(RADIATOR) Multiple IP Windows Installation stops listening on Auth/Acct Ports
Will MacHugh
wmachugh-lists at eltopia.com
Wed Aug 24 08:09:44 CDT 2005
We are currently running Radiator 3.13 on Windows 2k Server SP 4 with
PERL 5.6.1 attached to a MS-SQL 2000 database. We operate 2 physical
radius servers (Dell 1650's) with 3 IP's each running their own instance
of radiator. (Six active 'virtual' radius servers)
The primary IP interface on each each physical machine runs a 'radius
proxy' of sorts that does nothing more than recieve requests from
multiple radius clients, and based on realm, DNIS, and color of my
cracker jack moon ring decoder, routes the auth and acct packets to an
appropriate server. Our primary Auth mechanism for this is SQLRadius.
The secondary and tertiary radiator instances on these machine do
auth/acct for my customers using simple database lookups.
Occasionally without warning, changes, and generally during times when I
least want to be bothered (generally when I'm clutching to the shambled
idea of my non-existant social life, or worse yet, trying to sleep), the
'Proxy' radius servers quit listening to requests by 'some' ips. I use
NTRadPing on the radius server itself and get no response. Even when I
have the debug trace level set to 4, I don't get any response. Not even
a friendly 'unauthorized client' message or the like. The machine will
take 'some' requests from machines but it seems to just halt
occasionally. What's crazy is the secondary machine does exactly the
same thing at exactly the same time which would lead me to believe I
have something screwed up in my network.What strains my noodle and the
infallible logic of my 'Magic 8-Ball' (http://8ball.ofb.net/) is that we
have made no network changes in months. Then, after staring staring at
the configs and listening the the crying, whining and bitching of my
users for roughly 4 or 5 hours, everything just starts working again as
if by magic.
In general, I probably wouldn't have posted this to the list and would
keep trying to narrow things down to some physical error in my network
or ip stack but after talking to Hugh Irvine yesterday, I got the
impression that my problem is not unique and that others have
experienced similar drama on their Windows boxes. If anybody has similar
experiece and can offer direction I would surely appriciate it.
Anybody with information leading to my missing social life will be
awarded a Magic 8-Ball and a box of cracker jacks.
Thanks,
Will MacHugh
----------------------------------------------------------
The Configs (don't laugh.... I'm an amature and I bruise easily)
# Network Configuration File
# Last Updated 12/11/2004 Will MacHugh
# C:\>perl c:\perl\bin\radiusd -config_file "c:\program
files\radiator\network.cfg"
#Foreground
#LogStdout
LogDir c:/Program Files/Radiator
DbDir c:/Program Files/Radiator
LogFile %L/network.log
AuthPort 1812
AcctPort 1813
BindAddress 10.0.0.1
DictionaryFile %D/dictionary
Trace 3
<AuthLog SQL>
Identifier SQLLogger
DBSource dbi:ODBC:dbRadiator
DBUsername radiator
DBAuth mypassword
LogFailure 1
LogSuccess 1
FailureQuery sp_RadLog_Insert 0,'%c',%3,'%u',%1,'%Y-%m-%d
%H:%M:%S','%{Called-Station-Id}','%{Calling-Station-Id}','%{Acct-Session-Id}',0%{Reply:Session-Timeout},'Network'
SuccessQuery sp_RadLog_Insert 1,'%c',%3,'%u',%1,'%Y-%m-%d
%H:%M:%S','%{Called-Station-Id}','%{Calling-Station-Id}','%{Acct-Session-Id}',0%{Reply:Session-Timeout},'Network'
</AuthLog>
<SessionDatabase SQL>
Identifier SQLSession
DBSource dbi:ODBC:dbRadiator
DBUsername radiator
DBAuth mypassword
AddQuery sp_Session_Add '%u','%1', %2, %3, '%Y-%m-%d
%H:%M:%S','%{Framed-IP-Address}','%{NAS-Port-Type}','%{Service-Type}','%{Called-Station-Id}','%{Calling-Station-Id}'
DeleteQuery sp_Session_Delete '%1', 0%2
ClearNasQuery sp_Session_ClearNas '%N'
CountQuery sp_Session_Count '%u'
</SessionDatabse>
<SessionDatabase NULL>
Identifier NULLSDB
</SessionDatabase>
<AuthBy SQL>
Identifier SQLAccounting
DBSource dbi:ODBC:dbRadiator
DBUsername radiator
DBAuth mypassword
IgnoreAuthentication
HandleAcctStatusTypes Stop
AcctSQLStatement sp_Accounting_Insert
'%u','%W','%F',0%{Acct-Input-Octets},0%{Acct-Output-Octets},'%{Acct-Session-Id}',0%{Acct-Session-Time},'%{Ascend-Disconnect-Cause}','%{Ascend-Data-Rate}','%{Ascend-Xmit-Rate}','%{NAS-IP-Address}','%{Framed-IP-Address}','%{Called-Station-Id}','%{Calling-Station-Id}','%c','Network'
</AuthBy>
<AuthBy SQLRADIUS>
Identifier ForwardToProxy
DBSource dbi:ODBC:dbRadiator
DBUsername radiator
DBAuth mypassword
HostSelect spSQLRadius '%R', '%{Called-Station-Id}', %0, 1
HostColumnDef 0, Host
HostColumnDef 1, Secret
HostColumnDef 2, AuthPort
HostColumnDef 3, AcctPort
HostColumnDef 4, Retries
HostColumnDef 5, RetryTimeout
HostColumnDef 6, UseOldAscendPasswords
HostColumnDef 7, ServerHasBrokenPortNumbers
HostColumnDef 8, ServerHasBrokenAddresses
HostColumnDef 9, IgnoreReplySignature
HostColumnDef 10, FailurePolicy
HostColumnDef 11, RewriteUsername
HostColumnDef 12, StripFromReply
HostColumnDef 13, AddToReply
LocalAddress 10.0.0.1
NumHosts 2
Host 10.0.0.2,10.0.0.3
<Host 10.0.0.2>
Secret mysecret
AuthPort 1812
AcctPort 1813
</Host>
<Host 10.0.0.3>
Secret mysecret
AuthPort 1812
AcctPort 1813
</Host>
</AuthBy>
<AuthBy INTERNAL>
Identifier AuthInternal
AuthResult ACCEPT
AcctStartResult ACCEPT
AcctStopResult ACCEPT
DefaultResult ACCEPT
</AuthBy>
<ClientListSQL>
DBSource dbi:ODBC:dbRadiator
DBUsername radiator
DBAuth mypassword
GetClientQuery sp_GetClients
</ClientListSQL>
<Handler Acct-Status-Type = Alive>
SessionDatabase NULLSDB
AuthByPolicy ContinueAlways
AuthBy AuthInternal
</Handler>
<Handler Acct-Status-Type = /Start|Stop/>
SessionDatabase SQLSession
AuthByPolicy ContinueAlways
AuthBy SQLAccounting
#AuthBy AuthInternal
AuthBy ForwardToProxy
</Handler>
<Handler>
SessionDatabase SQLSession
AuthByPolicy ContinueAlways
AuthLog SQLLogger
#AuthBy AuthInternal
AuthBy ForwardToProxy
</Handler>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list