(RADIATOR) Set Max Connect-Rate?

Hugh Irvine hugh at open.com.au
Thu Apr 7 05:33:00 CDT 2005


Hello Jason -

The support for this sort of behaviour is entirely NAS dependent and 
you will need to do some experiments with your equipment (in 
conjunction with the relevant documentation) to see what is supported 
and how to implement it.

I am not sure how this would work in any case, as the NAS has already 
negotiated the modem speed and established the low-level link long 
before it has started PPP and sent a subsequent radius request. This is 
possibly something you can do with pre-authentication if your NAS 
equipment supports it.

regards

Hugh


On 7 Apr 2005, at 04:11, Jason Haltom wrote:

> Hello all,
>
> I have been looking and looking and can not find all the info I need 
> for
> this.
>
> Is it possible to send a max connect rate back to a NAS?
>
> Here is the situation:  We run a dialup svc and some of our customers
> are connecting at speeds that are to fast for their own good.  We want
> to limit that speed on our end if possible, and is dependant on the
> user.
> I have looked at 13.1.15 Connect-Rate in the ref manual and tried to 
> set
> it up, but it is not working.
> Here is what my auth statement looks like
>
> <AuthBy SQL>
>   AccountingTable ACCOUNTING
>   AcctColumnDef USERNAME, User-Name
>   AcctColumnDef TIME_STAMP Timestamp, timestamp
>   AcctColumnDef ACCTSTATUSTYPE, Acct-Status-Type
>   AcctColumnDef ACCTDELAYTIME, Acct-Delay-Time, integer
>   AcctColumnDef ACCTINPUTOCTETS, Acct-Input-Octets, integer
>   AcctColumnDef ACCTOUTPUTOCTETS, Acct-Output-Octets, integer
>   AcctColumnDef ACCTSESSIONID, Acct-Session-Id
>   AcctColumnDef ACCTSESSIONTIME, Acct-Session-Time, integer
>   AcctColumnDef ACCTTERMINATECAUSE, Acct-Terminate-Cause
>   AcctColumnDef NASIDENTIFIER, NAS-IP-Address
>   AcctColumnDef NASPORT, NAS-Port, integer
>   AcctColumnDef FRAMEDIPADDRESS, Framed-IP-Address
>   AcctColumnDef CONNECTINFO, Connect-Info
>   AcctColumnDef CALLERID, Calling-Station-Id
>   AcctColumnDef CALLEDID, Called-Station-Id
> AuthSelect select PASSWORD, IDLETIME, MAXLOGTIME, CONNECTRATE from
> SUBSCRIBERS where USERNAME='%n' and STATE!='1'
>   AuthColumnDef 0, Password, check
>   AuthColumnDef 1, Idle-Timeout, reply
>   AuthColumnDef 2, Session-Timeout, reply
> AuthColumnDef 3, Connect-Rate, reply
>   DBAuth ideatek
>   DBSource dbi:mysql:radius
>   DBUsername root
>   FailureBackoffTime 30
>   Identifier accounting
>   Timeout 30
> </AuthBy>
>
> For our test setup, our database has CONNECTRATE of 28800.
>
> With "AuthColumnDef 3, Connect-Rate, reply" when connecting the logs
> show "Invalid reply item Connect-Rate ignored"
> So I tried "AuthColumnDef 3, Connect-Rate, check" and I get connection
> rejected with this in the logs "Access rejected for
> jason at ideateksystems.com: Connect-Rate 28800 does not allow a speed of
> 52000 LAPM/V42BIS"
>
> We are using a Portmaster-3 with ComOS 3.8.2c2 and from my 
> understanding
> it has the capability.  Shouldn’t the max rate be a reply as it is
> telling the NAS to not negotiate anything below that?
>
> Any hints or ideas?
>
> Thanks,
> Jason
>
> -- 
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.9.3 - Release Date: 4/5/2005
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list