J Kephart wrote:
The first is that we see instances in which we have successful authentications, but for which no accounting message is ever logged, despite receiving accounting requests from the client device. In addition, packet captures show that we do, in fact, get the accounting request, but radius is not replying to it. What might cause that?
The accounting packets might not contain enough information to be logged, or perhaps the wrong information. As always, read the debug output to see why.
The second issue is also related to the accounting process. What we believe right now is that, at some points, often right around midnight (US/Eastern), we're getting flooded with accounting packets from client devices, many of which are seriously outdated (or duplicates, or both).
You should be able to run a packet capture to see that.
We originally thought that we might have an errant cron event that ran around that time, but we've checked all of those, and they only take seconds to run, so that doesn't seem to explain it. Unfortunately, while we've found all sorts of documentation on how to log access requests, we seem unable to find anything on logging accounting requests, other than those that are logged in the detail files, etc., after a successful request.
That *is* logging accounting packets.
What we'd like to see is some way of logging, in radius.log, for example, accounting requests, whether successful or not. We don't need all of the details, necessarily, just a means of noting that the request came in and from where (IP).
The "linelog" module will do that. Alan DeKok.