[RADIATOR] Delayed Stop Record and Active Sessions

rohan.henry @cwjamaica.com rohan.henry at cwjamaica.com
Fri Feb 21 15:21:21 CST 2014


Thanks for the feedback Heikki.

I am thinking that the suggestion would solve the problem but defeats the
state limit function. It means that a connection would now become unique
based on Acct-Session-Id which changes for every connection and would grant
access to the same user multiple times since the new Acct-Session-Id will
not allow a database match.

Rohan



On Wed, Feb 19, 2014 at 3:40 PM, Heikki Vatiainen <hvn at open.com.au> wrote:

> On 02/19/2014 09:22 PM, rohan.henry @cwjamaica.com wrote:
>
> > How can fix an issue where the DeleteQuery statement in my Sessions DB
> > config deletes the row for a new active session because of a delayed
> > Stop record?
>
> A quick idea: Do you think the DeleteQuery could be changed to include
> Acct-Session-Id in the query. That is, the NAS-Port, etc, and
> Acct-Session-Id must match the existing entry.
>
> If the session has been replaced, the delete will not match any rows
> because the new entry on the row it would otherwise match has a
> different session id that belongs to the new session.
>
> Please let us know how this works.
> Thanks,
> Heikki
>
>
> > Scenario:
> >
> > 1. A session is up (and row entered in the database for active session)
> > 2. The session is dropped because of a premature disconnection (eg.
> > modem line cable unplugged) but Stop record is delayed.
> > 3. New session is created after modem line cable is restored (and after
> > DeleteQuery statement removes database row for previous session)
> > 4. The delayed Stop record finally comes in - the DeleteQuery statement
> > now removes the row for the active session (An unwanted behavior).
> >
> > How do I compensate for the delayed Stop record that is causing active
> > session database records to be deleted?
>
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20140221/0d28aefb/attachment.html 


More information about the radiator mailing list