Re: DSL Accouting?
29-Jan-03 at 09:47, Dave Seddon ([EMAIL PROTECTED]) wrote : > Greetings, > > Yeah IP accouting is how I do it now. I use a FreeBSD bridge box, so > nobody can even see it. Works well, however it makes billing on-net > traffic difficult if you aren't billing the PPP sessions. What do you mean by on-net traffic? What's the extra info you get from the PPP sessions? -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, Yeah IP accouting is how I do it now. I use a FreeBSD bridge box, so nobody can even see it. Works well, however it makes billing on-net traffic difficult if you aren't billing the PPP sessions. thanks, Dave - Original Message - From: Simon White <[EMAIL PROTECTED]> Date: Tuesday, January 28, 2003 7:55 pm Subject: Re: DSL Accouting? > 28-Jan-03 at 12:20, Dave Seddon ([EMAIL PROTECTED]) wrote : > > Thanks for your responce. > > > > > If your DSL box produces RADIUS accounting packets, then I > don't see > > > why this would be necessary. > > > > Most ISP billing packages are designed to bill stardard dialup, > where> there is a start and a stop. DSL ppp sessions stay up for > ages, so a > > seesion might go for more than a month. Also, billing packages > usually> show pretty graphs of usage, based on starts and stops. > Therefore, it > > would make billing really easy if for each 'Alive' recieved, a > start and > > a stop was sent to the Billing system. It would appear as if > each DSL > > customer connected and disconnected every ten minutes. > > > > Maybe you have an idea of an easier way? > > The way I have heard of is to use Linux traffic shaping on a 2.4.x > kernel, where iptables will keep track of how much bandwidth each > IP has > used as long as you get the rules right. However that's not trivial > either if DHCP allocates a different IP each time there is an on/off, > but then that can be tracked in liaison with Radius logs. > > Good luck. > > -- > |-Simon White, Internet Services Manager, Certified Check Point CCSA. > |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. > |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. > |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Dave Seddon <[EMAIL PROTECTED]> wrote: > Most ISP billing packages are designed to bill stardard dialup, where > there is a start and a stop. DSL ppp sessions stay up for ages, so a > seesion might go for more than a month. Also, billing packages usually > show pretty graphs of usage, based on starts and stops. Therefore, it > would make billing really easy if for each 'Alive' recieved, a start and > a stop was sent to the Billing system. It would appear as if each DSL > customer connected and disconnected every ten minutes. Hmm.. so you want to break the server to work around a broken billing system. I can't say I like that idea. > Maybe you have an idea of an easier way? Use the detail file, and the alive packets, to create another fake 'detail' file, with the daily start/stop packets for the users session. You can then use feed that hacked detail file to the billing software. > Why is generating new packets problematic? Surely proxying generates > packets reliably? Yes, but creating and receiving new packets *outside* of the existing infrastructure should be avoided. I believe that you can come up with a slightly different solution to the problem, which doesn't require such weirdness *inside* of the RADIUS server. > The billing system we use backeds to oracle, so I guess I could do > inserts directly into that, however I thought the community would be > better served by a module like I'm suggesting, that could input standard > dail-up radius into any billing system. I believe that you would be better off hacking 'radrelay', or creating your own equivalent. Read the detail files, crunch the sessions, and create daily start/stop packets. That way, the program generating the fake packets is *not* inside of the RADIUS server, and is much simpler. > Cool. It looks like I can just copy the rlm_detail module. If you do write a module, I would say that you need some combination of radutmp & detail. Use the utmp information to determine who's online, and for how long. Then, when you receive a new 'alive' packet at the start of a day, write to the pseduo-detail file a 'stop' packet for the previous day, and a 'start' packet for the current day. Then update the 'utmp' information, with the fact that the user "logged in" again. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
,
'%{Framed-Protocol}', '%{Framed-IP-A
ddress}', '%{Acct-Delay-Time:-0}', '0')"
Instead of using this timestamp from freeradius (which includes accounting
delay and therefore requires extra calculation for acurate billin) I use the
h323starttime and h323stoptime as generated directly by the ciscos (which all
run NTP timesync) with the following command:
gw-accounting h323 vsa
There should be a similar command for DSL I would think. (Don't have time to
check now though sorry)
If you are using SQL accounting you REALLY need to sit down and understand how
ALL of the queries work so you can customise them for your needs. The queries
that are default are IMHO broken (I will probably cop some shit for this
comment) as they are only any good for a small dialin ISP running generic
radius. However, I have not patched them as my accounting needs are a bit
more specialised than the average ISP, I am using only cisco equipment and I
am not doing any standard ISP type dialin currently so I don't have the time
to test how my changes affect others. I have been planning to complete my
documentation howver and commit it as advanced_sql_accounting.txt or
something. Would other people be interested in this?
