Re: free radius with cisco.
Hi! On Fri, Aug 15, 2003 at 05:20:26PM -0300, German Viera wrote: I have free radius server running in a linux box. Right now the free radius server is logging my cisco AS5300 activity (it is used for voip). 1) I would like to know (if anybody had any previous experience) how does freeradius work with a databas (it log into a db ...mySQL for example) I use detail logs and postprocess them with a custom script to get a nice datatbase of sessions. Direct logging into sql could create problems with duplicate or missing accounting records. 2) Other question would be how could I load the vendor specific attributes of cisco into free radius (I whant my free radius to authenticate a user and pass to my as5300 the amount of money left of the user ...a vsa ). Just use them. FreeRadius supports VSA. 3) I would like to develop software related with cisco and a radius server, and I would like to know if does freeradius have more capabilities that logging into a file and authenticate users with the users file. (DB interaction). SQL, LDAP, ... Oliver. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Segmentation fault in the Accounting
I am running Freeradius 0.9 and I am writing accounting records to an Oracle DB ver 8i. If the Database goes down, the Freeradius gives a segmentation fault error and dies. I've tried also to point to another database as a fail-over option, but the same results were encountered. Please find below the gdb output along with the debug output and the configuration. GDB output gdb /app/experimental/free-0.9/local/sbin/radiusd /app/experimental/free-0.9/local/sbin/core GNU gdb 5.3 Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as sparc-sun-solaris2.8...(no debugging symbols found)... Core was generated by `./radiusd'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt_i.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libcrypt_i.so.1 Reading symbols from /lib/librt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/librt.so.1 Reading symbols from /lib/libpthread.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libpthread.so.1 Reading symbols from /app/experimental/free-0.9/local/lib/libradius-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/libradius-0.9.0.so Reading symbols from /usr/local/lib/libsnmp-0.4.2.5.so...done. Loaded symbols for /usr/local/lib/libsnmp-0.4.2.5.so Reading symbols from /lib/libnsl.so.1...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /lib/libsocket.so.1...done. Loaded symbols for /lib/libsocket.so.1 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /lib/libkstat.so.1...done. Loaded symbols for /lib/libkstat.so.1 Reading symbols from /usr/local/lib/libltdl.so.3...done. Loaded symbols for /usr/local/lib/libltdl.so.3 Reading symbols from /lib/libdl.so.1...done. Loaded symbols for /lib/libdl.so.1 Reading symbols from /lib/libc.so.1...done. Loaded symbols for /lib/libc.so.1 Reading symbols from /usr/local/lib/libgcc_s.so.1...done. Loaded symbols for /usr/local/lib/libgcc_s.so.1 Reading symbols from /lib/libgen.so.1...done. Loaded symbols for /lib/libgen.so.1 Reading symbols from /lib/libaio.so.1...done. Loaded symbols for /lib/libaio.so.1 Reading symbols from /lib/libmp.so.2...done. Loaded symbols for /lib/libmp.so.2 Reading symbols from /usr/platform/SUNW,Ultra-4/lib/libc_psr.so.1...done. Loaded symbols for /usr/platform/SUNW,Ultra-4/lib/libc_psr.so.1 Reading symbols from /lib/libthread.so.1...done. Loaded symbols for /lib/libthread.so.1 Reading symbols from /app/experimental/free-0.9/local/lib/rlm_expr-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_expr-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_pap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_pap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_chap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_chap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_mschap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_mschap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_unix-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_unix-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_eap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_eap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_eap_md5-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_eap_md5-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_eap_leap-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_eap_leap-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_preprocess-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_preprocess-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_sql-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_sql-0.9.0.so Reading symbols from /app/experimental/free-0.9/local/lib/rlm_sql_oracle-0.9.0.so...done. Loaded symbols for /app/experimental/free-0.9/local/lib/rlm_sql_oracle-0.9.0.so Reading symbols from /oracle/ora817/lib//libclntsh.so.8.0...done. Loaded symbols for /oracle/ora817/lib//libclntsh.so.8.0 Reading symbols from /oracle/ora817/lib//libwtc8.so...done. Loaded symbols for /oracle/ora817/lib//libwtc8.so Reading symbols from /lib/libsched.so.1...done. Loaded symbols for /lib/libsched.so.1 ---Type return to continue, or q return to quit--- Reading symbols from /lib/libm.so.1...done. Loaded symbols for
whats wrong with my configuration?
