Cleanup Stale Sessions - needed?

Paolo Di Francesco paolo.difrancesco at level7.it
Mon Aug 8 12:22:34 CEST 2011


Hi radius gurus,

I am still having issues with this configuration. In few words I am
still "cleaning" by hand some users but I would love that would be done
by radius each time that it checks if the user is online or not.

In few words:

1) the user is disconnected
2) the user tries to get into the net, and it knocks the NAS
3) the NAS knocks the radius saying "hey this guy wants to get in"
4) the radius asks to the NAS "hey the user is already online or not?"
and the NAS says "no I have no user with that name" (checkrad)
5) but the radius thinks the user is still online somewhere because it
shows online into the mysql database, therefore the answer is "no, this
user is already online somewhere"

So I am looking for some script/hint/whatever to CLEAN those users who
are not online but still "online" into the mysql.

Suggestions very welcome!



> Hi Radius Gurus
> 
> I have a problem with one not-so-typical situation.
> 
> First of all, I am running daloradius on top of Freeradius:
> 
> [root at radman ~]# radiusd -v
> radiusd: FreeRADIUS Version 2.1.7, for host i686-redhat-linux-gnu, built
> on Mar 31 2010 at 00:25:31
> Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
> PARTICULAR PURPOSE.
> 
> 
> I have just update my network topology and therefore I moved some NASes
> from one server to another.
> 
> When I did this change, obviously I did it without worrying what could
> happen to the radiusd. So I simply moved the NASes on new IPs/servers
> and restarted the radiusd.
> 
> Now I have the users trying to get into the network but they look
> "online" to radiusd on the old NASes. In few words the connection is
> refused because radiusd thinks that the user is ALREADY online on the
> "old NAS" (not true) and it does not permit the user to get into the
> network.
> 
> So I have this teasing menu option in daloradius which is called
> "Cleanup Stale Sessions". I think it does exactly what I need but:
> 
> 1) I do not want to break the radiusd
> 2) I do not want to loose my radius logs ("who had that IP that day..")
> 3) I do not know if this is the right "button" to click
> 
> So I am asking you if you have any idea of how to solve this issue and
> if I should click that button
> 
> Thank you in advance
> 
> (radiusd log follows)
> 
> -----------------------------------------------------------------------
> 
>  Auth: Multiple logins (max 1) [MPP attempt]: [myuser at mynet.org] (from
> client  xyz port 45118 cli 00:15:6D:5E:0A:82)
> 
> -----------------------------------------------------------------------
> 


-- 


Ing. Paolo Di Francesco

Level7 s.r.l. unipersonale

Sede operativa: Largo Montalto, 5 - 90144 Palermo

C.F. e P.IVA  05940050825
Fax : +39-091-8772072
assistenza: (+39) 091-8776432
web: http://www.level7.it






More information about the Freeradius-Users mailing list