(RADIATOR) tunnel accounting requests from CVX malformated

Mike McCauley mikem at open.com.au
Tue Apr 27 18:55:57 CDT 2004 

Hello Andreas,

There was a problem with tag unpacking in versions prior to 3.4. This was 
fixed in 3.4 and works correctly in the latest version.

Cheers.


On Tue, 27 Apr 2004 11:15 pm, Andreas.Waibel at colt.de wrote:
> Hi colleagues,
>
> we are assigning L2TP tunnel targets dynamically to a CVX-1800 via RADIATOR
> (version 3.3). Generally this works fine, but now we are observing some
> formatting problems with accounting records containing L2TP tunneling AVPs
> stemming from a CVX-1800. Tagged tunnel AVPs seem improperly formatted and
> so they are in the resulting details. While this does not directly affect
> the functionality, it is clearly ugly, so maybe anybody knows how to fix
> it?
>
>
> As can be seen in the example log below, the tagged format of the tunnel
> AVPs is fine in the packets sent to the CVX. However the first character of
> some AVP values in the accounting record returned by the CVX is appearantly
> interpreted by RADIATOR as a tag and replaced by the ASCII code + ":". So
> maybe it is sent by the CVX without tag and this confuses RADIATOR? Is
> there any problem with the tag engine of RADIATOR for tunnel accounting
> records, or is it rather a bug in the CVX?
>
> best regards
>
> Andreas
>
> -------------------------------------
> Andreas Waibel
> system engineer IP Network Architecture
> mailto:andreas.waibel at colt.de
>
> COLT Telecom GmbH
> Herriotstrasse 4
> D-60528 Frankfurt am Main
> Fon:     +49 (0) 69 / 56606 - 6570
> Fax:      +49 (0) 69 / 56606 - 6350
>
>
> -------------------------
> *** Received from 192.68.55.7 port 1812 ....
> Code:       Access-Accept
> Identifier: 3
> Authentic:  <*><*><*><*>
> Attributes:
>         Tunnel-Type = 1:L2TP
>         Tunnel-Medium-Type = 1:IP
>         Tunnel-Server-Endpoint = 1:192.93.75.39
>         Tunnel-Assignment-ID = 1:192.93.75.39
>
> Tue Apr 27 14:14:36 2004: DEBUG: Received reply in AuthRADIUS for req 3
> from
>
> 192.188.79.7:1812
> Tue Apr 27 14:14:36 2004: DEBUG: Access accepted for COLT/user1
> Tue Apr 27 14:14:36 2004: DEBUG: Packet dump:
> *** Sending to 292.121.151.13 port 2048 ....
> Code:       Access-Accept
> Identifier: 181
> Authentic:  <*><*><*><*>
> Attributes:
>         Tunnel-Type = 1:L2TP
>         Tunnel-Medium-Type = 1:IP
>         Tunnel-Server-Endpoint = 1:192.93.75.39
>         Tunnel-Assignment-ID = 1:192.93.75.39
>
> Tue Apr 27 14:14:36 2004: DEBUG: Packet dump:
> *** Received from 292.121.151.13 port 2048 ....
> Code:       Accounting-Request
> Identifier: 18
> Authentic:  <*><*><*><*>
> Attributes:
>         Acct-Status-Type = Tunnel-Start
>         NAS-IP-Address = 292.121.151.13
>         Acct-Delay-Time = 0
>         Tunnel-Type = 0:L2TP
>         Tunnel-Medium-Type = 0:IP
>         Tunnel-Client-Endpoint = 50:92.121.151.13
>         Tunnel-Server-Endpoint = 49:92.93.75.39
>         Tunnel-ID = 76:ocal ID=0x0e0e, Remote ID=0x0e0e
>         Connect-Info = "0 0 unknown"
>
> Tue Apr 27 14:14:36 2004: DEBUG: Handling request with Handler
> 'Request-Type=Accounting-Request'
> Tue Apr 27 14:14:36 2004: DEBUG: Packet dump:
> *** Received from 292.121.151.13 port 2048 ....
> Code:       Accounting-Request
> Identifier: 20
> Authentic:  <*><*><*><*>
> Attributes:
>         Acct-Status-Type = Tunnel-Link-Start
>         NAS-IP-Address = 292.121.151.13
>         Acct-Delay-Time = 0
>         Service-Type = Framed-User
>         NAS-Port = 17892882
>         Acct-Session-Id = "000941A7"
>         Tunnel-Type = 0:L2TP
>         Tunnel-Medium-Type = 0:IP
>         Tunnel-Client-Endpoint = 50:92.121.151.13
>         Tunnel-Server-Endpoint = 49:92.93.75.39
>         Tunnel-ID = 76:ocal=0x0e0e/0x0e0e, Remote=0x0e0e/0x0e0e
>         Connect-Info = "64000 64000 isdn64K"
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list