--- Forwarded mail from [EMAIL PROTECTED] Date: Thu, 15 Feb 2001 08:10:22 +1100 (EST) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["Mariano Absatz" <[EMAIL PROTECTED]>] >From mikem Thu Feb 15 08:10:16 2001 Received: by oscar.open.com.au (8.9.0/8.9.0) id IAA16627 for [EMAIL PROTECTED]; Thu, 15 Feb 2001 08:10:16 +1100 (EST) >Received: from dedos.pert.com.ar (dedos.pert.com.ar [200.49.76.34]) by perki.connect.com.au with ESMTP id IAA05099 (8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Thu, 15 Feb 2001 08:00:19 +1100 (EST) Received: from dedos.pert.com.ar (dedos.pert.com.ar [200.49.76.34]) by perki.connect.com.au with ESMTP id IAA05099 (8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Thu, 15 Feb 2001 08:00:19 +1100 (EST) Received: from cosa.intranet.pert.com.ar ([192.168.1.10]:15634 "EHLO cosa" whoson: "popbaby") by dedos.pert.com.ar with ESMTP id <S33684AbRBNVAC> convert rfc822-to-8bit; Wed, 14 Feb 2001 18:00:02 -0300 From: "Mariano Absatz" <[EMAIL PROTECTED]> Organization: Pert Consultores To: Radiator List <[EMAIL PROTECTED]> Date: Wed, 14 Feb 2001 18:00:03 -0300 MIME-Version: 1.0 Content-transfer-encoding: 8BIT Subject: Re: Acct-Interim-Update for keeping SessionDatabase current Message-ID: <3A8AC7A3.16070.C0C7289@localhost> Priority: normal In-reply-to: <3A8AB71F.24254.BCBECFF@localhost> X-mailer: Pegasus Mail for Win32 (v3.12c) Content-Type: text/plain; charset=ISO-8859-1 See more below... El 14 Feb 2001, a las 16:49, Mariano Absatz escribió: > Hi people, > > We are having trouble with stale records in our SessionDatabase. > > The NAS is a Nortel Shasta that doesn't seem to have a reasonable means > of being queried about a particular Acct-Session-Id or Username/Framed-IP- > Address. > > We started using Ping, but it seems to be giving addresses on a FIFO > basis, so they are almost immediatly re-used making this method useless. > > The people at Nortel say that they can configure it so it sends Acct- > Interim-Update packets every <N> minutes. > > What we could do is to catch every Acct-Interim-Update packet and make an > update on the SessionDatabase record's Timestamp. > > Now, if we have a user trying to authenticate and according to our > SessionDatabase it would exceed it's Simultaneous-Use value, we could > check every record for this user and if the Timestamp is older than <N> > minutes + 10% (or something like that), we consider it invalid and allow > the user in again. > > > How would I do this? > > > That is, as there is an AddQuery for an Acct-Start and a DeleteQuery for > an Acct-Stop, I would need to use a kind of "UpdateQuery" for an Acct- > Interim-Update. How can I do this? > > > Where should I handle the Simultaneous-Use check? That is, now I simply > set a NasType in the Shasta's <Client> entry. How can I use an arbitrary > perl function for this? > > > Thanx. > -- > Baby > > > -- > PS: If one of the Shasta users out there is handling lost Acct-Stop > packets in some other way, I would very much like to know... as we are a > third party and not the ISP itself, we don't have direct access to the > Nortel people. > > I forgot... our current setup is a Netra T1 with 512Mb RAM running Radiator 2.17.1 and MySQL 3.22.32 for the SessionDatabase. The accounting database we have just moved it out to another Netra T1 running also MySQL because it appeared that making queries on the accounting database slowed down the machine (though I ain't that sure about this). The question is, do you think that adding all these Acct-Interim-Update packets and espcially the update queries can degrade the performance of the radius server? There are currently between 2000 and 3000 users on line simutaneously and they are usually connected for long periods... I would risk something like 4 hours average but made no real statistics on this. -- Mariano Absatz mailto:[EMAIL PROTECTED] PGP KEYS: http://www.pert.com.ar/baby/pgpkeys.html PERT Consultores http://www.pert.com.ar ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.