FreeRadius with Eduroam - Accounting

[Alan Buxey]

Hi,

> I'm running FreeRadius 2.1.3 on RedHat Enterprise Linux configured as an 
> Eduroam Radius proxy server. My Cisco Wireless Lan Controllers are 
> constantly failing over the Accounting Servers, due to lack of response 
> from the Home Servers, or so says the log. However, I believe the issue is 
> that some remote institutions Radius Servers are ignoring the Accounting 
> packets, and timing out my end, making it believe the Home Servers have 
> failed to respond. FreeRadius responds by marking the Home server dead. It 
> then sends a status-server query, to which is gets a reply, and enables 
> the Dead Home server. I believe that's the sequence of events anyway. I 
> captured some of that in debug mode:

the flow you captured is right - it tries, it doesnt get a response, it probes
with status-server and marks server up again. thats fine...and the way it should
work.

regarding eduroam and proxying of accounting. yes. its a continual problem
and one that I would like to see sorted...theres a large number of people
who dont believe in the proxying of accounting (they dont believe in the accounting
stuff really...) - I, however, like the accounting.

the issue is that YOU know your NAS kit - and all the wierd things that
it can do - sending 0 sesstion time and only using port 29 is the Cisco 'thing'..
what you arent ready for is the slew of junk from other sites NAS when they do accounting
..and be prepared for a whole lot of junk.  (my current favourite is when 100% essential
RADIUS attributes for accounting have been striped out by an over keen admin with the
attribute filter on their RADIUS server. double fun!)

I would suggest you take the accounting out of the 'live' stream and move to using one
of the 'supplied with freeRADIUS' accounting virtual servers - decoupled-accounting,
robust-proxy-accounting or copy-acct-to-home-server

read those VS files and see which one appeals to you the most and which will suit
your needs

alan