[RADIATOR] Delayed Stop Record and Active Sessions
Hugh Irvine
hugh at open.com.au
Sun Feb 23 03:05:03 CST 2014
Hello Rohan -
Depending on the actual delay, you may be able to do something clever with the timestamps.
regards
Hugh
On 22 Feb 2014, at 08:21, rohan.henry @cwjamaica.com <rohan.henry at cwjamaica.com> wrote:
> Thanks for the feedback Heikki.
>
> I am thinking that the suggestion would solve the problem but defeats the state limit function. It means that a connection would now become unique based on Acct-Session-Id which changes for every connection and would grant access to the same user multiple times since the new Acct-Session-Id will not allow a database match.
>
> Rohan
>
>
>
> On Wed, Feb 19, 2014 at 3:40 PM, Heikki Vatiainen <hvn at open.com.au> wrote:
> On 02/19/2014 09:22 PM, rohan.henry @cwjamaica.com wrote:
>
> > How can fix an issue where the DeleteQuery statement in my Sessions DB
> > config deletes the row for a new active session because of a delayed
> > Stop record?
>
> A quick idea: Do you think the DeleteQuery could be changed to include
> Acct-Session-Id in the query. That is, the NAS-Port, etc, and
> Acct-Session-Id must match the existing entry.
>
> If the session has been replaced, the delete will not match any rows
> because the new entry on the row it would otherwise match has a
> different session id that belongs to the new session.
>
> Please let us know how this works.
> Thanks,
> Heikki
>
>
> > Scenario:
> >
> > 1. A session is up (and row entered in the database for active session)
> > 2. The session is dropped because of a premature disconnection (eg.
> > modem line cable unplugged) but Stop record is delayed.
> > 3. New session is created after modem line cable is restored (and after
> > DeleteQuery statement removes database row for previous session)
> > 4. The delayed Stop record finally comes in - the DeleteQuery statement
> > now removes the row for the active session (An unwanted behavior).
> >
> > How do I compensate for the delayed Stop record that is causing active
> > session database records to be deleted?
>
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc.
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list