Re: threads hanging around
On Thu, 25 Sep 2003 11:33:05 +0100 "Gary Petticrew" <[EMAIL PROTECTED]> wrote: > I had a similar problem, but found it was being caused by radutmp and > radwtmp! Soon as I stopped accounting to those files (I didn't have a > reason to use them), server ran extremely well. > > Gary > We have had a similar problem with our servers (0.9.0 on SPARC/Solaris 8). I wasn't aware of it, but decided to check, since the logs showed the same messages as Graeme described. I even created MRTG-statistics for this, so I could monitor it. Two strange things: - there seemed to be no performance impact with all the threads hanging around (maybe we steered clear of this since we regularly restart radiusd) - one of my servers didn't exhibit this problem, although they all run identical (as far as I can tell) OS and software. We use an entirely different setup than Graeme does, we don't use MySQL but a custom radacct-module that writes to a file, and a Berkeley DB user database. We decided to upgrade to 0.9.1 from the official page and the problem vanished. -- best regards Nils Ronhovde Telenor - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to tag attributes ?
On Thu, 25 Sep 2003 14:28:33 +0200 Thomas MARCHESSEAU <[EMAIL PROTECTED]> wrote: > Hi All, > > Specs: > - Freeradius 0.9.1, on debian woody > - 2 Radius servers , 2 radius proxys (sharing a virtual IP) > > Everything is working fine except that i would like to add (or > increment) tags to freeradius attributes ie: > > [EMAIL PROTECTED]:~$ ./radtest [EMAIL PROTECTED] ipdyn 172.16.129.4 1812 > testing123 Sending Access-Request of id 186 to 172.16.129.4:1812 > User-Name = "[EMAIL PROTECTED]" > User-Password = "ipdyn" > NAS-IP-Address = 172.16.69.1 > NAS-Port = 1812 > rad_recv: Access-Accept packet from host 172.16.129.4:1812, id=186, > length=188 > Session-Timeout = 86400 > Idle-Timeout = 180 > Tunnel-Medium-Type:0 = IP > <= > Here > Tunnel-Server-Endpoint:0 = "172.18.21.3" <= > here > etc ... > Tunnel-Assignment-Id:0 = "tunnel-172.16.21.3" > Tunnel-Client-Auth-Id:0 = "LNS-NET7-1" > Tunnel_Local_Name = "LNS-NET7-1" > Tunnel-Type:0 = L2TP > Tunnel-Server-Auth-Id:0 = "srv44-2.idf1.realm.net" > Tunnel_Remote_Name = "srv44-2.idf1.realm.net" > Proxy-State = 0x31 > Service-Type = Framed-User > [EMAIL PROTECTED]:~$ > > The tag is 0 , but i would like to obtain something like that > > Tunnel-Server-Endpoint:1 = "172.18.21.3" > > Any idea ? > Is there anything that prevents you from saying [EMAIL PROTECTED] Password == "ipdyn" Tunnel-Server-Endpoint:0 = "172.18.21.3", Tunnel-Server-Endpoint:1 += "172.18.21.3", etc. ? Or did you want the tag to change somewhere? Or did I completely miss your question? Actually, the RFC (2868) says that tag-numbering is 0x01 thru 0x1F, which means you should start on 1, although 0 is valid, meaning "no tag". I'm not sure if there are radius clients, that are very particular about this. -- best regards Nils Ronhovde Telenor - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple Tagged-Tunnel Sets
