[RADIATOR] Accounting records are not written to database

rohan.henry at cwjamaica.com rohan.henry at cwjamaica.com
Mon Nov 5 16:30:44 CST 2012


Hugh,

re: server crash see config and log files attached.

Rohan

On Sat, 3 Nov 2012 09:06:44 +1100
 Hugh Irvine <hugh at open.com.au> wrote:
>
>Hello Rohan -
>
>The easiest way to do this is to store only the Stop records, and calculate the start time from the attributes present in the accounting stop request.
>
>Something like this (the value is in epoch seconds):
>
>	Timestamp - Acct-Session-Time - Acct-Delay-Time
>
>For the crash I will need to see the logfile that immediately precedes it together with the configuration file you are using.
>
>regards
>
>Hugh
>
>
>On 3 Nov 2012, at 02:24, <rohan.henry at cwjamaica.com> wrote:
>
>> Hugh,
>> 
>> Now that records are being written to the database, I want a single record per session that includes both Stop and Start times like below.
>> 
>> User_Name, NAS_IP_Address, NAS_Port, Framed_IP_Address, Acct_Start_Time, Acct_Stop_Time, Acct_Session_ID
>> jwilliams12 208.138.43.123 805306450 72.27.33.224 Nov 2, 2012 12:21:04 AM Nov 2, 2012 1:21:16 AM, erx TenGigabitEthernet 3/0/0.37:123-82:1830880926
>> 
>> So the record is added to the accounting database at the end of a session and includes both Stop and Start times.
>> 
>> Added to that is the issue I have where Radiator crashes when I try to use the Simultaneous-Use features.
>> 
>> Thanks.
>> 
>> On Fri, 2 Nov 2012 17:46:58 +1100
>> Hugh Irvine <hugh at open.com.au> wrote:
>>> 
>>> Hello Rohan -
>>> 
>>> Can you please explain exactly what you are trying to do?
>>> 
>>> It is normal for you to get two records in your accounting table, as that is what you have configured.
>>> 
>>> If you can tell us what you are trying to achieve we will be able to make sensible suggestions.
>>> 
>>> regards
>>> 
>>> Hugh
>>> 
>>> 
>>> On 2 Nov 2012, at 09:38, <rohan.henry at cwjamaica.com> wrote:
>>> 
>>>> Thanks Michael,
>>>> 
>>>> 
>>>> 
>>>> I was able to go further with the advice using the AuthByPolicy and AuthBy GROUP under the existing Handler. Only that two records are added to my accounting database for a single session - one at Start and one at Stop.
>>>> 
>>>> <Handler NAS-Identifier="Juniper_E320_2">
>>>>       AddToRequest SERVICESTATUS = ACTIVE
>>>>       SessionDatabase SQLSDB
>>>> #       MaxSessions 1
>>>>       RejectHasReason
>>>> 
>>>> AuthByPolicy ContinueAlways
>>>>   AuthBy SQLAccounting
>>>>       <AuthBy GROUP>
>>>>                       AuthByPolicy ContinueWhileIgnore
>>>>                               AuthBy xDSL
>>>>               </AuthBy>
>>>> 
>>>> 
>>>> Regards,
>>>> 
>>>> Rohan
>>>> 
>>>> 
>>>> 
>>>> On Thu, 01 Nov 2012 17:45:18 -0400
>>>> 
>>>> Michael  wrote:
>>>> 
>>>>> Looks like your "AuthBy xDSL" is accepting, therefore since the default AuthByPolicy is ContinueWhileIgnore, it will stop at the xDSL authby and the "AuthBy SQLAccounting" is not processed.
>>>> 
>>>>> 
>>>> 
>>>>> I personally handle accounting in a separate handler.  To me, handling accounting and authorization in the same handler is tricky.
>>>> 
>>>>> 
>>>> 
>>>>> 
>>>> 
>>>>> 
>>>> 
>>>>> Michael
>>>> 
>>>>> 
>>>> 
>>>>> 
>>>> 
>>>>> 
>>>> 
>>>>> 
>>>> 
>>>>> On 01/11/12 05:07 PM, rohan.henry at cwjamaica.com wrote:
>>>> 
>>>>>> Hugh,
>>>> 
>>>>>> 
>>>> 
>>>>>> Config and logs attached.
>>>> 
>>>>>> 
>>>> 
>>>>>> 
>>>> 
>>>>>> And the application crashed when testing Simultaneous-Use for both configurations below.
>>>> 
>>>>>> 
>>>> 
>>>>>> In my AuthBy config:
>>>> 
>>>>>> "DefaultSimultaneousUse 1" With "AuthAttrDef     Simultaneous-Use,Simultaneous-Use,check"
>>>> 
>>>>>> 
>>>> 
>>>>>> Or
>>>> 
>>>>>> 
>>>> 
>>>>>> In my Handler:
>>>> 
>>>>>> MaxSessions 1
>>>> 
>>>>>> 
>>>> 
>>>>>> 
>>>> 
>>>>>> 
>>>> 
>>>>>> On Fri, 2 Nov 2012 07:19:09 +1100
>>>> 
>>>>>> Hugh Irvine  wrote:
>>>> 
>>>>>>> Hello Rohan -
>>>> 
>>>>>>> 
>>>> 
>>>>>>> We will need to see the configuration file (no secrets) together with a trace 4 debug showing what is happening.
>>>> 
>>>>>>> 
>>>> 
>>>>>>> regards
>>>> 
>>>>>>> 
>>>> 
>>>>>>> Hugh
>>>> 
>>>>>>> 
>>>> 
>>>>>>> 
>>>> 
>>>>>>> On 2 Nov 2012, at 05:53,  wrote:
>>>> 
>>>>>>> 
>>>> 
>>>>>>>> Hello,
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> Why doesn't the following work?
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> Identifier SQLAccounting
>>>> 
