FreeRadius with perl, Unknown attribute: Acct-Session-ID
Alan DeKok
aland at deployingradius.com
Fri Apr 30 16:57:18 CEST 2021
On Apr 30, 2021, at 10:52 AM, Fatih Boy <fatih at encbulut.com> wrote:
> In fact, I was using exec modüle to trigger an validation phone call (IVR/IVN) and wait for the response. Since validation may take some time longer than 30sec, exec command returns with timeout error and user gets rejected.
>
> Since perl module doesn't have a timeout value, I thought switching to it will some the problem.
No.
The server still has "max_request_time". It will stop any request which takes more than 30 seconds.
The solution to a crappy back-end is not to make FreeRADIUS wait longer. The solution is to fix the back-end so that it takes less time.
If the back-end involves a human phone call.. then just stop doing that. Use another method. RADIUS does *not* work with 30+ second delays for authentication. This is a fundamental limitation of *everything* in RADIUS. NAS, GGSN, BNG, all RADIUS servers, etc.
You cannot work around this problem by switching to Perl, or by changing max_request_time. Your solution simply will not work if it takes more than 30 seconds.
Alan DeKok.
More information about the Freeradius-Users
mailing list