If we add a CONSTRAINT to enforce uniqueness for acctuniqueid in the DB, will the failure to insert an accounting record confuse the freerad sql module and will those failures percolate up towards the radius protocol level and thus result in the NAS keep on sending that accounting packet?
Yes. The SQL module will return fail on any errors. This will override the priority of most other modules, and cause the accounting stanza to return fail. The RADIUS server will then ignore the Accounting request, and the NAS will think the RADIUS server is dead.
You should be able to add additional 'uniqueness' with the 'Class' attribute. RFC behavior is identical to User-Name. You set it in the Access-Accept packet, then the NAS includes its value in all future Accounting-Requests.
You can use another instance of the hashing module to generate the initial class value. Include something like system time in the list of attributes to make sure it never repeats. Then just add 'Class' into the list of attributes used to generate acctuniqueid. Arran -- Arran Cudbard-Bell (a.cudbard-b...@sussex.ac.uk), Authentication, Authorisation and Accounting Officer, Infrastructure Services (IT Services), E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT DDI+FAX: +44 1273 873900 | INT: 3900 GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
