Dear FreeRadius users,
We have got a avery unique problem in our entire ISP (experimental
setup).
The problem is like this.
Our central billing server is located in location "A" and apart
from the central dialup node in
location "A", we also have two other nodes in location "B" and
location "C".
+---------+
| NAS |
+---------+
|
|
+----------------------+
| Centralised Billing |
| & Authentication | LOCATION "A"
| Server. |
| REMOTE RADIUS SERVER |
+----------------------+
/ \
/ \
+----------------/----------+ +-------\-----------------+
| / | | \ |
| +---------------------+ | | +---------------------+ |
| | PROXY RADIUS SERVER | | | | PROXY RADIUS SERVER | |
| | (Forwarding Server) | | | | (Forwarding Server) | |
| +---------------------+ | | +---------------------+ |
| | | | | |
| | | | | |
| +----------+ | | +--------+ |
| | NAS | | | | NAS | |
| +----------+ | | +--------+ |
| LOCATION "B" | | LOCATION "C" |
| | | |
+---------------------------+ +-------------------------+
Location "B" and location "C" forwards all the authentication
packets of the dial-up users to the
remote radius server located at "A". Location "A" authenticates
the user and sends the
access-accept or access-reject packet back to the two nodes i.e.,
either at location "B" and
location "C". Subsequently, if any users are authenticated at any
of the two nodes "B" or "C", a
detail file is created at the nodes as well as in the main remote
server at "A". Right now we are
using MySql for Authentication, Authorization and Accounting, and
this MySQL databse is in the
remote Radius Server at Location "A" where our billing server
bills the users accordingly.
As I have mentioned earlier, a detail file is created at the nodes
as well as in the remote
server. I am not having any problems as long as the link between
all the networks is up.
The problem arises when the link between location "A" and location
"B" or between location "A"
and location "C" is down.
Supposing a users connects at location "B". He is authenticated,
authorised and billing starts at
Location "A". The accounting database is updated with the
"start-entry" of the user at location
"A". Now while he is connected, the link between Location "A" and
location "B" fails. The
connected user, when he sees the link is down, disconnects from
the NAS. The detail file entry of
the user is updated in location "B", but since the link is down,
it could not send the "stop
entry" of the user to the central server at Location "A" nor it
could generate the detail file at
location "A". Due to this, the database is updated with stop-time
0.00 and the billing of the
user go on. Next time when he tries to login, when the link comes
up, he is denied access, as the
central server it is still showing the user as connected.
So how do I solve this problem? Is my setup is correct or there
are some other methods in Radius?
Atanu Das
System Develeopment
SS NetCom Pvt Ltd
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
