What is the purpose of the default accounting-on/off queries?

[Nathan Ward]

> On 10/10/2021, at 3:16 AM, Antônio Modesto <modesto at hubsoft.com.br> wrote:
> 
> Hello everyone,
> 
> I have two questions:
> 
> 
> 1) What is the purpose of the default accounting-on and accounting-off queries bundled with freeradius? I am asking this because one of my customer's NAS is sending accounting-on packets for no reason, and Freeradius is closing the sessions with the 'NAS-Reboot' Acct-Terminate-Cause. I was thinking about disabling the accounting-on query altogether, and leaving only the accounting-off. Are there any side effects by doing this?

This means the NAS is misbehaving.
Accounting-On and Accounting-Off should only be sent when the NAS is booting or shutting down - i.e. when sessions are terminated en mass. In those situations, the NAS might not send Stop messages for each session (and in many cases, such as a crash, cannot).
Leaving only Accounting-Off will mean in case of a NAS crash, it’ll come back and may not be able to get customers online until the sessions expire in the RADIUS server state - in case you limit concurrent sessions, or have limited IPs in sqlippool. Accounting-On is important in these situations.

Perhaps to work around the poor RADIUS implementation on the NAS, you can filter out these messages - do they have any additional attributes? Some misbehaving NASes send Accounting-On/Off for subsystems, with additional attributes to identify the subsystem.

Send the NAS vendor this page: https://freeradius.org/rfc/acct_status_type_subsystem.html <https://freeradius.org/rfc/acct_status_type_subsystem.html>
Can you share who the vendor is?

> 2) Does Freeradius use accounting-off packets to release IPs allocated in the sqlippool?

By default, yes.

--
Nathan Ward