Hi Hugh,
I have configured the Radiator Radius successfully in AIX4.3.1 but it is
taking a lot of resources ( 80-90% of CPU by perl-radiator ). This causes
Radiator to stop responding to "Start" accounting packets though it
responds to the "Stop" accounting packets. I need to "kill -HUP
radiusd.pid" to have it accept the logins again. And everything resumes to
normal once again until it stops accepting logins again. Though when it is
in operation it runs well.
I have gone through the Performance & Tuning Section of the manual as
well.
Here are my radius.cfg and users file:
#radius.cfg
Foreground
#LogStdout
#Trace 3
PidFile %L/radiusd.pid
AuthPort 1645
AcctPort 1646
LogDir /var/adm/radacct/Radiator
DbDir /usr/local/etc/raddb
#LogFile %L/logfile-%d
LogFile
DictionaryFile %D/dictionary
#DictionaryFile %D/dictionary.cisco
#DictionaryFile %D/dictionary.ascend
#DictionaryFile %D/dictionary.ascend2
#DictionaryFile %D/dictionary.usr.merit
#unknownMIB .iso.org.dod.internet.private.enterprises.307
#unknownOffs 29
#unknownHole 2
SnmpgetProg /usr/local/bin/snmpget
<Client 202.52.251.2>
Secret pass
NasType unknown
</Client>
.
.
.
<Client 202.52.255.8>
Secret pass
NasType unknown
<Client 202.52.238.22>
Secret pass
NasType unknown
</Client>
<Realm>
<AuthBy FILE>
Filename %D/users
</AuthBy>
<AuthBy SYSTEM>
Identifier System
</AuthBy>
AcctLogFileName %L/detail
# PasswordLogFileName %L/password.log
</Realm>
<Realm mos.com.np>
RewriteUsername s/^([^@]+).*/$1/
<AuthBy FILE>
Filename %D/users
</AuthBy>
<AuthBy SYSTEM>
Identifier System
</AuthBy>
AcctLogFileName %L/detail
# PasswordLogFileName %L/password.log
</Realm>
<Realm DEFAULT>
<AuthBy RADIUS>
Host 202.52.255.47
Secret mypass
AuthPort 1745
AcctPort 1746
Retries 3
RetryTimeout 5
</AuthBy>
</Realm>
#<SessionDatabase DBM>
# Filename %L/online
#</SessionDatabase>
--------------------------------------------------
DEFAULT Auth-Type = System, Group = ppp2, Simultaneous-Use = 2
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Listen,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Auth-Type = System, Group = ppp3, Simultaneous-Use = 3
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Listen,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Auth-Type = System, Group = ppp4, Simultaneous-Use = 4
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Listen,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Auth-Type = System, Group = ppp5, Simultaneous-Use = 5
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Listen,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Auth-Type = System, Simultaneous-Use = 1
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Listen,
Framed-Compression = Van-Jacobson-TCP-IP
---------------------------------------------------------------------------
Trace 4 debug:
Mon Jul 17 12:07:54 2000: DEBUG: Reading users file
/usr/local/etc/raddb/users
Mon Jul 17 12:07:54 2000: INFO: Server started: Radiator 2.16.1 on sungava
Mon Jul 17 12:07:58 2000: DEBUG: Packet dump:
