Re: free radius with cisco.
Hi! On Fri, Aug 15, 2003 at 05:20:26PM -0300, German Viera wrote: I have free radius server running in a linux box. Right now the free radius server is logging my cisco AS5300 activity (it is used for voip). 1) I would like to know (if anybody had any previous experience) how does freeradius work with a databas (it log into a db ...mySQL for example) I use detail logs and postprocess them with a custom script to get a nice datatbase of sessions. Direct logging into sql could create problems with duplicate or missing accounting records. 2) Other question would be how could I load the vendor specific attributes of cisco into free radius (I whant my free radius to authenticate a user and pass to my as5300 the amount of money left of the user ...a vsa ). Just use them. FreeRadius supports VSA. 3) I would like to develop software related with cisco and a radius server, and I would like to know if does freeradius have more capabilities that logging into a file and authenticate users with the users file. (DB interaction). SQL, LDAP, ... Oliver. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Segmentation fault in the Accounting
I am running Freeradius 0.9 and I am writing accounting records to an Oracle DB ver 8i. If the Database goes down, the Freeradius gives a segmentation fault error and dies. I've tried also to point to another database as a fail-over option, but the same results were encountered. Please find below the gdb output along with the debug output and the configuration. GDB output gdb /app/experimental/free-0.9/local/sbin/radiusd /app/experimental/free-0.9/local/sbin/core GNU gdb 5.3 Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as sparc-sun-solaris2.8...(no debugging symbols found)... Core was generated by `./radiusd'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt_i.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libcrypt_i.so.1 Reading symbols from /lib/librt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/librt.so.1 Reading symbols from /lib/libpthread.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libpthread.so.1 Reading symbols from /app/experimental/free-0.9/local/lib/libradius-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/libradius-0.9.0.so Reading symbols from /usr/local/lib/libsnmp-0.4.2.5.so...done. Loaded symbols for /usr/local/lib/libsnmp-0.4.2.5.so Reading symbols from /lib/libnsl.so.1...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /lib/libsocket.so.1...done. Loaded symbols for /lib/libsocket.so.1 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /lib/libkstat.so.1...done. Loaded symbols for /lib/libkstat.so.1 Reading symbols from /usr/local/lib/libltdl.so.3...done. Loaded symbols for /usr/local/lib/libltdl.so.3 Reading symbols from /lib/libdl.so.1...done. Loaded symbols for /lib/libdl.so.1 Reading symbols from /lib/libc.so.1...done. Loaded symbols for /lib/libc.so.1 Reading symbols from /usr/local/lib/libgcc_s.so.1...done. Loaded symbols for /usr/local/lib/libgcc_s.so.1 Reading symbols from /lib/libgen.so.1...done. Loaded symbols for /lib/libgen.so.1 Reading symbols from /lib/libaio.so.1...done. Loaded symbols for /lib/libaio.so.1 Reading symbols from /lib/libmp.so.2...done. Loaded symbols for /lib/libmp.so.2 Reading symbols from /usr/platform/SUNW,Ultra-4/lib/libc_psr.so.1...done. Loaded symbols for /usr/platform/SUNW,Ultra-4/lib/libc_psr.so.1 Reading symbols from /lib/libthread.so.1...done. Loaded symbols for /lib/libthread.so.1 Reading symbols from /app/experimental/free-0.9/local/lib/rlm_expr-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_expr-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_pap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_pap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_chap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_chap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_mschap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_mschap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_unix-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_unix-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_eap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_eap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_eap_md5-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_eap_md5-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_eap_leap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_eap_leap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_preprocess-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_preprocess-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_sql-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_sql-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_sql_oracle-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_sql_oracle-0.9.0.so Reading symbols from /oracle/ora817/lib//libclntsh.so.8.0...done. Loaded symbols for /oracle/ora817/lib//libclntsh.so.8.0 Reading symbols from /oracle/ora817/lib//libwtc8.so...done. Loaded symbols for /oracle/ora817/lib//libwtc8.so Reading symbols from /lib/libsched.so.1...done. Loaded symbols for /lib/libsched.so.1 ---Type return to continue, or q return to quit--- Reading symbols from /lib/libm.so.1...done. Loaded symbols for
whats wrong with my configuration?
