FR with MySQL. Proxying and repeated entries
aland at ox.org
Fri Aug 19 21:09:23 CEST 2005
"Paolo Rotela" <paolo.rotela at bluetelecom.com> wrote:
> With this one, Access-* packets go OK, but when the NAS (Cisco AS5300) sends
> an Accounting-Request to that realm and I proxy it to the home server, it
> sends me an Accounting-Response with an (I think) irregular attribute:
> Message-Authenticator (Ext. Attr. 80), wich I think is not permitted in the
> RFC for accounting packets.
The IETF RADIUS extensions working group has a document which
proposes fixes to a number of issues like this.
> 1) Am I reading OK the RFC? I mean ¿Is it right that Attribute 80 is NOT
> permitted in Accounting-* packets?
I don't think it's specifically permitted, but it shouldn't be a problem.
> 2) Each time the NAS re-sends packets, FR handles it as it were a new
> packet, for a new call/connection.
The RFC's say that's what the NAS is supposed to do. So for
FreeRADIUS, it looks like a new connection.
> 3) Is there any known bug or propietary feature from Cisco wich causes this
> incompatibility thing? I've searched about it and didn't find anything.
No. It's a bug in FreeRADIUS.
I'll put a patch into 1.0.5 that should fix it.
More information about the Freeradius-Users