checking authorization in the duration of connection

Ivan Kalik tnt at
Mon May 4 16:20:30 CEST 2009

> I found this reply in freeradius mailing list in 2005:
> " It's impossible to enforce *traffic* limiting *during* a users
> session.  So if a user is a tiny bit below their limit and logs in
> again, they can go over their limit.  The server will only catch &
> enforce their limit on the next login.
>   This has been discussed multiple times on the list over the past 5
> years."
> Is this possible now in new versions ?

Enforcing traffic limits is impossible - using standard radius attributes.
And this has nothing to do with freeradius version.

But most vendors (not just likes of Cisco, but ChilliSpot, Mikrotik, etc.)
have vendor specific attributes (VSA) that you can use to limit traffic.
Read your vendor documentation (or ask the vendor) to see how it can be
done. Then use that VSA in the (sql)counter.

Ivan Kalik
Kalik Informatika ISP

More information about the Freeradius-Users mailing list