Updating Multipe variables with one SQL Query

Richard J Palmer richard at merula.net
Sun Apr 7 21:58:53 CEST 2019


Hi

I have sent an email to the company so will see what they can do - 
these are Broadband L2TP sessions so the Calling-Staion-Id in these 
cases are a circuid ID - I do get them at session start - I have asked 
if they can be added to interim and end packets

I made a mistake with CUI - that's something that we send back with 
the reply so we do generate this and it comes with every update - so I 
may be able to work on that too.

On the positive side - even with that - because of the flexibility of 
FreeRadius - I can make this work - and work properly - Hopefully they 
can adjust the code on the devide to send the extra fields and that 
will make things even easier

I'll let you know how I get on

Thanks again for the pointers


Richard
>
> --- Original message ---
> Subject: Re: Updating Multipe variables with one SQL Query
> From: Alan DeKok <aland at deployingradius.com>
> To: FreeRadius users mailing list 
> <freeradius-users at lists.freeradius.org>
> Date: Sunday, 07/04/2019 8:33 PM
>
> On Apr 7, 2019, at 3:24 PM, Richard J Palmer <richard at merula.net> 
> wrote:
>>
>> I have spoken to Adrian/RevK It's something they are looking at but 
>> not a 'simple' change - so not something happening 'immediately'.
>
>    If there's a User-Name, it should be sent in accounting packets.  
> The same goes for Calling-Station-ID, which is usually the MAC 
> address.
>
>    Doing anything else is severely unfriendly to every other RADIUS 
> system.
>
>>
>> Currently they set 'Chargeable-User-Identity' which is OK - and I 
>> could use that. The Firebrick does not hold the username (as things 
>> stand) once the session is setup
>
>>
>> - BUT we don't have the chargeable ID until the auth start hits 
>> freeradius Which means it's not available at the time of the IP 
>> allocation
>
>    I'm not sure I understand that.  CUI is sent by the RADIUS server 
> to the NAS.  The NAS *never* creates a CUI and sends it to the server. 
>  See RFC 4372 for details.
>
>>
>> The reason for not returning the Framed-IP they say is that the 
>> devices allow multiple IPs and the framed IP can be changed with a CoA 
>> request even - which can be nice - you can even have multiple routing 
>> tables - so you can have the sane IP in multiple IPs in different 
>> tables in a scenario like this (putting some users into walled 
>> gardens). Obviously in this scenario it won't change
>
>    That doesn't make sense.
>
>    If the RADIUS server sends a Framed-IP-Address to the NAS, the NAS 
> should echo it back in accounting packets.  If the Framed-IP-Address 
> is changed in a CoA request, then the NAS should echo the *new* 
> Framed-IP-Address in subsequent accounting requests.
>
>>
>> I totally agree it is unhelpful in this case and I am not defending 
>> them - Just some of their thinking when I asked them- I will continue 
>> to nudge this one!
>
>    They can ask RADIUS people for help.
>
>    i.e. EVERYONE PLEASE ASK.
>
>    It's better to fix things in the engineering stage.  The 
> alternative is to ship garbage, and then have the poor users wonder 
> why the software isn't compatible with anything else.
>
>    Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list