Dropping NAS-Port AVP from Acct-Unique-Session-Id by default
nick.lowe at gmail.com
Fri Sep 18 11:29:02 CEST 2015
I noticed looking through the commits in FreeRADIUS 3.1 that the
Acct-Unique-Session-Id is now using the Acct-Multi-Session-Id in its
construction. Awesome! :)
I wondered while looking at the commit if there has been consideration
about dropping the NAS-Port in the construction so that FreeRADIUS
interoperates, in its default configuration, with wireless controllers that
keep the same Acct-Session-Id when a roam occurs from one BSS/AP to another
In that scenario, it is, of course, the controller that is the NAS, not the
Some controllers set the value of the NAS-Port attribute on per AP or BSS
basis and this therefore changes where a roam occurs.
In my opinion, vendors should be sending a Stop and a Start when a roam
occurs with a constant Acct-Multi-Session-Id being used to allow sessions
to be correlated, but this not the case today.
This has been written about by others too:
I was looking in to this area of FreeRADIUS more closely as I have been
engaging with Aerohive on their Acct-Session-Ids. The upcoming HiveOS
releases will have Acct-Session-Ids that have the properties of a GUID/UUID.
At the moment, they're just incremented and are therefore not guaranteed to
be unique across reboots.
More information about the Freeradius-Users