>>>>>>>> DBSource dbi:mysql:inetdb_test
>>>> 
>>>>>>>> DBUsername inet
>>>> 
>>>>>>>> DBAuth inet at inetdb
>>>> 
>>>>>>>> #Disable SQL authentication
>>>> 
>>>>>>>> AuthSelect
>>>> 
>>>>>>>> HandleAcctStatusTypes Start,Stop
>>>> 
>>>>>>>> AccountingTable ARCH_ACCOUNTING
>>>> 
>>>>>>>> AcctColumnDef USER_NAME,User-Name
>>>> 
>>>>>>>> AcctColumnDef ACCT_START_TIME,Timestamp,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_STOP_TIME,Timestamp,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_STATUS_TYPE,Acct-Status-Type,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_DELAY_TIME,Acct-Delay-Time,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_INPUT_OCTETS,Acct-Input-Octets,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_OUTPUT_OCTETS,Acct-Output-Octets,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_SESSION_ID,Acct-Session-Id
>>>> 
>>>>>>>> AcctColumnDef ACCT_SESSION_TIME,Acct-Session-Time,integer
>>>> 
>>>>>>>> AcctColumnDef ACCT_TERMINATE_CAUSE,Acct-Terminate-Cause,integer
>>>> 
>>>>>>>> AcctColumnDef FRAMED_IP_ADDRESS,Framed-IP-Address
>>>> 
>>>>>>>> AcctColumnDef NAS_IDENTIFIER,NAS-Identifier
>>>> 
>>>>>>>> AcctColumnDef NAS_PORT,NAS-Port,integer
>>>> 
>>>>>>>> AcctColumnDef CALLED_STATION_ID,Called-Station-Id
>>>> 
>>>>>>>> AcctColumnDef CALLING_STATION_ID,Calling-Station-Id
>>>> 
>>>>>>>> SQLRecoveryFile %L/sqlaccounting.sql
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> Specifying the following in my Handler does not work. I don't even see any trace in my logs set at level 4 or 5.
>>>> 
>>>>>>>> AuthBy SQLAccounting
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> However my sessions database work with the following.
>>>> 
>>>>>>>> SessionDatabase SQLSDB
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> Thanks much.
>>>> 
>>>>>>>> 
>>>> 
>>>>>>>> Regards,
>>>> 
>>>>>>>> Rohan
>>>> 
>>>>>>>> _______________________________________________
>>>> 
>>>>>>>> radiator mailing list
>>>> 
>>>>>>>> radiator at open.com.au
>>>> 
>>>>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>> 
>>>>>>> 
>>>> 
>>>>>>> --
>>>> 
>>>>>>> 
>>>> 
>>>>>>> Hugh Irvine
>>>> 
>>>>>>> hugh at open.com.au
>>>> 
>>>>>>> 
>>>> 
>>>>>>> Radiator: the most portable, flexible and configurable RADIUS server
>>>> 
>>>>>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>>> 
>>>>>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>>>> 
>>>>>>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>>> 
>>>>>>> DIAMETER etc.
>>>> 
>>>>>>> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>>> 
>>>>>>> 
>>>> 
>>>>>> Rohan Henry
>>>> 
>>>>>> Server Administrator
>>>> 
>>>>>> LIME
>>>> 
>>>>>> Phone (876) 936-4819
>>>> 
>>>>>> Mobile (876) 997-0729
>>>> 
>>>>>> 
>>>> 
>>>>>> 
>>>> 
>>>>>> _______________________________________________
>>>> 
>>>>>> radiator mailing list
>>>> 
>>>>>> radiator at open.com.au
>>>> 
>>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>> 
>>>> 
>>>> 
>>>> Rohan Henry
>>>> 
>>>> Server Administrator
>>>> 
>>>> LIME
>>>> 
>>>> Phone (876) 936-4819
>>>> 
>>>> Mobile (876) 997-0729
>>>> 
>>>> _______________________________________________
>>>> radiator mailing list
>>>> radiator at open.com.au
>>>> http://www.open.com.au/mailman/listinfo/radiator
>>> 
>>> 
>>> --
>>> 
>>> Hugh Irvine
>>> hugh at open.com.au
>>> 
>>> Radiator: the most portable, flexible and configurable RADIUS server 
>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
>>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>> DIAMETER etc. 
>>> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>> 
>> 
>> Rohan Henry
>> Server Administrator
>> LIME
>> Phone (876) 936-4819
>> Mobile (876) 997-0729
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
>--
>
>Hugh Irvine
>hugh at open.com.au
>
>Radiator: the most portable, flexible and configurable RADIUS server 
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>DIAMETER etc. 
>Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>

Rohan Henry
Server Administrator
LIME
Phone (876) 936-4819
Mobile (876) 997-0729
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radius.cfg.txt
Url: http://www.open.com.au/pipermail/radiator/attachments/20121105/0aaec86c/attachment-0002.txt 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radius log.txt
Url: http://www.open.com.au/pipermail/radiator/attachments/20121105/0aaec86c/attachment-0003.txt 


More information about the radiator mailing list