Re: (RADIATOR) SessionDatabase problem using Oracle with Fork
Hello Anthony,
On Jul 9, 5:00pm, Anthony Chan wrote:
Subject: (RADIATOR) SessionDatabase problem using Oracle with Fork
Hi Mike,
I got a problem when running multiple instances of Radiator with
external Database, Oracle, to enforce Simultaneous-Use limits. The
problem only exist when "Fork" is used in the config.
For environment, the Radiator runs in a Solaris machine with Oracle
sqlnet to access the Oracle serve. The sid and tables are created in the
Oracle server without problem. The Perl module DBI-1.11 and
DBD-Oracle-1.02 are installed. The version of Oracle is 8.0.5. The
config files are as follow:
It looks to me like the server restarted or something like that.
We would recommend that you do not use Fork with SQL databases. Some SQL client
libraries (Oracle especially) are not robust after a fork.
Hope that helps.
Cheers.
# radius.cfg
.
.
.
Realm DEFAULT
AuthBy FILE
Filename /usr/local/etc/config
# Fork
/AuthBy
AcctLogFileName %L/detail
/Realm
Realm defaultrealm
AuthBy SYSTEM
UseGetspnam
Identifier System
DefaultReply Service-Type = Framed,\
Framed-Protocol = PPP
/AuthBy
/Realm
SessionDatabase SQL
DBSource dbi:Oracle:radius
DBUsername userid
DBAuth password
/SessionDatabase
#config
DEFAULT
Auth-Type=System,Group=g1,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
DEFAULT
Auth-Type=System,Group=g2,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
DEFAULT
Auth-Type=System,Group=g3,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
The configuration above has no problem without the "Fork".
However, when I put back the keyword "Fork", I would get the following
error messages inside the xterm which start the Radiator:
DBD::Oracle::db do failed: ORA-03113: end-of-file on communication
channel (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/Radius/SqlDb.pm line 230.
DBD::Oracle::db disconnect failed: ORA-12545: Connect failed because
target host or object does not exist (DBD ERROR: OCISessionEnd) at
/usr/local/lib/perl5/site_perl/Radius/SqlDb.pm line 244.
The above message would print continuously when a new user is getting
connected.
The logfile with trace 4 has the following message:
*** Received from 206.161.55.24 port 33100
Code: Access-Request
Identifier: 183
Authentic: 1234567890123456
Attributes:
User-Name = "t1c"
Service-Type = Framed-User
NAS-IP-Address = 206.161.55.24
NAS-Port = 1234
NAS-Port-Type = Async
Framed-IP-Address = 206.161.55.24
User-Password =
""132w184228{198170os1632112144211219"
Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE looks for match with
t1c
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthSYSTEM
Fri Jul 9 13:53:58 1999: DEBUG: getpwnam got t1c, ZJgPkhMU6EVy., 62360,
111, , , Test Account, /export/home/t1c, /usr/bin/ksh
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthSYSTEM looks for match with
t1c
Fri Jul 9 13:53:58 1999: DEBUG: Query is: select NASIDENTIFIER,
NASPORT, ACCTSESSIONID from RADONLINE where USERNAME='t1c'
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthSYSTEM ACCEPT:
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE ACCEPT:
Fri Jul 9 13:53:58 1999: DEBUG: Access accepted for t1c
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Sending to 206.161.55.24 port 33100
Code: Access-Accept
Identifier: 183
Authentic: 1234567890123456
Attributes:
Service-Type = Framed
Framed-Protocol = PPP
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Received from 206.161.55.24 port 33100
Code: Accounting-Request
Identifier: 184
Authentic:
236202156020320331S631200T253239182
Attributes:
User-Name = "t1c"
Service-Type = Framed-User
NAS-IP-Address = 206.161.55.24
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "1"
Acct-Status-Type = Start
Framed-IP-Address = 206.161.55.24
Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jul 9 13:53:58 1999: DEBUG: Accounting accepted
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Sending to 206.161.55.24 port 33100
Code: Accounting-Response
Identifier: 184
Authentic:
236202156020320331S631200T253239182
Attributes:
Fri Jul 9 13:53:58 1999: DEBUG: Adding session for t1c, 206.161.55.24,
1234
Fri Jul 9 13:53:58 1999: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='206.161.55.24' and NASPORT=1234
Fri Jul 9 13:53:58 1999: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
(RADIATOR) SessionDatabase problem using Oracle with Fork
Hi Mike,
I got a problem when running multiple instances of Radiator with
external Database, Oracle, to enforce Simultaneous-Use limits. The
problem only exist when "Fork" is used in the config.