Now I have to go and do some work. I have 2.1GB worth of billing records (A
monthly DB dump from one site) to match/check today :-(
Hope that helps
-Peter
> > On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
> > > Greetings,
> > >
> > > Still wondering how to convert DSL interum updates to standard
> >
> > dail-up
> >
> > > type radius accounting.
> > >
> > > I've done some digging through the source code, and have decided
> >
> > that> perhaps I need to create a module, perhaps
> > "rlm_alive_to_dialup". If
> >
> > > the new module was based on rlm_detail, it would just be a matter of
> > > linking to a mysql database to see the last update, calculate the
> > > difference, then generate the new radius packets, for start and
> >
> > stop.>
> >
> > > I'm also wondering if this should be part of the proxy (which
> >
> > seems to
> >
> > > be in the realm code) functionality, eg. Make the proxy feature
> >
> > break> RFC and allow it to modify the 'alive' and create a 'start' and
> >
> > > a 'stop'.
> > >
> > > Any thoughts on whether it should be a seperate module or a
> > > modification to the proxy code?
> > >
> > > thanks,
> > >
> > > Dave Seddon
> > >
> > > - Original Message -
> > > From: Dave Seddon <[EMAIL PROTECTED]>
> > > Date: Saturday, January 25, 2003 4:20 pm
> > > Subject: DSL Accouting?
> > >
> > > > Greetings,
> > > >
> > > > I'm new to the list. I have two issues:
> > > > -Problem logging accounting
> > > > -Alive packet processing and integration with dial-up billing
> > > >
> > > > I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
> > > > authenticate lots of xDSL PPP sessions via an L2TP tunnel
> > > > terminated on
> > > > a big Cisco box. It works very well, however for some reason
> > > > accounting records do not get put in the 'radacct' mysql table.
> > > > There
> > > > are some records in the table, but no where near as many as their
> > > > should be since Interim updates or Alive packets get sent by the
> > > > Cisco
> > > > every 10 minutes. However I do get all the accouting records
> > > > in /var/log/radacct/ip_address/detail.
> > > >
> > > > Here is some of the /usr/local/etc/raddb/radius.conf. The
> > > > accounting
> > > > section seems correct. The sql.conf is untouched from the example
> > > > (except for the password and username).
> > > >
> > > > authorize {
> > > >preprocess
> > > >suffix
> > > >sql
> > > >files
> > > > }
> > > > authenticate {
> > > > }
> > > > preacct {
> > > >preprocess
> > > >suffix
> > > >files
> > > > }
> > > > accounting {
> > > >detail
> > > > # unix
> > > >sql
> > > >radutmp
> > > > }
> > > > -
Re: DSL Accouting?
28-Jan-03 at 12:20, Dave Seddon ([EMAIL PROTECTED]) wrote : > Thanks for your responce. > > > If your DSL box produces RADIUS accounting packets, then I don't see > > why this would be necessary. > > Most ISP billing packages are designed to bill stardard dialup, where > there is a start and a stop. DSL ppp sessions stay up for ages, so a > seesion might go for more than a month. Also, billing packages usually > show pretty graphs of usage, based on starts and stops. Therefore, it > would make billing really easy if for each 'Alive' recieved, a start and > a stop was sent to the Billing system. It would appear as if each DSL > customer connected and disconnected every ten minutes. > > Maybe you have an idea of an easier way? The way I have heard of is to use Linux traffic shaping on a 2.4.x kernel, where iptables will keep track of how much bandwidth each IP has used as long as you get the rules right. However that's not trivial either if DHCP allocates a different IP each time there is an on/off, but then that can be tracked in liaison with Radius logs. Good luck. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
> How did you cope with counter roll? If you keep doing "UPDATE" and > thecounter rolls, at 32bits, then you'll get an update of a low > number and > miss out on one metic s#it load of data. The boss wouldn't be very > happy. Sorry, I just checked and it seems that the counter roll is at 31 bits (on a cisco). dave - NEW to mBox, receive faxes to any email address! Find out more http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings,
> What exactly is it that you want to do? Make Extent work better, or
> switch to
> freeradius.