hello guyz i tried to setup radius server using
freeradius-0.9.0 and freebsd 4.8. after several
modification from my clients, clients.conf, sql.conf,
naslist and radiusd.conf, here is the output when i
tried to run freeradius in debugging mode.
diameter# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = /usr/local
main: localstatedir = /var
main: logdir = /var/log/radius
main: libdir = /usr/local/lib
main: radacctdir = /var/log/radius/radacct
main: hostname_lookups = no
main: snmp = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 1645
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = /var/run/radiusd/radiusd.pid
main: user = (null)
main: group = (null)
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/local/sbin/checkrad
main: proxy_requests = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will
go away soon.
read_config_files: reading clients
Using deprecated clients file. Support for this will
go away soon.
read_config_files: reading realms
Using deprecated realms file. Support for this will
go away soon.
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = localhost
sql: port =
sql: login = root
sql: password = localhost99%
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /var/log/radius/sqltrace.sql
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name =
%{Stripped-User-Name:-%{User-Name:-DEFAULT}}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT
id,UserName,Attribute,Value,op FROM radcheck WHERE
STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id
sql: authorize_reply_query = SELECT
id,UserName,Attribute,Value,op FROM radreply WHERE
STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id
sql: authorize_group_check_query = SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE
STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id
sql: authorize_group_reply_query = SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE
STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id
sql: accounting_onoff_query = UPDATE radacct SET
AcctStopTime='%S',
AcctSessionTime=unix_timestamp('%S') -
unix_timestamp(AcctStartTime),
AcctTerminateCause='%{Acct-Terminate-Cause}',
AcctStopDelay = %{Acct-Delay-Time} WHERE
AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress=
'%{NAS-IP-Address}' AND AcctStartTime = '%S'
sql: accounting_update_query = UPDATE radacct SET
FramedIPAddress = '%{Framed-IP-Address}' WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' AND NASIPAddress=
'%{NAS-IP-Address}' AND AcctStopTime = 0
sql: accounting_start_query = INSERT into radacct
(RadAcctId, AcctSessionId, AcctUniqueId, UserName,
Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime, AcctSessionTime,
AcctAuthentic, ConnectInfo_start, ConnectInfo_stop,
AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay,
AcctStopDelay) values('', '%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', '%S', '0', '0',
'%{Acct-Authentic}', '%{Connect-Info}',
RE: Which is Better LDAP or MySQL?
Michael, IMHO, thats a little like asking which is better - a car or a motorcycle. It just depends on your needs. Sometimes you may need both, since LDAP doesn't have accounting abilities. (And there are other SQL databases, as well as lots of choices in LDAP servers.) The real question you need to determine is: What other systems does my RADIUS server need to interact with? Once you know that, you'll be closer to the answer to your question. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Milbrat Sent: Friday, August 15, 2003 11:14 PM To: [EMAIL PROTECTED] Subject: Which is Better LDAP or MySQL? Does anyone know which is accually a better backend LDAP or MySQL? Michael Milbrat 12dollars.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication problem
hello guyz i tried to setup radius server using
freeradius-0.9.0 and freebsd 4.8. after several
modification from my clients, clients.conf, sql.conf,
naslist and radiusd.conf, here is the output when i
tried to run freeradius in debugging mode.
diameter# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = /usr/local
main: localstatedir = /var
main: logdir = /var/log/radius
main: libdir = /usr/local/lib
main: radacctdir = /var/log/radius/radacct
main: hostname_lookups = no
main: snmp = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 1645
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = /var/run/radiusd/radiusd.pid
main: user = (null)
main: group = (null)
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/local/sbin/checkrad
main: proxy_requests = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will
go away soon.
read_config_files: reading clients
Using deprecated clients file. Support for this will
go away soon.
read_config_files: reading realms
Using deprecated realms file. Support for this will
go away soon.