*** Received from 202.52.240.130 port 1026 ....
Code: Access-Request
Identifier: 234
Authentic: x<7><0>K<148><208><228><228><192><29><218>"<169><148>.<217>
Attributes:
User-Name = "iedingt"
User-Password =
"<250><253><187><130><169><190><197>b*<18><168>?<167><181>f<16>"
NAS-IP-Address = 202.52.240.130
NAS-Port = 0
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
Mon Jul 17 12:07:58 2000: DEBUG: Handling request with Handler 'Realm='
Mon Jul 17 12:07:58 2000: DEBUG: Deleting session for iedingt,
202.52.240.130, 0
Mon Jul 17 12:07:58 2000: DEBUG: Handling with Radius::AuthFILE
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE looks for match with
iedingt
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Mon Jul 17 12:07:58 2000: DEBUG: Handling with Radius::AuthSYSTEM
Mon Jul 17 12:07:58 2000: DEBUG: getpwnam got iedingt, AN1VuCHXsFBuM,
3964, 205, , , Chandra,Industrial,056-20447,,B, /home/iedingt,
/usr/bin/mesh
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM looks for match with
iedingt
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM REJECT: User iedingt
is not in Group ppp2
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE REJECT: User iedingt is
not in Group ppp2
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE looks for match with
DEFAULT1
Mon Jul 17 12:07:58 2000: DEBUG: Handling with Radius::AuthSYSTEM
Mon Jul 17 12:07:58 2000: DEBUG: getpwnam got iedingt, AN1VuCHXsFBuM,
3964, 205, , , Chandra,Industrial,056-20447,,B, /home/iedingt,
/usr/bin/mesh
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM looks for match with
iedingt
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM REJECT: User iedingt
is not in Group ppp3
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE REJECT: User iedingt is
not in Group ppp3
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE looks for match with
DEFAULT2
Mon Jul 17 12:07:58 2000: DEBUG: Handling with Radius::AuthSYSTEM
Mon Jul 17 12:07:58 2000: DEBUG: getpwnam got iedingt, AN1VuCHXsFBuM,
3964, 205, , , Chandra,Industrial,056-20447,,B, /home/iedingt,
/usr/bin/mesh
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM looks for match with
iedingt
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM REJECT: User iedingt
is not in Group ppp4
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE REJECT: User iedingt is
not in Group ppp4
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE looks for match with
DEFAULT3
Mon Jul 17 12:07:58 2000: DEBUG: Handling with Radius::AuthSYSTEM
Mon Jul 17 12:07:58 2000: DEBUG: getpwnam got iedingt, AN1VuCHXsFBuM,
3964, 205, , , Chandra,Industrial,056-20447,,B, /home/iedingt,
/usr/bin/mesh
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM looks for match with
iedingt
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM REJECT: User iedingt
is not in Group ppp5
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE REJECT: User iedingt is
not in Group ppp5
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE looks for match with
DEFAULT4
Mon Jul 17 12:07:58 2000: DEBUG: Handling with Radius::AuthSYSTEM
Mon Jul 17 12:07:58 2000: DEBUG: getpwnam got iedingt, AN1VuCHXsFBuM,
3964, 205, , , Chandra,Industrial,056-20447,,B, /home/iedingt,
/usr/bin/mesh
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM looks for match with
iedingt
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthSYSTEM ACCEPT:
Mon Jul 17 12:07:58 2000: DEBUG: Radius::AuthFILE ACCEPT:
Mon Jul 17 12:07:58 2000: DEBUG: Access accepted for iedingt
Mon Jul 17 12:07:59 2000: DEBUG: Packet dump:
*** Sending to 202.52.240.130 port 1026 ....
Code: Access-Accept
Identifier: 234
Authentic: x<7><0>K<148><208><228><228><192><29><218>"<169><148>.<217>
Attributes:
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Routing = Listen
Framed-Compression = Van-Jacobson-TCP-IP
Mon Jul 17 12:08:00 2000: DEBUG: Packet dump:
*** Received from 202.52.240.130 port 1026 ....
Code: Accounting-Request
Identifier: 235
Authentic: <155><171><0><144><178><23>/,<141>L<21>#y<15>+<236>
Attributes:
Acct-Session-Id = "0C000035"
User-Name = "iedingt"
NAS-IP-Address = 202.52.240.130
NAS-Port = 0
NAS-Port-Type = Async
Acct-Status-Type = Start
Acct-Authentic = RADIUS
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 202.52.240.160
Acct-Delay-Time = 0
Mon Jul 17 12:08:00 2000: DEBUG: Handling request with Handler 'Realm='
Mon Jul 17 12:08:00 2000: DEBUG: Adding session for iedingt,
202.52.240.130, 0
Mon Jul 17 12:08:00 2000: DEBUG: Handling with Radius::AuthFILE
Mon Jul 17 12:08:00 2000: DEBUG: Accounting accepted
Mon Jul 17 12:08:00 2000: DEBUG: Packet dump:
*** Sending to 202.52.240.130 port 1026 ....
Code: Accounting-Response
Identifier: 235
Authentic: <155><171><0><144><178><23>/,<141>L<21>#y<15>+<236>
Attributes:
----------------------------------------------------------------------------
Any help would be appreciated.
Regards,
Deepak
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
