how to originate disconnect message from NAS [radius client]
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Aug 31 13:58:15 CEST 2011
On 31 Aug 2011, at 13:41, Brian Candler wrote:
> On Tue, Aug 30, 2011 at 07:46:45PM +0530, sundararaman.dheivanayagam at wipro.com wrote:
>> Thanks for the response. NAS will send account-stop request to RADIUS,
>> which in turn trigger the disconnect message [release the ip address
>> assigned earlier] to NAS.
>
> I think there is some confusion going on here.
>
> An Accounting-Stop message is an indication from the NAS that the session
> has ended. It does *not* trigger a Disconnect-Request message.
Well it *can*, for example in simultaneous use scenarios where you want to disconnect all other open sessions for a user if they start a new accounting session. But its all server / config specific.
> A Disconnect-Request message is from the radius server to the NAS, to
> forcibly disconnect them on demand.
>
> http://wiki.freeradius.org/Disconnect-Messages
> http://www.ietf.org/rfc/rfc3576.txt
>
> It's something of a frig, and in my experience rarely implemented (you'd
> probably be better off using SNMP to disconnect a user, or using the
> Session-Timeout attribute if all you want to do is disconnect them after a
> certain amount of time online)
>
Agreed. As i've said numerous times in previous threads, the only time you ever need to use DM over SNMP is in an environment with intermediary RADIUS proxies, or if your NAS doesn't implement the MIBs necessary to disconnect a user, but does support DM... so far i've never seen one of those in the wild.
Arran Cudbard-Bell
a.cudbardb at freeradius.org
RADIUS - Half the complexity of Diameter
More information about the Freeradius-Devel
mailing list