Hello Greg -
Does Radiator operate correctly the rest of the time? And could you please send me a more complete trace 4 debug from Radiator showing the startup sequence and several requests thereafter, including access requests and accounting requests. regards Hugh On Wednesday, September 18, 2002, at 07:16 PM, Greg Wildman wrote: > Hi all, > > I am struggling with a MySQL error in the AuthSQL section. Let me shed > some more light on my situation. > > I am in the process up upgrading our Radius server from version 2.16.1 > to 3.3.1. The new server is running Red Hat 7.3 with the following > package versions. > > Radiator-3.3.1-1 > mysql-3.23.49-3 > perl-DBI-1.21-1 > perl-DBD-MySQL-1.2219-6 > > The actual MySQL server located on the same switched network is also > running version 3.23.49. It is currently configured for 300 max > concurrent sessions. > > During my testing using radpwtest I get the following errors in my > radiator logfile and then usually followed by LDAP failure errors. > > DBD::mysql::st fetchrow failed: fetch() without execute() at > /usr/lib/perl5/site_perl/5.6.1/Radius/SqlDb.pm line 253. > DBD::mysql::st fetchrow failed: fetch() without execute() at > /usr/lib/perl5/site_perl/5.6.1/Radius/SqlDb.pm line 253. > > > I have looked in the SqlDb.pm and can see that the function getOneRow > is > called and seems to be failing because the connection has failed. I > suspected that the "persistent" connection had closed for whatever > reason at the time of the fetch(). > > I hashed out the <SessionDatabase SQL> section of my config, restarted > radiator and the problem persisted, so I unhashed my changes and then > hashed out the <Auth SQL> section. My problem disappeared after a > restart. The catch is that this section if necessary for auditing > purposes. > > I run mytop on the MySQL server during my tests but the server never > has > more than 40 open connection (of a possible 300) and only 2 are active > at any one time. Another thing I noticed was that the connection from > radiator lasts only 10 seconds before it closes and another one opens. > The errors I get in the logfile "seem" to only happed on the first > radpwtest after I stop testing for a few minutes. > > My config is as follows: > > <Handler Realm=XYZ> > #Continue trying to authenticate while rejected. > #SQL will force reject. > AuthByPolicy ContinueWhileReject > > # This will always reject, we use it to update the SQL server. > # Use the SQL database to only store accounting information. > <AuthBy SQL> > Identifier vISP_accounting > DBSource dbi:mysql:radius_db:db.some.server.net > DBUsername radius > DBAuth secret > > Timeout 15 > FailureBackoffTime 2 > > #Delete any possible broken sessions from the session DB > AuthSelect DELETE FROM RADONLINE WHERE USERNAME='%n' AND > TIME_STAMP+1800 < %t > > AccountingTable ACCOUNTING > AcctColumnDef USERNAME,User-Name > AcctColumnDef TIME_STAMP,Timestamp,integer > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause > AcctColumnDef NASIDENTIFIER,NAS-IP-Address > AcctColumnDef NASPORT,NAS-Port,integer > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > </AuthBy> > > # Now for the real authentication. If it fails here then the user is > out of luck. > <AuthBy LDAP2> > DefaultSimultaneousUse 1 > > Host localhost > Port 389 > BaseDN ou=radius,o=example,c=com > Version 2 > HoldServerConnection > > #LDAP Asstributes > UsernameAttr uid > EncryptedPasswordAttr userpassword > CheckAttr check > > AddToReply Service-Type=Framed-User,\ > Framed-Protocol=PPP,\ > Framed-IP-Address=255.255.255.254 > </AuthBy> > </Handler> > > > Anybody had similar problems? Is there any way of tracing the MySQL > calls or getting more debug than level 5? > > -- > Greg > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > > -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