On Mon, 22 Sep 2003 12:48:44 +0100 "Teoh, Chee" <[EMAIL PROTECTED]> wrote: > Hi All, > > I am trying to setup out multiple tagged tunnel attributes on my > freeradius-0.8.1 running on FreeBSD 4.8, but cannot seem to get the > radius server to send multiple tunnel sets. The following is the user > config file: > DEFAULT Suffix == "@starinternet.bddsl.com", Auth-Type > := Accept > Service-Type = Framed-User, > Framed-Protocol = PPP, > Context-Name = STAR, > Tunnel_Local_Name = "STAR", > Tunnel_Remote_Name = "STAR", > Tunnel-Type:1 = L2TP, > Tunnel-Medium-Type:1 = IP, > Tunnel-Client-Endpoint:1 = 212.125.88.97, > Tunnel-Server-Endpoint:1 = 212.125.88.42, > Tunnel-Password:1 = "secret", > Tunnel-Assignment-Id:1 = "lac42.bulldog", > Tunnel-Preference:1 = 0, > Tunnel-Type:2 = L2TP, > Tunnel-Medium-Type:2 = IP, > Tunnel-Client-Endpoint:2 = 212.125.88.97, > Tunnel-Server-Endpoint:2 = 212.125.88.43, > Tunnel-Password:2 = "secret", > Tunnel-Assignment-Id:2 = "lac43.bulldog", > Tunnel-Preference:2 = 0 > > > And the radius accept packet only has the first tunnel set in it: > > -su-2.05b# /usr/local/radius/bin/radtest [EMAIL PROTECTED] > 1234 127.0.0.1 3841983038 sss > Sending Access-Request of id 119 to 127.0.0.1:1812 > User-Name = "[EMAIL PROTECTED]" > User-Password = > ".\312\\r\003\261\252\273\2424\253`\221\202\326\264" > NAS-IP-Address = aaa2.bulldogdsl.com NAS-Port = 2147483647 > rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=119, > length=155 > Service-Type = Framed-User > Framed-Protocol = PPP > Context-Name = "STAR" > Tunnel_Local_Name = "STAR" > Tunnel_Remote_Name = "STAR" > Tunnel-Type:1 = L2TP > Tunnel-Medium-Type:1 = IP > Tunnel-Client-Endpoint:1 = "212.125.88.97" > Tunnel-Server-Endpoint:1 = "212.125.88.42" > Tunnel-Password:1 = "secret" > Tunnel-Assignment-Id:1 = "lac42.bulldog" > Tunnel-Preference:1 = 0 > -su-2.05b# Hi you could try this syntax for a start, believe it should work. DEFAULT Some-Check-Items Tunnel-Type = :1:L2TP, Tunnel-Medium-Type = :1:IP, Tunnel-Type = :2:L2TP, Tunnel-Medium-Type = :2:IP etc... -- best regards Nils Ronhovde Telenor, Norway - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Another (?) compile problem (Solaris 8)
Hi Being less than familiar with configure and make, I have to post this here: freeradius-0.9.0-pre1 529$ make make[1]: Entering directory `/local/net/src/freeradius-0.9.0-pre1' Making all in libltdl... make[2]: Entering directory `/local/net/src/freeradius-0.9.0-pre1/libltdl' make[2]: *** No rule to make target `all'. Stop. make[2]: Leaving directory `/local/net/src/freeradius-0.9.0-pre1/libltdl' make[1]: *** [common] Error 1 make[1]: Leaving directory `/local/net/src/freeradius-0.9.0-pre1' make: *** [all] Error 2 I am not sure of what to look for, or what to be fixed, or if this is the same problem as posted previously this week. Any tips and hints would be greatly appreciated. -- best regards Nils Ronhovde TBS/Datacom/NMS - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: buggy NAS list?
On Tue, 8 Jul 2003 10:46:54 -0500 [EMAIL PROTECTED] wrote: > Is anyone keeping track of buggy NASes, possibly for a "known issues" > list? > > If not, here's one for the archives in case anyone else bumps into > it... > > > > Device: Cisco 3550 switch > OS: IOS 12.1(11)EA1 > Problem: Switch was reconfigured to a different IP address, then > reports original IP address as its NAS-IP-Address. > Solution: Reboot switch > > I faintly remember some similar problem with AS5300's. We use a loopback-interface as source-interface for radius, and when we changed the ip-address on that interface we had to re-issue the command. Like this: no ip radius source-interface Loopback0 ip radius source-interface Loopback0 maybe it was a feature? :) -- best regards Nils Ronhovde TBS/Datacom/NMS - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
When is 0.9 due to be released?
