[RADIATOR] RADIUS limit on accounting data
Michael Harlow
Michael.Harlow at utas.edu.au
Fri Jan 9 09:42:00 CST 2009
Hi Joe (and Martin), thanks for the pointer to the gigawords stuff. That goodies directory is a treasure trove if you know where to look.
I've got a couple of issues still, and I'm also now unable to test this until Monday.
Do you need to turn it on on Cisco switches and routers? Or is it default these days?
I use ClientListSQL and I cannot put a PreClientHook in there, but I think this was changed a couple of days ago, so I'll get the latest patch set applied again.
However using a PreClientHook means that every packet goes thru this hook, including Auth packets. I'd rather put it in the Handler that does just the accounting, as a PreProcessingHook, but I already have one (eap-anon-hook thingy). Is there a way to have two hooks in a Handler, or do I need to create a perl file, with both functions wrapped into a single perl subroutine?
>From reading some RFCs I can see that the gigawords stuff has an attribute value of 52 and 53 (34 and 35 hex?)
I did not see these gigwords in the debug for an "Alive" packet from earlier today, but I don't have a debug of a stop packet to see if it is in that packet until I get back to work.
The RFC says "This attribute indicates how many times the Acct-Output-Octets
counter has wrapped around 2^32 in the course of delivering this
service, and can only be present in Accounting-Request records
where the Acct-Status-Type is set to Stop or Interim-Update.
Cisco claim the Wism complies with this RFC 2869
Is not an "Alive" the same as an Interim-Update? Below is the alive that has wrapped past 4G.
#######################
Output octets should be about 4.8Gb in this debug
Viz
Packet length = 200
04 2e 00 c8 46 c5 a2 94 66 7e a9 b3 7c cf 63 e8
4a 4c 03 76 01 06 6d 69 6b 65 05 06 00 00 00 1d
04 06 ac 1f 03 02 08 06 0a c8 05 eb 20 08 57 69
73 6d 42 31 1a 0c 00 00 37 63 01 06 00 00 00 02
2c 20 34 39 36 36 39 31 62 39 2f 30 30 3a 31 62
3a 37 37 3a 39 33 3a 34 37 3a 39 38 2f 34 30 35
2d 06 00 00 00 01 40 06 00 00 00 0d 41 06 00 00
00 06 51 06 32 30 30 35 28 06 00 00 00 03 2a 06
07 d7 3c 7f 2b 06 03 9a b0 94 2f 06 00 19 1d 07
30 06 00 32 1a ec 2e 06 00 00 0d 67 29 06 00 00
00 00 1f 13 30 30 2d 31 62 2d 37 37 2d 39 33 2d
34 37 2d 39 38 1e 13 30 30 2d 31 37 2d 65 30 2d
30 63 2d 36 31 2d 36 30
Code: Accounting-Request
Identifier: 46
Authentic: F<197><162><148>f~<169><179>|<207>c<232>JL<3>v
Attributes:
User-Name = "mike"
NAS-Port = 29
NAS-IP-Address = 172.31.3.2
Framed-IP-Address = 10.200.5.235
NAS-Identifier = "WismB1"
Airespace-WLAN-Id = 2
Acct-Session-Id = "496691b9/00:1b:77:93:47:98/405"
Acct-Authentic = RADIUS
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 2005
Acct-Status-Type = Alive
Acct-Input-Octets = 131546239
Acct-Output-Octets = 60469396
Acct-Input-Packets = 1645831
Acct-Output-Packets = 3283692
Acct-Session-Time = 3431
Acct-Delay-Time = 0
Calling-Station-Id = "00-1b-77-93-47-98"
Called-Station-Id = "00-17-e0-0c-61-60"
########################
Cheers, Michael
-----Original Message-----
From: Joe Hughes [mailto:joeyconcrete at gmail.com]
Sent: Friday, 9 January 2009 8:45 PM
To: Michael Harlow
Cc: radiator at open.com.au
Subject: Re: [RADIATOR] RADIUS limit on accounting data
We use Cisco kit and, like you, I discovered the same issue early on!
I use 'gigawords-hook.pl' which sorts it out for you.
PreClientHook file:"%D/gigawords-hook.pl"
2009/1/9 Michael Harlow <Michael.Harlow at utas.edu.au>:
> Hi,
>
> I've struck an issue with my accounting data, where it wraps. Initially the database refused the INSERT once it exceeded a signed 4-byte integer (2Gb). I changed the database to bigint, and so it can now handle 8-byte integers. Now however it wraps at unsigned 4-byte integer (4G). I've traced it down to the value in the RADIUS packet coming into Radiator. My NAS is doing the wrap.
>
> Before I hassle the vendor (Cisco WiSM), does the RADIUS protocol allow for a larger accounting attribute, or does all NAS have this 4G limit?
More information about the radiator
mailing list