hello guyz i tried to setup radius server using freeradius-0.9.0 and freebsd 4.8. after several modification from my clients, clients.conf, sql.conf, naslist and radiusd.conf, here is the output when i tried to run freeradius in debugging mode. diameter# radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/sql.conf main: prefix = /usr/local main: localstatedir = /var main: logdir = /var/log/radius main: libdir = /usr/local/lib main: radacctdir = /var/log/radius/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 1645 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/radius/radius.log main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = /var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/sbin/checkrad main: proxy_requests = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients Using deprecated clients file. Support for this will go away soon. read_config_files: reading realms Using deprecated realms file. Support for this will go away soon. radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: passwd = (null) mschap: authtype = MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded SQL sql: driver = rlm_sql_mysql sql: server = localhost sql: port = sql: login = root sql: password = localhost99% sql: radius_db = radius sql: acct_table = radacct sql: acct_table2 = radacct sql: authcheck_table = radcheck sql: authreply_table = radreply sql: groupcheck_table = radgroupcheck sql: groupreply_table = radgroupreply sql: usergroup_table = usergroup sql: nas_table = nas sql: dict_table = dictionary sql: sqltrace = no sql: sqltracefile = /var/log/radius/sqltrace.sql sql: deletestalesessions = yes sql: num_sql_socks = 5 sql: sql_user_name = %{Stripped-User-Name:-%{User-Name:-DEFAULT}} sql: default_user_profile = sql: query_on_not_found = no sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op FROM radreply WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id sql: authorize_group_check_query = SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id sql: authorize_group_reply_query = SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id sql: accounting_onoff_query = UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime = '%S' sql: accounting_update_query = UPDATE radacct SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0 sql: accounting_start_query = INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}',
RE: Which is Better LDAP or MySQL?
Michael, IMHO, thats a little like asking which is better - a car or a motorcycle. It just depends on your needs. Sometimes you may need both, since LDAP doesn't have accounting abilities. (And there are other SQL databases, as well as lots of choices in LDAP servers.) The real question you need to determine is: What other systems does my RADIUS server need to interact with? Once you know that, you'll be closer to the answer to your question. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Milbrat Sent: Friday, August 15, 2003 11:14 PM To: [EMAIL PROTECTED] Subject: Which is Better LDAP or MySQL? Does anyone know which is accually a better backend LDAP or MySQL? Michael Milbrat 12dollars.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication problem
hello guyz i tried to setup radius server using freeradius-0.9.0 and freebsd 4.8. after several modification from my clients, clients.conf, sql.conf, naslist and radiusd.conf, here is the output when i tried to run freeradius in debugging mode. diameter# radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/sql.conf main: prefix = /usr/local main: localstatedir = /var main: logdir = /var/log/radius main: libdir = /usr/local/lib main: radacctdir = /var/log/radius/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 1645 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/radius/radius.log main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = /var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/sbin/checkrad main: proxy_requests = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients Using deprecated clients file. Support for this will go away soon. read_config_files: reading realms Using deprecated realms file. Support for this will go away soon. radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: passwd = (null) mschap: authtype = MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded SQL sql: driver = rlm_sql_mysql sql: server = localhost sql: port = sql: login = root sql: password = localhost99% sql: radius_db = radius sql: acct_table = radacct sql: acct_table2 = radacct sql: authcheck_table = radcheck sql: authreply_table = radreply sql: groupcheck_table = radgroupcheck sql: groupreply_table = radgroupreply sql: usergroup_table = usergroup sql: nas_table = nas sql: dict_table = dictionary sql: sqltrace = no sql: sqltracefile = /var/log/radius/sqltrace.sql sql: deletestalesessions = yes sql: num_sql_socks = 5 sql: sql_user_name = %{Stripped-User-Name:-%{User-Name:-DEFAULT}} sql: default_user_profile = sql: query_on_not_found = no sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op FROM radreply WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id sql: authorize_group_check_query = SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id sql: authorize_group_reply_query = SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id sql: accounting_onoff_query = UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime = '%S' sql: accounting_update_query = UPDATE radacct SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0 sql: accounting_start_query = INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}',
Re: Authentication problem
On Sat, 16 Aug 2003, apellido jr., wilfredo p wrote: Please do not post multiple times, it doesn't help you. The computer you are dialling cannot establish a Dial-up Networking connection Check you password, then try again. Then, when i try to look in the log there's no activity or message. What does the servers debug output say when you try to connect from dial-up client? In my knowledge, your config seems to be fine, so does the NAS even send any auth-requests to your radius? -- _ | | ... Think about all the positive sides in life, they _ | |_ _ _ _ ___ never last forever ... (c)Sentenced | || | | | || |_| || O |+-+ AMD Duron 1300MHz ATI Radeon +--+ || |_| || | | || | || http://students.oamk.fi/~sijuma00 | | E-mail: [EMAIL PROTECTED] | - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Amount of data
I am evaluating a bulk dial-up provider and want to gage the traffic between us. The provider will take customer calls on its access servers which will pass the customer authentication credentials to its RADIUS server which will in turn send to my RADIUS server at my site. Upon successful authentication, the provider will provide the IP address to the customer, so that traffic will not be part of the data passed between the two RADIUS servers. Can someone tell me the total number of bytes passed between two RADIUS servers in the course of a successful authentication exchange? I understand that the username and password lengths will vary. Michael deTreville
Re: Which is Better LDAP or MySQL?
