Replicated Acctounting blocks replys
Dalton Porter
daltonporter at yahoo.com
Wed May 7 04:50:49 CEST 2014
I solved this issue with some prompting from Allen.
This is what I wanted
NAS send acct req to radius R1
R1 replicate acct req to R2
R1 respond to NAS
I simply could not get R1 to respond to the NAS when the replicate was in the configuration,
so the NAS would continue to send acct req packets to R1 and after a few trys, mark R1 as down.
It appears to be an issue with freeradius-2.1.12.
Upgrading to 2.2.4 seems to have fixed the issue.
Here are some details for those interested. I make no claims about this being the best way,
it's just "a way".
Building a 2.2.4 rpm for my version of centos was a bit of trouble as well. I followed this and got it done:
http://adriansmith.blogspot.co.uk/2014/01/building-freeradius-rpm-for-el5.html
Follow the instructions but change the version and release in the spec file to values that match your
freeradius source rpm.
I had to add one additional step which was to add this line to the spec file:
%config(noreplace) /etc/raddb/panic.gdb
To configure radius to do a replicate (fire and forget) to an accounting server:
in sites-enabled/default
in the accounting { } section, add update control and replicate items like this:
# daily
update control {
Replicate-to-Realm='Acct2'
}
replicate
# Update the wtmp file
in proxy.conf, define a home_server, a pool, and a realm as follows
(use your IP and password values)
home_server_acct2 {
type = acct
ipaddr = 10.10.1.1
port = 1813
secret = testing123
# src_ipaddr = 127.0.0.1
require_message_authenticator = yes
response_window = 20
# no_response_fail = no
zombie_period = 40
revive_interval = 120
status_check = status-server
check_interval = 30
num_answers_to_alive = 3
max_outstanding = 65536
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server_pool acct2_pool {
type = fail-over
home_server = acct2
}
realm Acct2 {
acct_pool = acct2_pool
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140506/7574aa96/attachment.html>
More information about the Freeradius-Users
mailing list