Cleanup Stale Sessions - needed?

Paolo Di Francesco paolo.difrancesco at level7.it
Mon Aug 8 12:45:42 CEST 2011


we searched before asking, but we did not find any reference. If you
have references of previous conversations, please send me the pointers
privately.

Thank you

> Please search before asking...
> 
> I wrote at least 10 times about this problem ....
> 
> On 8/8/2011 12:22 PM, Paolo Di Francesco wrote:
>> Hi radius gurus,
>>
>> I am still having issues with this configuration. In few words I am
>> still "cleaning" by hand some users but I would love that would be done
>> by radius each time that it checks if the user is online or not.
>>
>> In few words:
>>
>> 1) the user is disconnected
>> 2) the user tries to get into the net, and it knocks the NAS
>> 3) the NAS knocks the radius saying "hey this guy wants to get in"
>> 4) the radius asks to the NAS "hey the user is already online or not?"
>> and the NAS says "no I have no user with that name" (checkrad)
>> 5) but the radius thinks the user is still online somewhere because it
>> shows online into the mysql database, therefore the answer is "no, this
>> user is already online somewhere"
>>
>> So I am looking for some script/hint/whatever to CLEAN those users who
>> are not online but still "online" into the mysql.
>>
>> Suggestions very welcome!
>>
>>
>>
>>> Hi Radius Gurus
>>>
>>> I have a problem with one not-so-typical situation.
>>>
>>> First of all, I am running daloradius on top of Freeradius:
>>>
>>> [root at radman ~]# radiusd -v
>>> radiusd: FreeRADIUS Version 2.1.7, for host i686-redhat-linux-gnu, built
>>> on Mar 31 2010 at 00:25:31
>>> Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
>>> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
>>> PARTICULAR PURPOSE.
>>>
>>>
>>> I have just update my network topology and therefore I moved some NASes
>>> from one server to another.
>>>
>>> When I did this change, obviously I did it without worrying what could
>>> happen to the radiusd. So I simply moved the NASes on new IPs/servers
>>> and restarted the radiusd.
>>>
>>> Now I have the users trying to get into the network but they look
>>> "online" to radiusd on the old NASes. In few words the connection is
>>> refused because radiusd thinks that the user is ALREADY online on the
>>> "old NAS" (not true) and it does not permit the user to get into the
>>> network.
>>>
>>> So I have this teasing menu option in daloradius which is called
>>> "Cleanup Stale Sessions". I think it does exactly what I need but:
>>>
>>> 1) I do not want to break the radiusd
>>> 2) I do not want to loose my radius logs ("who had that IP that day..")
>>> 3) I do not know if this is the right "button" to click
>>>
>>> So I am asking you if you have any idea of how to solve this issue and
>>> if I should click that button
>>>
>>> Thank you in advance
>>>
>>> (radiusd log follows)
>>>
>>> -----------------------------------------------------------------------
>>>
>>>   Auth: Multiple logins (max 1) [MPP attempt]: [myuser at mynet.org] (from
>>> client  xyz port 45118 cli 00:15:6D:5E:0A:82)
>>>
>>> -----------------------------------------------------------------------
>>>
>>
> 
> 


-- 


Ing. Paolo Di Francesco

Level7 s.r.l. unipersonale

Sede operativa: Largo Montalto, 5 - 90144 Palermo

C.F. e P.IVA  05940050825
Fax : +39-091-8772072
assistenza: (+39) 091-8776432
web: http://www.level7.it






More information about the Freeradius-Users mailing list