I want to make it easy for small dailup based ISPs to bill DSL
customers. Most small ISPs use billing systems based on stop starts, so
it would be good for DSL wholesalers to be able to generate simple
radius packets for smaller ISPs.
> It sounds like freeradius is doing exactly what it is
> configured
> to do by default, and that is to UPDATE and exisiting session
> record when it
> recieves a ALIVE packet, NOT add a new record. I suggest you have a
> good read
> of sql.conf (or mysql.conf of whatever) and understand the queries
> that are
> being executed at different stages.
> I myself am using Freeradius with a large VoIP setup, and I found
> that the
> default queries were useless to me as they would kill the database.
> I
> switched all queries to INSERTS, set different types of records to
> go to
> different tables, and and threw away most of the default fields
> that were
> being stored and replaced them with Cisco VoIP specific attributes
> (VSAs).
> You should not have to use a cron script to parse your detail
> files. Just
> modify the freeradius queries so it stores the information that you
> want.
Different tables for different types of session? or was that for load
reasons? Perhaps different tables for different realms?
> I also found that MySQL simply could not handle the load I was
> throwing at it,
> so I switched to Postgres and have been happy ever since. The fact
> that
> postgres can do sub selects and views, makes it much more usefull
> if you have
> split your radacct table up into multiple tables too.
> Not to mention that I use the start and stop times as reported by
> the ciscos
> instead of having freeradius timestamp the records, which is much
> more
> accurate, and postgres supports cisco timestamp format while mysql
> does not.
>
Very intersting. Thanks. Also thanks to Kostas Kalevras for his
comment on MySQL. Looks like Postgres could be the go for lots of reasons.
Which part of freeradius creates the timestamps?
thanks,
Dave
> On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
> > Greetings,
> >
> > Still wondering how to convert DSL interum updates to standard
> dail-up
> > type radius accounting.
> >
> > I've done some digging through the source code, and have decided
> that> perhaps I need to create a module, perhaps
> "rlm_alive_to_dialup". If
> > the new module was based on rlm_detail, it would just be a matter of
> > linking to a mysql database to see the last update, calculate the
> > difference, then generate the new radius packets, for start and
> stop.>
> > I'm also wondering if this should be part of the proxy (which
> seems to
> > be in the realm code) functionality, eg. Make the proxy feature
> break> RFC and allow it to modify the 'alive' and create a 'start' and
> > a 'stop'.
> >
> > Any thoughts on whether it should be a seperate module or a
> > modification to the proxy code?
> >
> > thanks,
> >
> > Dave Seddon
> >
> > - Original Message -
> > From: Dave Seddon <[EMAIL PROTECTED]>
> > Date: Saturday, January 25, 2003 4:20 pm
> > Subject: DSL Accouting?
> >
> > > Greetings,
> > >
> > > I'm new to the list. I have two issues:
> > > -Problem logging accounting
> > > -Alive packet processing and integration with dial-up billing
> > >
> > > I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
> > > authenticate lots of xDSL PPP sessions via an L2TP tunnel
> > > terminated on
> > > a big Cisco box. It works very well, however for some reason
> > > accounting records do not get put in the 'radacct' mysql table.
> > > There
> > > are some records in the table, but no where near as many as their
> > > should be since Interim updates or Alive packets get sent by the
> > > Cisco
> > > every 10 minutes. However I do get all the accouting records
> > > in /var/log/radacct/ip_address/detail.
> > >
> > > Here is some of the /usr/local/etc/raddb/radius.conf. The
> > > accounting
> > > section seems correct. The sql.conf is untouched from the example
> > > (except for the password and username).
> > >
> > > authorize {
> > >preprocess
> > >suffix
> > >sql
> > >files
> > > }
> > > authenticate
Re: DSL Accouting?