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = localhost
sql: port =
sql: login = root
sql: password = localhost99%
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /var/log/radius/sqltrace.sql
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name =
%{Stripped-User-Name:-%{User-Name:-DEFAULT}}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT
id,UserName,Attribute,Value,op FROM radcheck WHERE
STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id
sql: authorize_reply_query = SELECT
id,UserName,Attribute,Value,op FROM radreply WHERE
STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id
sql: authorize_group_check_query = SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE
STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id
sql: authorize_group_reply_query = SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE
STRCMP(usergroup.Username, '%{SQL-User-Name}') = 0 AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id
sql: accounting_onoff_query = UPDATE radacct SET
AcctStopTime='%S',
AcctSessionTime=unix_timestamp('%S') -
unix_timestamp(AcctStartTime),
AcctTerminateCause='%{Acct-Terminate-Cause}',
AcctStopDelay = %{Acct-Delay-Time} WHERE
AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress=
'%{NAS-IP-Address}' AND AcctStartTime = '%S'
sql: accounting_update_query = UPDATE radacct SET
FramedIPAddress = '%{Framed-IP-Address}' WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' AND NASIPAddress=
'%{NAS-IP-Address}' AND AcctStopTime = 0
sql: accounting_start_query = INSERT into radacct
(RadAcctId, AcctSessionId, AcctUniqueId, UserName,
Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime, AcctSessionTime,
AcctAuthentic, ConnectInfo_start, ConnectInfo_stop,
AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay,
AcctStopDelay) values('', '%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', '%S', '0', '0',
'%{Acct-Authentic}', '%{Connect-Info}',
Re: Authentication problem
On Sat, 16 Aug 2003, apellido jr., wilfredo p wrote: Please do not post multiple times, it doesn't help you. The computer you are dialling cannot establish a Dial-up Networking connection Check you password, then try again. Then, when i try to look in the log there's no activity or message. What does the servers debug output say when you try to connect from dial-up client? In my knowledge, your config seems to be fine, so does the NAS even send any auth-requests to your radius? -- _ | | ... Think about all the positive sides in life, they _ | |_ _ _ _ ___ never last forever ... (c)Sentenced | || | | | || |_| || O |+-+ AMD Duron 1300MHz ATI Radeon +--+ || |_| || | | || | || http://students.oamk.fi/~sijuma00 | | E-mail: [EMAIL PROTECTED] | - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Amount of data
I am evaluating a bulk dial-up provider and want to gage the traffic between us. The provider will take customer calls on its access servers which will pass the customer authentication credentials to its RADIUS server which will in turn send to my RADIUS server at my site. Upon successful authentication, the provider will provide the IP address to the customer, so that traffic will not be part of the data passed between the two RADIUS servers. Can someone tell me the total number of bytes passed between two RADIUS servers in the course of a successful authentication exchange? I understand that the username and password lengths will vary. Michael deTreville
Re: Which is Better LDAP or MySQL?
Thanks for the answer Tim. Michael - Original Message - From: Tim McCracken [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, August 16, 2003 7:07 AM Subject: RE: Which is Better LDAP or MySQL? Michael, IMHO, thats a little like asking which is better - a car or a motorcycle. It just depends on your needs. Sometimes you may need both, since LDAP doesn't have accounting abilities. (And there are other SQL databases, as well as lots of choices in LDAP servers.) The real question you need to determine is: What other systems does my RADIUS server need to interact with? Once you know that, you'll be closer to the answer to your question. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Milbrat Sent: Friday, August 15, 2003 11:14 PM To: [EMAIL PROTECTED] Subject: Which is Better LDAP or MySQL? Does anyone know which is accually a better backend LDAP or MySQL? Michael Milbrat 12dollars.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(no subject)
juha, The NAS dont even send any auth request to radius server. When i run radiusd -xxyz -l stdout the Log doesnt show even some problem or what just saying ready to process. Do i need to put some Auth-Type in my users file? what is it? Thanks = [ apellido jr., wilfredo p. ] +63 034 4880-449 If you can't hear me, it's because i'm in parentheses. __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication problem
juha,
The NAS dont even send any auth request to
radius server. When i run radiusd -xxyz -l stdout the
Log doesnt show even some problem or what just saying
ready to process. Do i need to put some Auth-Type in
my users file? what is it? I try to run tcpdump,
here's the output. Thanks
diameter# tcpdump udp
tcpdump: listening on rl0
10:55:05.346866 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 14]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:55:06.128642 diameter.mactan.ph.1035
mail.mactan.ph.domain: 6860+ PTR?