Hello, are there any plans for when 0.9 is to be "released"? I'm trying to plan some project activities this summer and if there is a known date for the release it would be a lot easier to plan, than checking the website now and then. -- best regards Nils Ronhovde Telenor - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL connect problem
On Thu, 13 Mar 2003 11:32:52 +0100 Simon <[EMAIL PROTECTED]> wrote: > > Hmm, the mysql module seems to ignore the port that's passed to it via > the configuration files. > > I've included an (untested) one line fix against current cvs that > should help. It applies to 0.8.1 also. > > Does this help? Yes, indeed. Thanks. -- best regards Nils Ronhovde TBS/Datacom/NMS - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL connect problem
On Thu, 13 Mar 2003 09:09:32 +0100 Nils Rønhovde <[EMAIL PROTECTED]> wrote: > > radius-server> /local/db/mysql/3.23.43/bin/mysql -P15022 > -h10.122.95.163 -uradius -pradius radius Reading table information for > completion of table and column names You can turn off this feature to > get a quicker startup with -A > > Welcome to the MySQL monitor. Commands end with ; or \g. > Your MySQL connection id is 68700 to server version: > 4.0.4-beta-max-log > > Type 'help;' or '\h' for help. Type '\c' to clear the buffer. > > mysql> show tables; > +--+ > | Tables_in_radius | > +--+ > | radacct | > | radcheck | > | radgroupcheck| > | radgroupreply| > | radreply | > | usergroup| > +--+ > 6 rows in set (0.00 sec) > Regrettably a snoop on my MySQL-server reveals that the mysql module uses the default mysql port: radius-server -> mysql-server TCP D=3306 S=52117 Rst Seq=4288337583 Len=0 Win=24820 Has anyone tried using a non-standard port? I'm using FR 0.8.1 from the download page. -- best regards Nils Ronhovde TBS/Datacom/NMS - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ~Re: MySQL connect problem
On Wed, 12 Mar 2003 15:02:38 -0500 "Matt Simpson" <[EMAIL PROTECTED]> wrote: > What operating system and what version are you using. I ran into a > similar problem with a fresh install of RedHat 8.0 and MySQL with > glibc. Aparently when you connect to MySQL via anything but localhost > it crashes, so in your/etc/my.cnf file make sure you set your thread > stack set to 256K in your[mysqld] section. An example of mine is > below. > > [mysqld] > datadir=/var/lib/mysql > innodb_data_file_path = ibdata1:10M:autoextend > socket=/var/lib/mysql/mysql.sock > server-id=1 > log-bin > set-variable = thread_stack=256K > > This could be your problem... Hi, both the radius-server and the database server is Solaris 8. The client-side mysql-version is 3.23.43 and the server side is 4.04: db/mysql-max-4.0.4-beta-sun-solaris2.8-sparc/bin/mysqld I can connect and read the database when using the mysql client on my radius-server machine, but not when radiusd tries. Is it obvious that my problems will be solved if I upgrade the client side? radius-server> /local/db/mysql/3.23.43/bin/mysql -P15022 -h10.122.95.163 -uradius -pradius radius Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 68700 to server version: 4.0.4-beta-max-log Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> show tables; +--+ | Tables_in_radius | +--+ | radacct | | radcheck | | radgroupcheck| | radgroupreply| | radreply | | usergroup| +------+ 6 rows in set (0.00 sec) Nils > ~matt > > > - Original Message - > From: "Nils Rønhovde" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, March 12, 2003 2:53 PM > Subject: MySQL connect problem > > > Hi, > > Is this a rlm_my_sql problem, something else in the radius-server or a > problem with my database: > > Module: Loaded SQL > sql: driver = "rlm_sql_mysql" > sql: server = "10.122.95.163" > sql: port = "15022" > sql: login = "radius" > sql: password = "radius" > sql: radius_db = "radius" > sql: acct_table = "radacct" > sql: acct_table2 = "radacct" > sql: authcheck_table = "radcheck" > sql: authreply_table = "radreply" > sql: groupcheck_table = "radgroupcheck" > sql: groupreply_table = "radgroupreply" > sql: usergroup_table = "usergroup" > sql: nas_table = "nas" > sql: dict_table = "dictionary" > sql: sqltrace = no > sql: sqltracefile = > "/local/net/experimental/radius-sql/var/log/radius/sqltrace.sql" > sql: deletestalesessions = yes > sql: num_sql_socks = 5 > sql: sql_user_name = "%{User-Name}" > ... > rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and > linked > rlm_sql (sql): Attempting to connect to > [EMAIL PROTECTED]:15022/radius > rlm_sql (sql): starting 0 > rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 > rlm_sql_mysql: Starting connect to MySQL server for #0 > rlm_sql_mysql: Couldn't connect socket to MySQL server > [EMAIL PROTECTED]:radius > rlm_sql_mysql: Mysql error 'Can't connect to MySQL server on > '10.122.95.163' (145)' > rlm_sql (sql): Failed to connect DB handle #0 > > I haven't done anything special in radiusd.conf and mysql.conf except > enabling mysql and setting the host:port and connection parameters. > The connection works fine when i use the mysql program itself. > > best regards > Nils Rønhovde > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003 > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- best regards Nils Ronhovde TBS/Datacom/NMS tel: +47 905 35 149, fax: +47 912 96 654 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MySQL connect problem
Hi, Is this a rlm_my_sql problem, something else in the radius-server or a problem with my database: Module: Loaded SQL sql: driver = "rlm_sql_mysql" sql: server = "10.122.95.163" sql: port = "15022" sql: login = "radius" sql: password = "radius" sql: radius_db = "radius" sql: acct_table = "radacct" sql: acct_table2 = "radacct" sql: authcheck_table = "radcheck" sql: authreply_table = "radreply" sql: groupcheck_table = "radgroupcheck" sql: groupreply_table = "radgroupreply" sql: usergroup_table = "usergroup" sql: nas_table = "nas" sql: dict_table = "dictionary" sql: sqltrace = no sql: sqltracefile = "/local/net/experimental/radius-sql/var/log/radius/sqltrace.sql" sql: deletestalesessions = yes sql: num_sql_socks = 5 sql: sql_user_name = "%{User-Name}" ... rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:15022/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius rlm_sql_mysql: Mysql error 'Can't connect to MySQL server on '10.122.95.163' (145)' rlm_sql (sql): Failed to connect DB handle #0 I haven't done anything special in radiusd.conf and mysql.conf except enabling mysql and setting the host:port and connection parameters. The connection works fine when i use the mysql program itself. best regards Nils Rønhovde - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Regexp in huntgroups file
Hello, I'm having a bit of trouble understanding the use of regexp in the huntgroups file. What I want to do is to group my NAS'es based on IP address ranges, but I have been staring myself blind at this problem. If I have a group of NAS'es in the address-range 10.1.1.0-32, how should I express this in a single statement i the huntgroups file. My best idea is like this testNAS-Ip-Address =~ "^10\.1\.1\.[0-32]" but it doesnt work. Any hints? -- best regards Nils Ronhovde TBS/Datacom/NMS - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dictionary questions
Hi, I have installed FR 0.7.1 on a Solaris 8 machine. I have some small problems that seems to be related to the dictionaries. When I connect to my Cisco AS5400, I get some accounting-attributes that the server doesn't understand, and prints like this: Attr-198 = "\000\000\000\001" Attr-255 = "\000\000\372" According to dictionary.cisco, they should be like this: ATTRIBUTE Cisco-PreSession-Time 198 integer Cisco ATTRIBUTE Cisco-Xmit-Rate 255 integer Cisco There are some other attributes this happens with as well (187, 188, 190-193) The odd thing is, that when I also include dictionary.ascend, which have the samme attributes listed with "X-Ascend" in front, then the server recognises the attributes and prints them correctly to my detailfile, even if they come from my AS5400. Should I include the dictionaries in a particular order? Are there any dictionaries I must include? Any hints of why I am experiencing this? What should I look for when I debug? -- best regards Nils Rønhovde Telenor Business Solutions - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html