Dynamic update of rate-limit

Ali Arslan e066377 at yahoo.com
Wed Jul 10 22:02:09 CEST 2019

Hi Alan, thanks for your reply.

>  You need to send an empty Accounting-Response packet.  And *also* a CoA-Request packet to the NAS.  See sites-available/originate-coa for details.

>  The CoA-Request packet will need to contain attributes that identify the user session.  Typically this is User-Name, NAS-Identifier, NAS-Port, etc.  The exact list is found either in the NAS documentation, or by trial & error via testing.

 > Typically you can just copy the relevant attributes from the Accounting-Request packet into the CoA-Request packet.

I have changed Reply updates to CoA updates as you suggested, like

                switch "%{&control:Subscriber-NAS-Vendor}" {
                        case "Mikrotik" {
                                update coa {
                                        &User-Name = "%{User-Name}"
                                        # upload and download strings are equal for Mikrotik (Uk/Dk)
                                        &Mikrotik-Rate-Limit := "%{sql:SELECT GetRate('%{User-Name}', 'download')}"
                        case "Cisco" {
                                update coa {
                                        &User-Name = "%{User-Name}"
                                        &Cisco-Avpair := "%{sql:SELECT GetRate('%{User-Name}', 'download')}"
                                        &Cisco-Avpair += "%{sql:SELECT GetRate('%{User-Name}', 'upload')}"

debug output finishes as follows:

(338)     [attr_filter.accounting_response] = updated
(338)   } # accounting = updated
(338) Sent CoA-Request Id 248 from to  {nas.IP}:3799 length 65
(338)   User-Name = "testUser"
(338)   NAS-IP-Address =  {nas.IP}
(338)   Mikrotik-Rate-Limit := "802k/12288k"
(338) Sent Accounting-Response Id 69 from {RadiusServer.IP}:1813 to {nas.IP}.15:36823 length 0
(338) Finished request

so not getting a CoA-ACK result because of some problem(s) in my coa configuration, but the same command work by radclient

$"echo \"User-Name={radcheck.username}\nMikrotik-Rate-Limit:={radcheck.upload_rate}k/{radcheck.download_rate}k/\" | radclient {nas.IP}:{nas.RadiusIncomingPort} CoA {nas.Secret}"

with result:

Sent CoA-Request Id 46 from to {nas.IP}:3799 length 62
Received CoA-ACK Id 46 from {nas.IP}:3799 to length 34

In home_server example-coa in originate-coa file it says "Change this IP address to the IP address of the NAS." and i changed IP  to the IP address of a NAS (if i can make it work i will add more NASes) and chaged its original name example-coa to NAS name mikrotik1

and renamed example-coa in home_server_pool coa to the new name mikrotik1.

There is somoething wrong or missing in my coa configuration.  Any help much appreciated.


List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list