Greetings, > OK. I have a Cisco Terminating PPPoX and it also sends accounting > updates. I found I had to modify the update sql statements for them > to > do anything. Normal sql accounting is one record per call. I havent > checked the detail files. What modifications did you make? Could you send me the sql.conf file? How did you cope with counter roll? If you keep doing "UPDATE" and the counter rolls, at 32bits, then you'll get an update of a low number and miss out on one metic s#it load of data. The boss wouldn't be very happy. > If you have any method of graphing resulting data, I would > appreciate a > holler There are lots of billing system and other programs to graph standard dialup radius accounting. I'm currently thinking a module could recieve an 'alive' and generate a start and a stop, with the difference between two 'alives' calculated. thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Thanks for your responce. > If your DSL box produces RADIUS accounting packets, then I don't see > why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? > Generating new packets is always problematic. I would suggest > avoiding it if you can. Why is generating new packets problematic? Surely proxying generates packets reliably? The billing system we use backeds to oracle, so I guess I could do inserts directly into that, however I thought the community would be better served by a module like I'm suggesting, that could input standard dail-up radius into any billing system. This would be better don't you think? > Why would it be necessary to create a new start/stop packet? > > > Any thoughts on whether it should be a seperate module or a > > modification to the proxy code? > > A module. Cool. It looks like I can just copy the rlm_detail module. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
On Mon, 27 Jan 2003, Peter Nixon wrote:
> Hi Dave
>
> What exactly is it that you want to do? Make Extent work better, or switch to
> freeradius. It sounds like freeradius is doing exactly what it is configured
> to do by default, and that is to UPDATE and exisiting session record when it
> recieves a ALIVE packet, NOT add a new record. I suggest you have a good read
> of sql.conf (or mysql.conf of whatever) and understand the queries that are
> being executed at different stages.
> I myself am using Freeradius with a large VoIP setup, and I found that the
> default queries were useless to me as they would kill the database. I
> switched all queries to INSERTS, set different types of records to go to
> different tables, and and threw away most of the default fields that were
> being stored and replaced them with Cisco VoIP specific attributes (VSAs).
>
> You should not have to use a cron script to parse your detail files. Just
> modify the freeradius queries so it stores the information that you want.
>
> I also found that MySQL simply could not handle the load I was throwing at it,
> so I switched to Postgres and have been happy ever since. The fact that
> postgres can do sub selects and views, makes it much more usefull if you have
> split your radacct table up into multiple tables too.
Just to comment on that. If you add a few more indexes and use InnoDB tables
instead of the default MyISAM (row level instead of table level locking) things
can improve a lot. We have around 20 rows a day in radacct, do double login
detection through the sql module and still get nice performance.
> Not to mention that I use the start and stop times as reported by the ciscos
> instead of having freeradius timestamp the records, which is much more
> accurate, and postgres supports cisco timestamp format while mysql does not.
>
> HTH
>
> Peter
>
>
> On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
> > Greetings,
> >
> > Still wondering how to convert DSL interum updates to standard dail-up
> > type radius accounting.
> >
> > I've done some digging through the source code, and have decided that
> > perhaps I need to create a module, perhaps "rlm_alive_to_dialup". If
> > the new module was based on rlm_detail, it would just be a matter of
> > linking to a mysql database to see the last update, calculate the
> > difference, then generate the new radius packets, for start and stop.
> >
> > I'm also wondering if this should be part of the proxy (which seems to
> > be in the realm code) functionality, eg. Make the proxy feature break
> > RFC and allow it to modify the 'alive' and create a 'start' and
> > a 'stop'.
> >
> > Any thoughts on whether it should be a seperate module or a
> > modification to the proxy code?
> >
> > thanks,
> >
> > Dave Seddon
> >
> > - Original Message -
> > From: Dave Seddon <[EMAIL PROTECTED]>
> > Date: Saturday, January 25, 2003 4:20 pm
> > Subject: DSL Accouting?
> >
> > > Greetings,
> > >
> > > I'm new to the list. I have two issues:
> > > -Problem logging accounting
> > > -Alive packet processing and integration with dial-up billing
> > >
> > > I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
> > > authenticate lots of xDSL PPP sessions via an L2TP tunnel
> > > terminated on
> > > a big Cisco box. It works very well, however for some reason
> > > accounting records do not get put in the 'radacct' mysql table.
> > > There
> > > are some records in the table, but no where near as many as their
> > > should be since Interim updates or Alive packets get sent by the
> > > Cisco
> > > every 10 minutes. However I do get all the accouting records
> > > in /var/log/radacct/ip_address/detail.
> > >
> > > Here is some of the /usr/local/etc/raddb/radius.conf. The
> > > accounting
> > > section seems correct. The sql.conf is untouched from the example
> > > (except for the password and username).