188.22.177.203.in-addr.arpa. (45)
10:55:06.129720 mail.mactan.ph.domain
diameter.mactan.ph.1035: 6860* 1/1/1 (135)
10:55:06.171196 diameter.mactan.ph.1036
mail.mactan.ph.domain: 6861+ PTR?
161.22.177.203.in-addr.arpa. (45)
10:55:06.171858 mail.mactan.ph.domain
diameter.mactan.ph.1036: 6861* 1/1/1 (135)
10:55:06.172071 diameter.mactan.ph.1037
mail.mactan.ph.domain: 6862+ PTR?
163.22.177.203.in-addr.arpa. (45)
10:55:06.172732 mail.mactan.ph.domain
diameter.mactan.ph.1037: 6862* 1/1/1 (135)
10:55:07.166119 diameter.mactan.ph.1038
mail.mactan.ph.domain: 6863+ PTR?
151.22.177.203.in-addr.arpa. (45)
10:55:07.166808 mail.mactan.ph.domain
diameter.mactan.ph.1038: 6863* 2/1/1[|domain]
10:55:31.831821 dialup-043.mactan.ph.netbios-dgm
223.177.22.191.netbios-dgm: NBT UDP PACKET(138)
10:55:31.831906 dialup-043.mactan.ph.netbios-ns
223.177.22.191.netbios-ns: NBT UDP PACKET(137): QUERY;
REQUEST; BROADCAST
10:55:32.166622 diameter.mactan.ph.1039
mail.mactan.ph.domain: 6864+ PTR?
145.22.177.203.in-addr.arpa. (45)
10:55:32.167302 mail.mactan.ph.domain
diameter.mactan.ph.1039: 6864* 1/1/1 (135)
10:55:32.583526 dialup-043.mactan.ph.netbios-ns
223.177.22.191.netbios-ns: NBT UDP PACKET(137): QUERY;
REQUEST; BROADCAST
10:55:33.03 dialup-043.mactan.ph.netbios-ns
223.177.22.191.netbios-ns: NBT UDP PACKET(137): QUERY;
REQUEST; BROADCAST
10:55:38.416101 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 14]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:56:03.467880 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 1]:
{dialup-020.mactan.ph}(16)
10:56:04.167083 diameter.mactan.ph.1040
mail.mactan.ph.domain: 6865+ PTR?
172.22.177.203.in-addr.arpa. (45)
10:56:04.167757 mail.mactan.ph.domain
diameter.mactan.ph.1040: 6865* 1/1/1 (135)
10:56:09.401609 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 14]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:56:41.706264 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 14]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:57:14.229926 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 14]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:57:46.760078 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 14]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:58:19.282467 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 13]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:58:51.802101 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 13]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
10:59:24.326142 portmaster.mactan.ph.router
203.177.22.191.router: RIPv1-resp [items 13]:
{dialup-009.mactan.ph}(1)
{dialup-011.mactan.ph}(1)[|rip]
=
[ apellido jr., wilfredo p. ]
+63 034 4880-449
If you can't hear me, it's because i'm in parentheses.
__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
User Expiration Date
HI all As we know int conf/sql.attrmap write that: chechItem Expiration Expiration when i set User Expiration Date 16 Aug 2003 ,it doesn't work. And i find the attr16 Aug 2003 is in the mysql radreply table but not radcheck table ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Which is Better LDAP or MySQL?
Actually, the answer is a little more straightforward when Radius is involved. No package including Radius should be reading from a flat file (cached or not). In the case of Radius, the users file can quickly become a problem after a few thousand users. With SQL, proper indexing can allow lookups to be fairly fast but even then after a few hundred thousand users, SQL starts to ache. LDAP used as a general purpose user/information store was designed to scale to literally millions of users so it does well as a back-end authentication source due to its scalability and speed (far faster than MySQL, Postgres, or Oracle for that matter). SQL (MySQL for example) on the other hand is quite nice for storing the Radius accounting data. Read from LDAP and write to SQL. H... A nice blend of technologies that excel in their respective areas. Our servers have run in this configuration almost flawlessly (given a few DOS attacks) and auth users in a few secondsafter PPP negotiations.
