Hello Dave -
On Fri, 15 Dec 2000, Dave Close wrote:
> We are running Radiator 2.16.3 on AIX and checking for simultaneous
> usage with Radiator's internal data base. We have modified Nas.pm to
> support the Cyclades PR4000, basically copying and changing the
> PortMaster code. In addition, we added some logging statements (at INFO
> level) so that we could verify the correct operation of our new code.
> Most of the time it works fine.
>
> Whenever Radiator detects a user which it thinks may be already
> connected, it should call Nas.pm to verify the session using SNMP. If
> it does, we get our INFO messages followed by either "Simultaneous Use
> exceeded" or "Session has gone away". However, we also get some
> "Simultaneous Use exceeded" messages without our INFO messages first.
> In these cases, there is no actual user session but Radiator has
> rejected the login. There appears to be no way to clear the problem
> except to restart Radiator.
>
> Our INFO messages are unconditional if Nas.pm is called. So it seems
> that it must not be being called for some reason. Tracing through the
> code, I think that it should be called indirectly by the various
> Auth*.pm modules. We use our own internally developed Auth module for
> all authentications, so it seems likely that we have a bug in it. What
> could we be doing wrong which would cause Radiator not to verify a
> session only some of the time?
>
> Or is it possible that an error in the original Start accounting
> message would cause Radiator to think the session was on a different
> NAS, one for which we have not defined a NASType? We don't have any
> defined without a NASType, but if the NAS address were corrupted,
> Radiator might fail to find the address in our client list.
>
If Radiator receives a request from a Client that is not defined, the request
is simply ignored (unless you have a Client DEFAULT - but you wouldn't do that
would you?).
> I'd love to run a level 4 trace. But this happens about once every two
> to three days and the size of such a trace would be unrealistic.
You could use the special characters in the LogFile definition to specify a new
file every hour for example, and just throw away the hours that don't contain
the problem.
And I think adding some additional debug information would assist greatly.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