> > >
> > > authorize {
> > >preprocess
> > >suffix
> > >sql
> > >files
> > > }
> > > authenticate {
> > > }
> > > preacct {
> > >preprocess
> > >suffix
> > >files
> > > }
> > > accounting {
> > >detail
> > > # unix
> > >sql
> > >radutmp
> > > }
> > > -
Re: DSL Accouting?
Hi Dave
What exactly is it that you want to do? Make Extent work better, or switch to
freeradius. It sounds like freeradius is doing exactly what it is configured
to do by default, and that is to UPDATE and exisiting session record when it
recieves a ALIVE packet, NOT add a new record. I suggest you have a good read
of sql.conf (or mysql.conf of whatever) and understand the queries that are
being executed at different stages.
I myself am using Freeradius with a large VoIP setup, and I found that the
default queries were useless to me as they would kill the database. I
switched all queries to INSERTS, set different types of records to go to
different tables, and and threw away most of the default fields that were
being stored and replaced them with Cisco VoIP specific attributes (VSAs).
You should not have to use a cron script to parse your detail files. Just
modify the freeradius queries so it stores the information that you want.
I also found that MySQL simply could not handle the load I was throwing at it,
so I switched to Postgres and have been happy ever since. The fact that
postgres can do sub selects and views, makes it much more usefull if you have
split your radacct table up into multiple tables too.
Not to mention that I use the start and stop times as reported by the ciscos
instead of having freeradius timestamp the records, which is much more
accurate, and postgres supports cisco timestamp format while mysql does not.
HTH
Peter
On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
> Greetings,
>
> Still wondering how to convert DSL interum updates to standard dail-up
> type radius accounting.
>
> I've done some digging through the source code, and have decided that
> perhaps I need to create a module, perhaps "rlm_alive_to_dialup". If
> the new module was based on rlm_detail, it would just be a matter of
> linking to a mysql database to see the last update, calculate the
> difference, then generate the new radius packets, for start and stop.
>
> I'm also wondering if this should be part of the proxy (which seems to
> be in the realm code) functionality, eg. Make the proxy feature break
> RFC and allow it to modify the 'alive' and create a 'start' and
> a 'stop'.
>
> Any thoughts on whether it should be a seperate module or a
> modification to the proxy code?
>
> thanks,
>
> Dave Seddon
>
> ----- Original Message -
> From: Dave Seddon <[EMAIL PROTECTED]>
> Date: Saturday, January 25, 2003 4:20 pm
> Subject: DSL Accouting?
>
> > Greetings,
> >
> > I'm new to the list. I have two issues:
> > -Problem logging accounting
> > -Alive packet processing and integration with dial-up billing
> >
> > I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
> > authenticate lots of xDSL PPP sessions via an L2TP tunnel
> > terminated on
> > a big Cisco box. It works very well, however for some reason
> > accounting records do not get put in the 'radacct' mysql table.
> > There
> > are some records in the table, but no where near as many as their
> > should be since Interim updates or Alive packets get sent by the
> > Cisco
> > every 10 minutes. However I do get all the accouting records
> > in /var/log/radacct/ip_address/detail.
> >
> > Here is some of the /usr/local/etc/raddb/radius.conf. The
> > accounting
> > section seems correct. The sql.conf is untouched from the example
> > (except for the password and username).
> >
> > authorize {
> >preprocess
> >suffix
> >sql
> >files
> > }
> > authenticate {
> > }
> > preacct {
> >preprocess
> >suffix
> >files
> > }
> > accounting {
> >detail
> > # unix
> >sql
> >radutmp
> > }
> >
> > So what could be wrong?
> >
> > To see what data I was getting in the detail log, I wote a little
> > perl
> > script to parse the detail log and stick the data in MySQL so I
> > could
> > easily do select statements. I discovered that the records I
> > created
> > where structured differently, so perhaps that's why it's not going
> > to
> > the Freeradius radacct table? Essentially, the difference is
> > the "Tunnel" attributes.
> >
> > The database structure I created is:
> > -
> > drop database radiusaccounting;
> > create database radiusaccounting;
> > use radiusaccounting;
> >
> > CREATE TA
Re: DSL Accouting?
OK. I have a Cisco Terminating PPPoX and it also sends accounting
updates. I found I had to modify the update sql statements for them to
do anything. Normal sql accounting is one record per call. I havent
checked the detail files.
