[RADIATOR] Insert Accounting to BD Table.

Mohammed Alhaj Ali m.alhaj at itc.sa
Thu May 28 07:09:55 CDT 2015


Hi Sami,

System calculate the Session-Timeout biased on the account first login which rely on the Event-Timestamp, when it inserted on the  TIME_STAMP column on the DBN table, then it will check the account number of date to calculate account expiry and then it return this value to Session-Timeout,

Note that there's no problem for the account already active and having session-timeout configured, but for new subscription we did not get Event-Timestamp to be insert on the DB table.

Please let me know if you need any other information.

Thank you!








-----Original Message-----
From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of Sami Keski-Kasari
Sent: Thursday, May 28, 2015 1:54 PM
To: radiator at open.com.au
Subject: Re: [RADIATOR] Insert Accounting to BD Table.

Hello Mohammed,

I think that the error message is due your SQL query doesn't return anything to Expiration Check item and you have AddToReply Session-Timeout = "until Expiration" in configuration.

Could you tell us more how the system should work?
Who should/will update EXPIRATION field in database?

Best Regards,
 Sami

On 05/27/2015 11:32 AM, Mohammed Alhaj Ali wrote:
> Dears,
>
>
>
> Recently we had some change on our network, as we replaced cisco
> platform with Huawei BRAS, now we're unable to get prober accounting
> specially, when customer account are newly created so we can't get
> account activation on the first logging in order to calculate
> Session-timeout, below are the error logs plus the part of the
> configuration:
>
>
>
>
>
>
>
>
>
>
>
> ################################
>
>
>
> <AuthBy SQL>
>
>         AccountingTable DSL_ACCOUNTING
>
>         AcctColumnDef USERNAME,User-Name,%A
>
>         AcctColumnDef TIME_STAMP,Timestamp,integer
>
>         AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
>
>         AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
>
>         AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
>
>         AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>
>         AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>
>         AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
>
>         AcctColumnDef acctterminatecause, Acct-Terminate-Cause
>
>         AcctColumnDef NASIDENTIFIER,NAS-Identifier
>
>         AcctColumnDef NASPORT,NAS-Port,integer
>
>         AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>
>         #AcctInsertQuery insert into %0 (%1) values (%2)
>
>         AuthColumnDef 0,User-Password, check
>
>         AuthColumnDef 1,Expiration, check
>
>         AuthColumnDef 2,Simultaneous-Use, check
>
>         AuthColumnDef 3,Huawei-Domain-Name, reply
>
>         AuthColumnDef 4,GENERIC, reply
>
> AuthSelect select PASSWORD, to_char(EXPIRATION, 'yyyy-mm-dd
> HH24:MI:SS') Expiration, MAXSESSIONS, EXPIRATION_D "Huawei-Domain-Name" ,
> Session_Timeout   "Session-Timeout" from ITC_ACCOUNTS_H where
> upper(USERNAME)=upper('%n')
>
>         CachePasswordExpiry 86400
>
>         AddToReply Service-Type=Framed-User, Framed-Protocol=PPP,
> Framed-MTU=1492, Session-Timeout = "until Expiration"
>
> ConnectionAttemptFailedHook sub {my $self = shift;my $dbsource =
> shift;my $dbusername = shift;my $dbauth =
> shift;$self->log($main::LOG_ERR, "Could not connect to SQL database
> with
> DBI->connect $dbsource, $dbusername, $dbauth: $@ $DBI::errstr");}
>
>         DBSource dbi:ODBC:ORADB
>
>         DBUsername user
>
>   DBAuth password
>
>         DateFormat %b %e, %Y %H:%M
>
>         EAPAnonymous anonymous
>
>         EAPContextTimeout 1000
>
>         EAPFAST_PAC_Lifetime 7776000
>
>         EAPFAST_PAC_Reprovision 2592000
>
>         EAPTLS_MaxFragmentSize 2048
>
>         EAPTLS_PEAPVersion 1
>
>         EAPTLS_SessionResumption 1
>
>         EAPTLS_SessionResumptionLimit 43200
>
>         EAPTLS_VerifyDepth 1
>
>         FailureBackoffTime 600
>
>         Identifier HUW_POOL
>
>   NoConnectionsHook sub { my $self = shift;$self->log($main::LOG_ERR,
> "Could not connect to any SQL database. Request is ignored. Backing
> off for $self- >{FailureBackoffTime} seconds");}
>
>         NullPasswordMatchesAny 1
>
>         PasswordPrompt password
>
>         SIPDigestRealm DefaultSipRealm
>
>         Timeout 60
>
> </AuthBy>
>
>
>
>
>
>
>
> LOG:
>
>
>
> Wed May 27 09:09:39 2015: DEBUG: Handling request with Handler
> 'Realm=/^(512|1024|2048)\.itc\.net\.sa$/'
>
> Wed May 27 09:09:39 2015: DEBUG:  Deleting session for
> testhuawei at 2048.itc.net.sa, 87.101.255.184, 33554442
>
> Wed May 27 09:09:39 2015: DEBUG: Handling with Radius::AuthSQL:
> HUW_POOL
>
> Wed May 27 09:09:39 2015: DEBUG: Handling with Radius::AuthSQL:
> HUW_POOL
>
> Wed May 27 09:09:39 2015: DEBUG: Query is: 'select PASSWORD,
> to_char(EXPIRATION, 'yyyy-mm-dd HH24:MI:SS') Expiration, MAXSESSIONS,
> EXPIRATION_D "Huawei-Domain-Name" , Session_Timeout "Session-Timeout"
> from ITC_ACCOUNTS_H where
> upper(USERNAME)=upper('testhuawei at 2048.itc.net.sa')':
>
> Wed May 27 09:09:39 2015: DEBUG: Radius::AuthSQL looks for match with
> testhuawei at 2048.itc.net.sa [testhuawei at 2048.itc.net.sa]
>
> Wed May 27 09:09:39 2015: DEBUG: Radius::AuthSQL ACCEPT: :
> testhuawei at 2048.itc.net.sa [testhuawei at 2048.itc.net.sa]
>
> Wed May 27 09:09:39 2015: DEBUG: Session-Timeout="until ValidTo" was
> specified, but there was no ValidTo or Expiration check item for this
> user. Ignored.
>
> Wed May 27 09:09:39 2015: DEBUG: AuthBy SQL result: ACCEPT,
>
> Wed May 27 09:09:39 2015: DEBUG: Access accepted for
> testhuawei at 2048.itc.net.sa <mailto:testhuawei at 2048.itc.net.sa>
>
>
>
> Wed May 27 09:09:39 2015: ERR: There is no value named until
> Expiration for attribute Session-Timeout. Using 0.
>
>
>
> Wed May 27 09:09:39 2015: DEBUG: Packet dump:
>
> *** Sending to 87.101.255.184 port 1812 ....
>
>
>
> Mohammed Alhaj Ali
> Integrated Telecom Co. Ltd.
> Tel    : +966(11) 406-2222  Ext.2384
> Fax   : +966(11) 406-2221
> GSM  :
> m.alhaj at itc.sa <mailto:m.alhaj at itc.sa>
>
> <http://www.execloud.net>
>
> www.itc.sa <http://www.itc.sa>
>
>
>
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>


--
Sami Keski-Kasari <samikk at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator


More information about the radiator mailing list