Simultaneous-Use := 2 and MySQL

Alan DeKok aland at deployingradius.com
Wed Feb 25 15:54:34 CET 2015


On Feb 25, 2015, at 8:43 AM, Reilly, Paul <preilly at eastpennsd.org> wrote:
> I configured mysql to use for accounting and can see information in redact.

  That isn’t enough.  There needs to be enough information to UNIQUELY identify a session.  The typical use-case is in a GGSN or DSL concentrator, where every user is assigned a unique NAS port.

  That isn’t happening here.  Which is likely the sourceof the problem.

>  If I don't set a nas type in clients.conf  will Simultaneous-Use only use SQL to check if a user is logged in and not use checkrad (correct)?

  Simultaneous-Use means that the server ALWAYS uses the “session” section to check how many times a user is logged in.  If it’s below the limit, nothing further is done.  The new session is allowed.

  If it’s at or above the limit, then checkrad MAY be used to see if the NAS really thinks the user is still logged in.  That check is done because historically accounting packets could get lost.  Then the sessions wouldn’t be marked as “stopped”, even if they really were stopped.

  checkrad is used ONLY if the NAS type is known.

  To be honest, checkrad should just go away.  Modern systems are much better than they used to be at keeping accounting up to date.  If your network is losing accounting packets, the solution is to fix the network, not to butcher it some more by doing crappy SNMP checks.

>  Also  I continue to get the error where setting Simultaneous-Use to :=2 it fails (nas type not set).  See information below

  Read the REST of the debug output.  What is it doing in the “session” section?  Did you even configure that?

  And if the debug log is too big to post… don’t post logs showing it works.  They’re useless.  Show logs where it DOESN’T work.  Because 99% of the time, the information about WHY it doesn’t work is in the debug log.

  Alan DeKok.




More information about the Freeradius-Users mailing list