Dropping NAS-Port AVP from Acct-Unique-Session-Id by default

Nick Lowe nick.lowe at gmail.com
Fri Sep 18 14:36:35 CEST 2015

>> My thoughts are that the default behaviour in FreeRADIUS should always be:
>> &Acct-Unique-Session-Id :=
>> "%{md5:%{User-Name},%{Acct-Multi-Session-ID},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier}}"
>> I also should have mentioned before, that the NAS-Port-Id should be
>> dropped too in addition to the NAS-Port.
>   Those are there for dial-up or DSL concentrators.  They're useful for some people, and need to stay in.
>   You're free to make changes to your local config, of course.

Of course, but that pushes the complexity of understanding all this on
the administrator.

I wonder if a better approach here would therefore be a configuration
ability to easily specify intent somehow and somewhere.

Intent being specifying, for typical deployment scenarios, that you're
doing wired/wireless 802.1X or instead something with dial-up /DSL

Different behaviour is optimal in these diverged use case scenarios.

More information about the Freeradius-Users mailing list