Re: Zero Session-Timeout

[Kostas Kalevras]

On Tue, 30 May 2006, Rohaizam Abu Bakar wrote:

Dear all,
Using FB 6.0, FR 1.0.5 (will upgrade soon)

I've problem with timeout...

I've set in users file as below in order to load timeout value depending on 
type of connection (ISDN/PSTN)

DEFAULT                 NAS-Port-Type == "Sync", Autz-Type := DIALUP, 
Auth-Type := DIALUP
                      Session-Timeout = 
`%{exec:/usr/local/etc/raddb/timeout.pl %U ISDN}`

DEFAULT                 NAS-Port-Type == "Async", Autz-Type := DIALUP, 
Auth-Type := DIALUP
                      Session-Timeout = 
`%{exec:/usr/local/etc/raddb/timeout.pl %U PSTN}`value

The problem is when "Session-Timeout =0", normally happen when script cannot 
load value... it will NOT timeout... user till can get connect until manually 
disconnect...

I think that some access servers cannot handle session-timeout values which are 
very low or zero. In any case if session-timeout is zero you re better off 
sending an access-reject anyway.
I would suggest moving the script to rlm_perl and just return REJECT in case you 
cannot find a correct value. And also try not sending a session-timeout value 
which is lower than 60 secs.



Below is the debug log...


Login OK: [integ36] (from client INFRANETTEST port 300 cli 55550000)
Sending Access-Accept of id 111 to 10.1.1.1:1645
      Session-Timeout = 0
      Framed-Compression = Van-Jacobson-TCP-IP
      Framed-MTU = 1500
      Framed-Protocol = PPP
      Service-Type = Framed-User
Finished request 89
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 10.1.1.1:1646, id=97, 
length=131
      Acct-Session-Id = "000000AE"
      Framed-Protocol = PPP
      User-Name = "integ36"
      Acct-Authentic = RADIUS
      Acct-Status-Type = Start
      Calling-Station-Id = "55550000"
      Called-Station-Id = "2426"
      NAS-Port-Type = Async
      Connect-Info = "50667/24000 V90/V44/LAPM"
      NAS-Port = 300
      Service-Type = Framed-User
      NAS-IP-Address = 10.1.1.1
      Acct-Delay-Time = 0

.
.
.
.
rad_recv: Accounting-Request packet from host 10.1.1.1:1646, id=98, 
length=173
      Acct-Session-Id = "000000AE"
      Framed-Protocol = PPP
      Framed-IP-Address = 10.1.1.3
      User-Name = "integ36"
      Acct-Authentic = RADIUS
      Acct-Session-Time = 26
      Acct-Input-Octets = 8110
      Acct-Output-Octets = 4998
      Acct-Input-Packets = 92
      Acct-Output-Packets = 37
      Acct-Terminate-Cause = User-Request
      Acct-Status-Type = Stop
      Calling-Station-Id = "55550000"
      Called-Station-Id = "2426"
      NAS-Port-Type = Async
      Connect-Info = "50667/24000 V90/V44/LAPM"
      NAS-Port = 300
      Service-Type = Framed-User
      NAS-IP-Address = 10.1.1.1
      Acct-Delay-Time = 0


- List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html


--
Kostas Kalevras         Network Operations Center
[EMAIL PROTECTED]       National Technical University of Athens, Greece
Work Phone:             +30 210 7721861
'Go back to the shadow' Gandalf
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html