IP, so when they opened a new session (we check
for concurrency in a special way), RB would refuse the fixed, since it
was still in use.

Cheers,

Herman verschooten

On Tuesday, Sep 16, 2003, at 22:09 Australia/Melbourne, Robert Blayzor 
wrote:

> I'm having a problem on our RADIUS cluster with PPPoE clients being 
> way to
> aggressive.  Sometimes when a user is shut off, the PVC in the DSL 
> network
> isn't turned down for some time and it leaves aggressive PPPoE clients
> trying to connect at a sometimes ungodly rate. (dozens per minute).  
> This
> litters our logs and creates a lot of unnecessary IO's to the backend,

> etc.
>
> I'm wondering what the best practice is to be able to discard these 
> requests
> before they even go to any handler, and to dump the packet/request
> completely without even logging it.  Well not discard these, but send 
> back
> an instant NAK to the NAS...
>
> I assume some PreHandlerHook (or PreClientHook) would be needed, but
is
> there an example how to?  ie:  Say I have a list of usernames in a 
> file that
> I want to discard on..
>
> --
> Robert Blayzor, BOFH
> INOC, LLC
> rblayzor at inoc.net
> PGP: http://www.inoc.net/~dev/
> Key fingerprint = A445 7D1E 3D4F A4EF 6875  21BB 1BAA 10FE 5748 CFE9
>
> Stock item: We shipped it once before, and we can do it again, 
> probably.
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.