If you have any method of graphing resulting data, I would appreciate a
holler
Joe
Dave Seddon wrote:
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table. There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little perl
script to parse the detail log and stick the data in MySQL so I could
easily do select statements. I discovered that the records I created
where structured differently, so perhaps that's why it's not going to
the Freeradius radacct table? Essentially, the difference is
the "Tunnel" attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25) NOT NULL default '',
AcctTunnelConnection int unsigned default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctInputOctets int unsigned default NULL,
AcctOutputOctets int unsigned default NULL,
AcctInputPackets int unsigned default NULL,
AcctOutputPackets int unsigned default NULL,
AcctSessionTime int unsigned default NULL,
AcctDelayTime int unsigned default NULL,
ClientIPAddress varchar(15) NOT NULL,
TimeStamp bigint unsigned default NULL,
HumanTime varchar(10) default NULL,
PRIMARY KEY (RadAcctId),
KEY UserName (UserName)
);
-
So I've kind of solved the problem of getting the accouting data into
the MySQL database, however it's a bit crap cos I need to process the
logs with a cron job, instead of automatically inserting from
FreeRadius.
My company has lots of dialup also, and an ISP billing system called
Extent (with built in radius) that works fine fo these dialup
customers, however is unaware of 'Alive' packets. I'd really like to
feed the accounting data from Freeradius to the Extent billing
package. I'm thinking that for every "Alive" packet recieved from the
RAS box perhaps I could calculate the difference in Octets between now
and the last 'Alive', and then send a fake radius start and stop record
to Extent, such that Extent would think the DSL user had dialed up for
10 minutes, used X amount of data, and hungup. This way the standard
way of calculating usage would occur, and usage graphs, etc, would all
work fine. It would be very nice to build this functionality into
Freeradius. -- Perhaps I should email the developers list about how to
do this?
thanks,
Dave Seddon
-
Would you like to receive faxes to your personal email address?
You can with mBox. Visit http://www.mbox.com.au/fax
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Dave Seddon <[EMAIL PROTECTED]> wrote: > Still wondering how to convert DSL interum updates to standard dail-up > type radius accounting. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. > I've done some digging through the source code, and have decided that > perhaps I need to create a module, perhaps "rlm_alive_to_dialup". If > the new module was based on rlm_detail, it would just be a matter of > linking to a mysql database to see the last update, calculate the > difference, then generate the new radius packets, for start and stop. Generating new packets is always problematic. I would suggest avoiding it if you can. Why would it be necessary to create a new start/stop packet? > Any thoughts on whether it should be a seperate module or a > modification to the proxy code? A module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings,
Still wondering how to convert DSL interum updates to standard dail-up
type radius accounting.
I've done some digging through the source code, and have decided that
perhaps I need to create a module, perhaps "rlm_alive_to_dialup". If
the new module was based on rlm_detail, it would just be a matter of
linking to a mysql database to see the last update, calculate the
difference, then generate the new radius packets, for start and stop.
I'm also wondering if this should be part of the proxy (which seems to
be in the realm code) functionality, eg. Make the proxy feature break
RFC and allow it to modify the 'alive' and create a 'start' and
a 'stop'.
Any thoughts on whether it should be a seperate module or a
modification to the proxy code?
thanks,
Dave Seddon
- Original Message -
From: Dave Seddon <[EMAIL PROTECTED]>
Date: Saturday, January 25, 2003 4:20 pm
Subject: DSL Accouting?
> Greetings,
>
> I'm new to the list. I have two issues:
> -Problem logging accounting
> -Alive packet processing and integration with dial-up billing
>
> I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
> authenticate lots of xDSL PPP sessions via an L2TP tunnel
> terminated on
> a big Cisco box. It works very well, however for some reason
> accounting records do not get put in the 'radacct' mysql table.
> There
> are some records in the table, but no where near as many as their
> should be since Interim updates or Alive packets get sent by the
> Cisco
> every 10 minutes. However I do get all the accouting records
> in /var/log/radacct/ip_address/detail.
>
> Here is some of the /usr/local/etc/raddb/radius.conf. The
> accounting
> section seems correct. The sql.conf is untouched from the example
> (except for the password and username).
>
> authorize {
>preprocess
>suffix
>sql
>files
> }
> authenticate {
> }
> preacct {
>preprocess
>suffix
>files
> }
> accounting {
>detail
> # unix
>sql
>radutmp
> }
>
> So what could be wrong?
