In article <[EMAIL PROTECTED]>,
Simon Byrnand <[EMAIL PROTECTED]> wrote:
>Yes, there is a proxy in between. I believe it runs "Enhanced Merit AAA
>Radius". Both the remote NAS's and the radius proxy are owned, located at,
>and run by the telco. (Anybody from New Zealand reading this will
>immediately know I'm talking about ipnet, and probably be rolling their
>eyes ;)
>
>So what is the retransmit schedule of a typical NAS ? Is there any standard
>or is it just generally accepted that a NAS should keep trying forever to
>get them through, or for some period of time ?
Hmm, not sure if there's a standard for it. Most NASes can have only
X outstanding requests, and they have a finite amount of memory ofcourse.
Lets see .. ah, a livingston portmaster retries accounting packets
up to 6 times (by default - you can increase it) with a 30 second interval.
Hmm, I would have though that was higher.
>I presume the radius proxy
>in question USUALLY tries at least 3 times, because I occasionally see an
>Acct-Delay-Time of 5 or 10, but that doesnt mean it ALWAYS does, of course,
>and its not clear whether that delay was due to retries between the NAS's
>(which are located all around the country) and the proxy, (located at a
>central telco installation) or the proxy and us.
True. That is almost impossible to find out.
>I mean that the times reported from radwtmp are always _less_ than those
>reported by detail in my situation, as usually the user also gets
>disconnected when problems are occuring with the accounting (pointing the
>finger even more at the telco's system) and when they reconnect checkrad is
>detecting a stuck session and zeroing their session time. Still *far* from
>ideal, but until the real problem is resolved I'll take the lower usage
>times of the two any day.
Is it possible that the telco's system is rebooting? In that case you
could ask them if they can forward accounting-on and accounting-off
packets .. if their software supports it, Cistron Radius for example
doesn't because those packets don't have a username thus no realm.
>Is there anything special that needs to be configured in radiusd (remember
>I'm still running cistron 1.6.4 at the moment) for it to recognise alive
>packets ? Or does it automatically know what to do about terminating a
>session when alive packets dont arrive ?
No, it doesn't know about alive packets other then that it updates
radutmp using them and logs them in the detail file.
The stuff I was talking about doesn't exist yet.
Mike.
--
"dselect has a user interface which scares small children"
-- Theodore Tso, on debian-devel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
