RE: (RADIATOR) Session Database issues.
It looks like radpwtst is sending the default NAS-Port of 1234 for each request. Since radiator sees the second call coming in on the same physical port it assumes that the first session had to have ended. Change the NAS-Port in the second test using the -nas_port parameter of radpwtst so it looks like you are putting up a second simultaneous call. -Frank -Original Message- From: Griff Hamlin, III [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 17, 2002 2:03 PM To: [EMAIL PROTECTED] Subject: (RADIATOR) Session Database issues. I am using Radiator 2.18.3 on AIX. I find that even though in my config file I have DefaultSimultaneousUse 1 set, all users are still allowed on. I use an SQL session database, and when I try tests using radpwtst I find something peculiar. I first run the following command: /usr/local/Radiator-2.18/radpwtst -nostop -user=hamlin -password= -auth_port=1645 -acct_port=1646 -calling_station_id 9095551212 -nas_ip_address 127.0.0.1 This gives me an accesss accept and place the user information into my sql 'online' table. I purposely do not let radpwtst send a stop packet so that the information will remain in the online table. I then change the phone number (because I have a hook that checks for it) and run the following command from radpwtst. /usr/local/Radiator-2.18/radpwtst -noacct -user=hamlin -password= -auth_port=1645 -acct_port=1646 -calling_station_id 9495551213 -nas_ip_address 127.0.0.1 Notice that now, I have changed it to -noacct since all I want is the access reply. Strangely enough, it is accepted! Yet I can see the row in the online database. I get the following from the logfile on trace 4. This is the access request after the user is already in the online sql database. -logfile output *** Received from 127.0.0.1 port 46269 Code: Access-Request Identifier: 17 Authentic: 1234567890123456 Attributes: User-Name = hamlin Service-Type = Framed-User NAS-IP-Address = 127.0.0.1 NAS-Port = 1234 Called-Station-Id = 123456789 Calling-Station-Id = 9491234546 NAS-Port-Type = Async User-Password = 207184f1542235p24618889160216}x153 Fri Jan 18 05:39:47 2002: INFO: Checking :hamlin: call-id :9491234546: Fri Jan 18 05:39:47 2002: INFO: CallIDHook: returned row --- 'hamlin', '9095551212' Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler Service-Type = Call-Check should be used to handle this request Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler User-Name = admin should be used to handle this request Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler Request-Type=Accounting-Request should be used to handle this request Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler should be used to handle this request Fri Jan 18 05:39:47 2002: DEBUG: Handling request with Handler '' Fri Jan 18 05:39:47 2002: DEBUG: Rewrote user name to hamlin Fri Jan 18 05:39:47 2002: DEBUG: Deleting session for hamlin, 127.0.0.1, 1234 -### This seems odd to me Fri Jan 18 05:39:47 2002: DEBUG: do query is: delete from online where (nasidentifier='127.0.0.1')(nasport='1234') Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthGROUP Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL: Fri Jan 18 05:39:47 2002: DEBUG: Query is: select check_items, reply_items, case when (prepay='false') then if(session_timeout,session_timeout,NULL) when ((prepay='true')(ISNULL(session_timeout))) then prepaid_timeleft when ((prepay='true')(!(ISNULL(session_timeout then if(prepaid_timeleftsession_timeout,prepaid_timeleft,session_timeout) end from users where (username='hamlin' handler_group='defau') Fri Jan 18 05:39:47 2002: DEBUG: Radius::AuthSQL looks for match with hamlin Fri Jan 18 05:39:47 2002: DEBUG: Query is: select username, acctsessionid from online where username='hamlin' Fri Jan 18 05:39:47 2002: DEBUG: Radius::AuthSQL ACCEPT: Fri Jan 18 05:39:47 2002: DEBUG: Access accepted for hamlin Fri Jan 18 05:39:47 2002::hamlin accepted from 127.0.0.1, called 123456789 from 9491234546 Fri Jan 18 05:39:47 2002: DEBUG: Packet dump: *** Sending to 127.0.0.1 port 46269 Code: Access-Accept Identifier: 17 Authentic: 1234567890123456 Attributes: Framed-IP-Address = 255.255.255.254 Framed-Routing = None Framed-Compression = Van-Jacobson-TCP-IP Framed-IP-Netmask = 255.255.255.255 Idle-Timeout = 900 Framed-Protocol = PPP Service-Type = Framed-User --end logfile output--- I have labelled the line above that seems strange to me. Why would it delete the session from the online sql database before doing anything else? I found the line in Handler.pm that does this and commented it out. When I then tried this test, it works like a champ (It's line 257 in Handler.pm). Perhaps I am doing something wrong. My radius.cfg file is as follows: -- radius.cfg
Re: (RADIATOR) Session Database issues.