For environment, the Radiator runs in a Solaris machine with Oracle
sqlnet to access the Oracle serve. The sid and tables are created in the
Oracle server without problem. The Perl module DBI-1.11 and
DBD-Oracle-1.02 are installed. The version of Oracle is 8.0.5. The
config files are as follow:
# radius.cfg
.
.
.
Realm DEFAULT
AuthBy FILE
Filename /usr/local/etc/config
# Fork
/AuthBy
AcctLogFileName %L/detail
/Realm
Realm defaultrealm
AuthBy SYSTEM
UseGetspnam
Identifier System
DefaultReply Service-Type = Framed,\
Framed-Protocol = PPP
/AuthBy
/Realm
SessionDatabase SQL
DBSource dbi:Oracle:radius
DBUsername userid
DBAuth password
/SessionDatabase
#config
DEFAULT
Auth-Type=System,Group=g1,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
DEFAULT
Auth-Type=System,Group=g2,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
DEFAULT
Auth-Type=System,Group=g3,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
The configuration above has no problem without the "Fork".
However, when I put back the keyword "Fork", I would get the following
error messages inside the xterm which start the Radiator:
DBD::Oracle::db do failed: ORA-03113: end-of-file on communication
channel (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/Radius/SqlDb.pm line 230.
DBD::Oracle::db disconnect failed: ORA-12545: Connect failed because
target host or object does not exist (DBD ERROR: OCISessionEnd) at
/usr/local/lib/perl5/site_perl/Radius/SqlDb.pm line 244.
The above message would print continuously when a new user is getting
connected.
The logfile with trace 4 has the following message:
*** Received from 206.161.55.24 port 33100
Code: Access-Request
Identifier: 183
Authentic: 1234567890123456
Attributes:
User-Name = "t1c"
Service-Type = Framed-User
NAS-IP-Address = 206.161.55.24
NAS-Port = 1234
NAS-Port-Type = Async
Framed-IP-Address = 206.161.55.24
User-Password =
""132w184228{198170os1632112144211219"
Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE looks for match with
t1c
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthSYSTEM
Fri Jul 9 13:53:58 1999: DEBUG: getpwnam got t1c, ZJgPkhMU6EVy., 62360,
111, , , Test Account, /export/home/t1c, /usr/bin/ksh
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthSYSTEM looks for match with
t1c
Fri Jul 9 13:53:58 1999: DEBUG: Query is: select NASIDENTIFIER,
NASPORT, ACCTSESSIONID from RADONLINE where USERNAME='t1c'
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthSYSTEM ACCEPT:
Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE ACCEPT:
Fri Jul 9 13:53:58 1999: DEBUG: Access accepted for t1c
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Sending to 206.161.55.24 port 33100
Code: Access-Accept
Identifier: 183
Authentic: 1234567890123456
Attributes:
Service-Type = Framed
Framed-Protocol = PPP
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Received from 206.161.55.24 port 33100
Code: Accounting-Request
Identifier: 184
Authentic:
236202156020320331S631200T253239182
Attributes:
User-Name = "t1c"
Service-Type = Framed-User
NAS-IP-Address = 206.161.55.24
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "1"
Acct-Status-Type = Start
Framed-IP-Address = 206.161.55.24
Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jul 9 13:53:58 1999: DEBUG: Accounting accepted
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Sending to 206.161.55.24 port 33100
Code: Accounting-Response
Identifier: 184
Authentic:
236202156020320331S631200T253239182
Attributes:
Fri Jul 9 13:53:58 1999: DEBUG: Adding session for t1c, 206.161.55.24,
1234
Fri Jul 9 13:53:58 1999: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='206.161.55.24' and NASPORT=1234
Fri Jul 9 13:53:58 1999: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('t1c',
'206.161.55.24', 1234, '1', 931499638, '206.161.55.24', 'Async',
'Framed-User')
Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
*** Received from 206.161.55.24 port 33100
Code: Accounting-Request
Identifier: 185
Authentic:
22200241178140*14531741752301470235224226
Attributes:
User-Name = "t1c"
Service-Type = Framed-User
NAS-IP-Address = 206.161.55.24
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "1"
Acct-Status-Type = Stop
Framed-IP-Address = 206.161.55.24
