SV: disconected after one second

Alexander Silveröhrt Alexander.Silverohrt at itux.se
Thu Apr 4 16:28:29 CEST 2013


Hard to know what you missconfigured but...i can give you some "usual suspects" maybe..

Also can you post a "show subscribers active all" while trying to auth.

Also debug with
Term mon
debug aaa rad-attr
debug rad-packet

Your forward policy looks wicked
Forward-Policy == "in:CLIPS-DEFAULT"
are you sure that is the name of your forwarding policy? And if you are using netop make sure that this forwarding policy is the one in the database.


Also double check that you have below Metering and policing on the router and that they are configured with the right rate and burst.
     Qos-Policing-Profile-Name = "customer-out"
     Qos-Metering-Profile-Name = "customer-in"

Also if you are using netop check that you have those customer-out and customer-in in Netops service attribute Variation/bandwidth variation and that they point to existing valid customer-out and customer-in on the router.
From the look of it from your reply attributes they should look like..

qos policy customer-out metering
 rate 20480 burst 100000
!
qos customer-in policing
 rate 2048 burst 10000
!

And of course make sure you have a context with the name "CLIPS" to bound the session to.

And since i have never used below attributes in a SME before that makes me suspicious..Just make sure they aren't doing anything crazy:)
     Connect-Info == "1"
     Port-Limit == 1


Cheers
Alex


-----Ursprungligt meddelande-----
Från: freeradius-users-bounces+alexander.silverohrt=itux.se at lists.freeradius.org [mailto:freeradius-users-bounces+alexander.silverohrt=itux.se at lists.freeradius.org] För Lukasz Kopiszka
Skickat: den 4 april 2013 15:19
Till: freeradius-users at lists.freeradius.org
Ämne: disconected after one second


Hi,

I have strange problem host can't receive IP becouse he get
     Acct-Status-Type = Stop
     Acct-Update-Reason = AAA_LOAD_ACCT_SESSION_DOWN
after one second before:
     Acct-Status-Type = Start
     Acct-Update-Reason = AAA_LOAD_ACCT_SESSION_UP

short log:

Sending Access-Accept of id 126 to 91.231.70.5 port 1812
     Service-Type = Outbound-User
     Framed-IP-Address == 91.231.71.17
     Acct-Interim-Interval == 300
     Service-Type == Outbound-User
     Connect-Info == "1"
     Port-Limit == 1
     DHCP_Max_Leases == 1
     Context-Name == "CLIPS"
     HTTP-Redirect-Profile-Name == ""
     Forward-Policy == "in:CLIPS-DEFAULT"
     QOS-Rate-Outbound == "20480"
     QOS-Rate-Inbound == "2048"
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 91.231.70.5 port 1812,
id=223, length=385
     User-Name = "00:17:08:2e:76:d2"
     Acct-Status-Type = Start
     Acct-Session-Id = "0100FFFF7800029F-515D7656"
     Service-Type = Outbound-User
     Acct-Update-Reason = AAA_LOAD_ACCT_SESSION_UP
     NAS-Identifier = "ALFASYSTEM"
     NAS-Port = 33619968
     NAS-Real-Port = 553649127
     NAS-Port-Type = Virtual
     NAS-Port-Id = "2/1 vlan-id 999 clips 131743"
     Medium-Type = DSL
     Mac-Addr = "00-17-08-2e-76-d2"
     Platform-Type = SE-100
     OS-Version = "6.5.1.5"
     Acct-Authentic = RADIUS
     Port-Limit = 1
     DHCP-Max-Leases = 1
     Framed-IP-Address = 91.231.71.17
     Source-Validation = Enabled
     DHCP-Option = "\014\014\004alfa"
     Acct-Interim-Interval = 600
     Forward-Policy = "in:CLIPS-DEFAULT"
     QOS-Rate-Outbound = "20480:0:0"
     QOS-Rate-Inbound = "2048:0:0"
     Qos-Policing-Profile-Name = "customer-out"
     Qos-Metering-Profile-Name = "customer-in"
     Event-Timestamp = "Apr  4 2013 14:47:18 CEST"  << start

rad_recv: Accounting-Request packet from host 91.231.70.5 port 1812,
id=224, length=603
     User-Name = "00:17:08:2e:76:d2"
     Acct-Status-Type = Stop
     Acct-Session-Id = "0100FFFF7800029F-515D7656"
     Service-Type = Outbound-User
     Acct-Update-Reason = AAA_LOAD_ACCT_SESSION_DOWN
     NAS-Identifier = "ALFASYSTEM"
     NAS-Port = 33619968
     NAS-Real-Port = 553649127
     NAS-Port-Type = Virtual
     NAS-Port-Id = "2/1 vlan-id 999 clips 131743"
     Medium-Type = DSL
     Mac-Addr = "00-17-08-2e-76-d2"
     Platform-Type = SE-100
     OS-Version = "6.5.1.5"
     Acct-Authentic = RADIUS
     Port-Limit = 1
     DHCP-Max-Leases = 1
     Framed-IP-Address = 91.231.71.17
     Source-Validation = Enabled
     DHCP-Option = "\014\014\004alfa"
     Acct-Session-Time = 1
     Acct-Input-Packets = 0
     Acct-Output-Packets = 0
     Acct-Input-Octets = 0
     Acct-Output-Octets = 0
     Acct-Input-Gigawords = 0
     Acct-Output-Gigawords = 0
     Acct-Input-Packets-64 = 0x0000000000000000
     Acct-Output-Packets-64 = 0x0000000000000000
     Acct-Input-Octets-64 = 0x0000000000000000
     Acct-Output-Octets-64 = 0x0000000000000000
     Acct-Mcast-In-Packets = 0
     Acct-Mcast-Out-Packets = 0
     Acct-Mcast-In-Octets = 0
     Acct-Mcast-Out-Octets = 0
     Acct-Mcast-In-Packets-64 = 0x0000000000000000
     Acct-Mcast-Out-Packets-64 = 0x0000000000000000
     Acct-Mcast-In-Octets-64 = 0x0000000000000000
     Acct-Mcast-Out-Octets-64 = 0x0000000000000000
     Acct-Interim-Interval = 600
     Forward-Policy = "in:CLIPS-DEFAULT"
     QOS-Rate-Outbound = "20480:0:0"
     QOS-Rate-Inbound = "2048:0:0"
     Qos-Policing-Profile-Name = "customer-out"
     Qos-Metering-Profile-Name = "customer-in"
     Event-Timestamp = "Apr  4 2013 14:47:19 CEST" << stop after 1 second!

full log: http://pastebin.com/HTYxdg1B

Everything was working great until I change something but I don't
remember what was it

--
Pozdrawiam,
Łukasz Kopiszka
tel. 694-212-718
www.alfa-system.pl

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

********* DISCLAIMER *********

This message and any attachment are confidential and may be privileged or otherwise protected from disclosure and may include proprietary information. If you are not the intended recipient, please telephone or email the sender and delete this message and any attachment from your system. If you are not the intended recipient you must not copy this message or attachment or disclose the contents to any other person


More information about the Freeradius-Users mailing list