HiGriff, The reason of that strange lines that you mention is the radiator's default session database implementation which is right. Its because only one user can be connected from the same nasidentifier and nas port at any time... When a useraccess request comes,radiator first erases the line with the same nas and same nas port in the database just in case of a problem... this means it has to run DeleteQuery first... Since your tworadpwtst testssends the same nasidentifier and nasport, regardless of the other things, you will always get OK for that...Try changing nas_ip_address or nas_port to see the real behaviour... The other conceptual problem is changing the calling-number attribute does not affect anything since this attribute either not exists in the countquery or the deletequery. Utku Er. - Original Message - From: Griff Hamlin, III To: [EMAIL PROTECTED] Sent: Thursday, January 17, 2002 9:02 PM Subject: (RADIATOR) Session Database issues. I am using Radiator 2.18.3 on AIX. I find that even though in my configfile I have DefaultSimultaneousUse 1 set, all users are still allowedon. I use an SQL session database, and when I try tests using radpwtst Ifind something peculiar.I first run the following command:/usr/local/Radiator-2.18/radpwtst -nostop -user=hamlin -password=-auth_port=1645 -acct_port=1646 -calling_station_id 9095551212-nas_ip_address 127.0.0.1This gives me an accesss accept and place the user information into mysql 'online' table. I purposely do not let radpwtst send a stop packetso that the information will remain in the online table.I then change the phone number (because I have a hook that checks forit) and run the following command from radpwtst./usr/local/Radiator-2.18/radpwtst -noacct -user=hamlin -password=-auth_port=1645 -acct_port=1646 -calling_station_id 9495551213-nas_ip_address 127.0.0.1Notice that now, I have changed it to -noacct since all I want is theaccess reply.Strangely enough, it is accepted! Yet I can see the row in the onlinedatabase. I get the following from the logfile on trace 4. This is theaccess request after the user is already in the online sql database.-logfile output *** Received from 127.0.0.1 port 46269 Code: Access-RequestIdentifier: 17Authentic: 1234567890123456Attributes: User-Name = "hamlin" Service-Type = Framed-User NAS-IP-Address = 127.0.0.1 NAS-Port = 1234 Called-Station-Id = "123456789" Calling-Station-Id = "9491234546" NAS-Port-Type = Async User-Password ="207184f1542235p24618889160216}x153"Fri Jan 18 05:39:47 2002: INFO: Checking :hamlin: call-id :9491234546:Fri Jan 18 05:39:47 2002: INFO: CallIDHook: returned row --- 'hamlin','9095551212'Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler Service-Type =Call-Check should be used to handle this requestFri Jan 18 05:39:47 2002: DEBUG: Check if Handler User-Name = adminshould be used to handle this requestFri Jan 18 05:39:47 2002: DEBUG: Check if HandlerRequest-Type=Accounting-Request should be used to handle this requestFri Jan 18 05:39:47 2002: DEBUG: Check if Handler should be used tohandle this requestFri Jan 18 05:39:47 2002: DEBUG: Handling request with Handler ''Fri Jan 18 05:39:47 2002: DEBUG: Rewrote user name to hamlinFri Jan 18 05:39:47 2002: DEBUG: Deleting session for hamlin,127.0.0.1, 1234 -### This seems odd to meFri Jan 18 05:39:47 2002: DEBUG: do query is: delete from online where(nasidentifier='127.0.0.1')(nasport='1234')Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthGROUPFri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQLFri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL:Fri Jan 18 05:39:47 2002: DEBUG: Query is: select check_items,reply_items, case when (prepay='false') thenif(session_timeout,session_timeout,NULL) when((prepay='true')(ISNULL(session_timeout))) then prepaid_timeleft when((prepay='true')(!(ISNULL(session_timeout thenif(prepaid_timeleftsession_timeout,prepaid_timeleft,session_timeout)end from users where (username='hamlin' handler_group='defau')Fri Jan 18 05:39:47 2002: DEBUG: Radius::AuthSQL looks for match withhamlinFri Jan 18 05:39:47 2002: DEBUG: Query is: select username,acctsessionid from online where username='hamlin'Fri Jan 18 05:39:47 2002: DEBUG: Radius::AuthSQL ACCEPT:Fri Jan 18 05:39:47 2002: DEBUG: Access accepted for hamlinFri Jan 18 05:39:47 2002::hamlin accepted from 127.0.0.1, called123456789 from9491234546Fri Jan 18 05:39:47 2002: DEBUG: Packet dump:*** Sending to 127.0.0.1 port 46269 Code: Access-AcceptIdentifier: 17Authentic: 1234567890123456Attributes: Framed-IP-Address = 255.255.255.254 Framed-Routing = None Framed-Compression = Van-Jacobson-TCP-IP Framed-IP-Netmask = 255.255.255.255 Idle-Timeout =
