[RADIATOR] Clearing stale user sessions

Michael ringo at vianet.ca
Fri May 11 01:12:01 UTC 2018


Eric,

This missing Accounting-Stop is also a big problem for me.  When using 
usage billing, it means lost usage/bandwidth calculations. When using 
max time usage, it's lost time.  When using maximum simultaneous, it 
means new sessions cannot log back in.  One here and there is a problem 
for that individual case, but when I have a VPDN tunnel on the back side 
of the LNS quit and hundreds of pppoe sessions drop, I seem to have a 
ton of missing Stop packets.  I don't even yet know where they go and 
I'm not sure what's happening.

To battle this problem, i first setup Alive packets to constantly update 
my active session database.  Usage, current time, and other stuff is 
updated every 30 minutes.  I have a scripted process that scans the 
online data and if a sessions last-updated timestamp gets older than 30 
minutes, it is possibly a dead session.  The process gathers all dead 
sessions, snmp queries the lns's to verify that they are in fact gone, 
and then as Hugh suggested bellow, sends a fake Accounting-Stop using 
radpwtst containing the last known Acct-IN/OUTput-Octets, a fake 
Acct-Terminate-Cause=session-lost reason, a calculated current_time - 
last_updated_time = Acct-Delay-Time, and everything else i need in the 
Stop.  With this delay time, the end result is a Stop packet is produced 
for current system time - Delay and therefore ends up being as close as 
you're gonna get with regards to usage and time.  The time the session 
was last known and confirmed to be online.

Was quite the complicated process, and very customized, but very necessary.


Michael



On 05/10/2018 07:11 PM, Hugh Irvine wrote:
> Hello Eric -
>
> You should be able to use the “Delete” button in the “Current sessions” page.
>
> See section 10 in the “user_help.pdf” guide in the “doc” directory of the Radmin distribution.
>
> Otherwise, yes you could fake up an Accounting-Stop request using “radpwtst” in the Radiator distribution.
>
> regards
>
> Hugh
>
>
>> On 10 May 2018, at 22:04, Eric W. Bates <ericx at whoi.edu> wrote:
>>
>> On 5/9/2018 6:25 PM, Hugh Irvine wrote:
>>> Hello Eric -
>>> Where do you want to remove stale sessions?
>>> RADUSAGE is where accounting data is stored.
>>> Current sessions are normally stored in the RADONLINE table.
>>> Do you mean remove entries from the RADONLINE table?
>>> regards
>>> Hugh
>> I was guessing which table.
>>
>> I occasionally have users on an ASA vpn who sometimes exceed their "maximum simultaneous connection limit" simply because the session stop message was lost. I want to clear those "open" sessions somehow.
>>
>> Create an artificial "stop" record?
>> Delete the original "start" record?
>> Push a button in Radmin?
>>
>> Thanks.
>>
>>>> On 10 May 2018, at 01:05, Eric W. Bates <ericx at whoi.edu> wrote:
>>>>
>>>> Is there an easy way to close clearly stale user sessions?
>>>>
>>>> Do I have to delete the record from RADUSAGE with the matching ACCTSESSIONID?
>>>>
>>>> -- 
>>>> Clark 159a, MS 46
>>>> 508/289-3112
>>>>
>>>> _______________________________________________
>>>> radiator mailing list
>>>> radiator at lists.open.com.au
>>>> http://lists.open.com.au/mailman/listinfo/radiator
>>> --
>>> Hugh Irvine
>>> hugh at open.com.au
>>> Radiator: the most portable, flexible and configurable RADIUS server
>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>> DIAMETER, SIM, etc.
>>> Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
>> -- 
>> Clark 159a, MS 46
>> 508/289-3112
>
> --
>
> Hugh Irvine
> hugh at open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER, SIM, etc.
> Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
>
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> http://lists.open.com.au/mailman/listinfo/radiator



More information about the radiator mailing list