Stop the accounting response
Peter Lambrechtsen
peter at crypt.nz
Sun Mar 10 09:42:32 CET 2019
Discarding accounting is not my experience with most NASes I have worked
with. They will keep on retrying until they get a response for STARTS and
especially STOPS and not give up after 3 attempts unless you explicitly
configured it on the NAS to discard STOPS.
If you have configured the NAS to discard accounting then sure if that is
what you wanted.
But a NAS normally expects a response to EVERY message it sends and when it
doesn't get a response it will keep on retrying. Such as if it has a
round-robin configuration with multiple radius server endpoints it would
typically give up on one, and then try another.
But ultimately it is entirely the control of the NAS and the Radius server
no matter what variant it is should always respond to any requests it gets
unless the shared secret is wrong and it has been configured not to reply.
To have a Radius server not respond to valid accounting messages that were
initiated by the NAS is a terrible idea. The few use cases where you don't
want a response to a valid request is typically with proxied requests where
you are sending the messages to multiple servers with enough redundancy so
they will reconcile at some point.
So in short I wouldn't do it.
More information about the Freeradius-Users
mailing list