>
> To see what data I was getting in the detail log, I wote a little
> perl
> script to parse the detail log and stick the data in MySQL so I
> could
> easily do select statements. I discovered that the records I
> created
> where structured differently, so perhaps that's why it's not going
> to
> the Freeradius radacct table? Essentially, the difference is
> the "Tunnel" attributes.
>
> The database structure I created is:
> -
> drop database radiusaccounting;
> create database radiusaccounting;
> use radiusaccounting;
>
> CREATE TABLE radacct (
> RadAcctId int unsigned NOT NULL auto_increment,
> NASIPAddress varchar(15) NOT NULL default '',
> NASPortId tinyint unsigned default NULL,
> NASPortType varchar(32) default NULL,
> UserName varchar(64) NOT NULL default '',
> AcctStatusType varchar(20) NOT NULL default '',
> AcctAuthentic varchar(20) NOT NULL default '',
> ServiceType varchar(32) default NULL,
> AcctSessionID varchar(12) NOT NULL default '',
> FramedProtocol varchar(6) default NULL,
> TunnelServerEndpoint varchar(15) NOT NULL default '',
> TunnelClientEndpoint varchar(15) NOT NULL default '',
> TunnelType varchar(10) NOT NULL default '',
> TunnelClientAuthID varchar(25) NOT NULL default '',
> TunnelServerAuthID varchar(25) NOT NULL default '',
> AcctTunnelConnection int unsigned default NULL,
> FramedIPAddress varchar(15) NOT NULL default '',
> AcctInputOctets int unsigned default NULL,
> AcctOutputOctets int unsigned default NULL,
> AcctInputPackets int unsigned default NULL,
> AcctOutputPackets int unsigned default NULL,
> AcctSessionTime int unsigned default NULL,
> AcctDelayTime int unsigned default NULL,
> ClientIPAddress varchar(15) NOT NULL,
> TimeStamp bigint unsigned default NULL,
> HumanTime varchar(10) default NULL,
> PRIMARY KEY (RadAcctId),
> KEY UserName (UserName)
> );
> -
>
> So I've kind of solved the problem of getting the accouting data
> into
> the MySQL database, however it's a bit crap cos I need to process
> the
> logs with a cron job, instead of automatically inserting from
> FreeRadius.
>
> My company has lots of dialup also, and an ISP billing system
> called
> Extent (with built in radius) that works fine fo these dialup
&g
DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table. There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little perl
script to parse the detail log and stick the data in MySQL so I could
easily do select statements. I discovered that the records I created
where structured differently, so perhaps that's why it's not going to
the Freeradius radacct table? Essentially, the difference is
the "Tunnel" attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25) NOT NULL default '',
AcctTunnelConnection int unsigned default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctInputOctets int unsigned default NULL,
AcctOutputOctets int unsigned default NULL,
AcctInputPackets int unsigned default NULL,
AcctOutputPackets int unsigned default NULL,
AcctSessionTime int unsigned default NULL,
AcctDelayTime int unsigned default NULL,
ClientIPAddress varchar(15) NOT NULL,
TimeStamp bigint unsigned default NULL,
HumanTime varchar(10) default NULL,
PRIMARY KEY (RadAcctId),
KEY UserName (UserName)
);
-
So I've kind of solved the problem of getting the accouting data into
the MySQL database, however it's a bit crap cos I need to process the
logs with a cron job, instead of automatically inserting from
FreeRadius.
My company has lots of dialup also, and an ISP billing system called
Extent (with built in radius) that works fine fo these dialup
customers, however is unaware of 'Alive' packets. I'd really like to
feed the accounting data from Freeradius to the Extent billing
package. I'm thinking that for every "Alive" packet recieved from the
RAS box perhaps I could calculate the difference in Octets between now
and the last 'Alive', and then send a fake radius start and stop record
to Extent, such that Extent would think the DSL user had dialed up for
10 minutes, used X amount of data, and hungup. This way the standard
way of calculating usage would occur, and usage graphs, etc, would all
work fine. It would be very nice to build this functionality into
Freeradius. -- Perhaps I should email the developers list about how to
do this?
thanks,
Dave Seddon
-
Would you like to receive faxes to your personal email address?
You can with mBox. Visit http://www.mbox.com.au/fax
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