Thanks for the answer Tim. Michael - Original Message - From: Tim McCracken [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, August 16, 2003 7:07 AM Subject: RE: Which is Better LDAP or MySQL? Michael, IMHO, thats a little like asking which is better - a car or a motorcycle. It just depends on your needs. Sometimes you may need both, since LDAP doesn't have accounting abilities. (And there are other SQL databases, as well as lots of choices in LDAP servers.) The real question you need to determine is: What other systems does my RADIUS server need to interact with? Once you know that, you'll be closer to the answer to your question. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Milbrat Sent: Friday, August 15, 2003 11:14 PM To: [EMAIL PROTECTED] Subject: Which is Better LDAP or MySQL? Does anyone know which is accually a better backend LDAP or MySQL? Michael Milbrat 12dollars.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(no subject)
juha, The NAS dont even send any auth request to radius server. When i run radiusd -xxyz -l stdout the Log doesnt show even some problem or what just saying ready to process. Do i need to put some Auth-Type in my users file? what is it? Thanks = [ apellido jr., wilfredo p. ] +63 034 4880-449 If you can't hear me, it's because i'm in parentheses. __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication problem
juha, The NAS dont even send any auth request to radius server. When i run radiusd -xxyz -l stdout the Log doesnt show even some problem or what just saying ready to process. Do i need to put some Auth-Type in my users file? what is it? I try to run tcpdump, here's the output. Thanks diameter# tcpdump udp tcpdump: listening on rl0 10:55:05.346866 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 14]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:55:06.128642 diameter.mactan.ph.1035 mail.mactan.ph.domain: 6860+ PTR? 188.22.177.203.in-addr.arpa. (45) 10:55:06.129720 mail.mactan.ph.domain diameter.mactan.ph.1035: 6860* 1/1/1 (135) 10:55:06.171196 diameter.mactan.ph.1036 mail.mactan.ph.domain: 6861+ PTR? 161.22.177.203.in-addr.arpa. (45) 10:55:06.171858 mail.mactan.ph.domain diameter.mactan.ph.1036: 6861* 1/1/1 (135) 10:55:06.172071 diameter.mactan.ph.1037 mail.mactan.ph.domain: 6862+ PTR? 163.22.177.203.in-addr.arpa. (45) 10:55:06.172732 mail.mactan.ph.domain diameter.mactan.ph.1037: 6862* 1/1/1 (135) 10:55:07.166119 diameter.mactan.ph.1038 mail.mactan.ph.domain: 6863+ PTR? 151.22.177.203.in-addr.arpa. (45) 10:55:07.166808 mail.mactan.ph.domain diameter.mactan.ph.1038: 6863* 2/1/1[|domain] 10:55:31.831821 dialup-043.mactan.ph.netbios-dgm 223.177.22.191.netbios-dgm: NBT UDP PACKET(138) 10:55:31.831906 dialup-043.mactan.ph.netbios-ns 223.177.22.191.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 10:55:32.166622 diameter.mactan.ph.1039 mail.mactan.ph.domain: 6864+ PTR? 145.22.177.203.in-addr.arpa. (45) 10:55:32.167302 mail.mactan.ph.domain diameter.mactan.ph.1039: 6864* 1/1/1 (135) 10:55:32.583526 dialup-043.mactan.ph.netbios-ns 223.177.22.191.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 10:55:33.03 dialup-043.mactan.ph.netbios-ns 223.177.22.191.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 10:55:38.416101 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 14]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:56:03.467880 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 1]: {dialup-020.mactan.ph}(16) 10:56:04.167083 diameter.mactan.ph.1040 mail.mactan.ph.domain: 6865+ PTR? 172.22.177.203.in-addr.arpa. (45) 10:56:04.167757 mail.mactan.ph.domain diameter.mactan.ph.1040: 6865* 1/1/1 (135) 10:56:09.401609 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 14]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:56:41.706264 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 14]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:57:14.229926 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 14]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:57:46.760078 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 14]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:58:19.282467 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 13]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:58:51.802101 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 13]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] 10:59:24.326142 portmaster.mactan.ph.router 203.177.22.191.router: RIPv1-resp [items 13]: {dialup-009.mactan.ph}(1) {dialup-011.mactan.ph}(1)[|rip] = [ apellido jr., wilfredo p. ] +63 034 4880-449 If you can't hear me, it's because i'm in parentheses. __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
User Expiration Date
HI all As we know int conf/sql.attrmap write that: chechItem Expiration Expiration when i set User Expiration Date 16 Aug 2003 ,it doesn't work. And i find the attr16 Aug 2003 is in the mysql radreply table but not radcheck table ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Which is Better LDAP or MySQL?
Actually, the answer is a little more straightforward when Radius is involved. No package including Radius should be reading from a flat file (cached or not). In the case of Radius, the users file can quickly become a problem after a few thousand users. With SQL, proper indexing can allow lookups to be fairly fast but even then after a few hundred thousand users, SQL starts to ache. LDAP used as a general purpose user/information store was designed to scale to literally millions of users so it does well as a back-end authentication source due to its scalability and speed (far faster than MySQL, Postgres, or Oracle for that matter). SQL (MySQL for example) on the other hand is quite nice for storing the Radius accounting data. Read from LDAP and write to SQL. H... A nice blend of technologies that excel in their respective areas. Our servers have run in this configuration almost flawlessly (given a few DOS attacks) and auth users in a few secondsafter PPP negotiations.