Re: DSL Accouting?
29-Jan-03 at 09:47, Dave Seddon ([EMAIL PROTECTED]) wrote : Greetings, Yeah IP accouting is how I do it now. I use a FreeBSD bridge box, so nobody can even see it. Works well, however it makes billing on-net traffic difficult if you aren't billing the PPP sessions. What do you mean by on-net traffic? What's the extra info you get from the PPP sessions? -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
28-Jan-03 at 12:20, Dave Seddon ([EMAIL PROTECTED]) wrote : Thanks for your responce. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? The way I have heard of is to use Linux traffic shaping on a 2.4.x kernel, where iptables will keep track of how much bandwidth each IP has used as long as you get the rules right. However that's not trivial either if DHCP allocates a different IP each time there is an on/off, but then that can be tracked in liaison with Radius logs. Good luck. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
of the queries work so you can customise them for your needs. The queries
that are default are IMHO broken (I will probably cop some shit for this
comment) as they are only any good for a small dialin ISP running generic
radius. However, I have not patched them as my accounting needs are a bit
more specialised than the average ISP, I am using only cisco equipment and I
am not doing any standard ISP type dialin currently so I don't have the time
to test how my changes affect others. I have been planning to complete my
documentation howver and commit it as advanced_sql_accounting.txt or
something. Would other people be interested in this?
Now I have to go and do some work. I have 2.1GB worth of billing records (A
monthly DB dump from one site) to match/check today :-(
Hope that helps
-Peter
On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
Greetings,
Still wondering how to convert DSL interum updates to standard
dail-up
type radius accounting.
I've done some digging through the source code, and have decided
that perhaps I need to create a module, perhaps
rlm_alive_to_dialup. If
the new module was based on rlm_detail, it would just be a matter of
linking to a mysql database to see the last update, calculate the
difference, then generate the new radius packets, for start and
stop.
I'm also wondering if this should be part of the proxy (which
seems to
be in the realm code) functionality, eg. Make the proxy feature
break RFC and allow it to modify the 'alive' and create a 'start' and
a 'stop'.
Any thoughts on whether it should be a seperate module or a
modification to the proxy code?
thanks,
Dave Seddon
- Original Message -
From: Dave Seddon [EMAIL PROTECTED]
Date: Saturday, January 25, 2003 4:20 pm
Subject: DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel
terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table.
There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the
Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The
accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little
perl
script to parse the detail log and stick the data in MySQL so I
could
easily do select statements. I discovered that the records I
created
where structured differently, so perhaps that's why it's not going
to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25) NOT NULL default '',
AcctTunnelConnection int unsigned default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctInputOctets int unsigned default NULL,
AcctOutputOctets int unsigned default NULL,
AcctInputPackets int unsigned default NULL,
AcctOutputPackets int unsigned default NULL,
AcctSessionTime int unsigned default NULL,
AcctDelayTime int unsigned default NULL,
ClientIPAddress
Re: DSL Accouting?
Dave Seddon [EMAIL PROTECTED] wrote: Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Hmm.. so you want to break the server to work around a broken billing system. I can't say I like that idea. Maybe you have an idea of an easier way? Use the detail file, and the alive packets, to create another fake 'detail' file, with the daily start/stop packets for the users session. You can then use feed that hacked detail file to the billing software. Why is generating new packets problematic? Surely proxying generates packets reliably? Yes, but creating and receiving new packets *outside* of the existing infrastructure should be avoided. I believe that you can come up with a slightly different solution to the problem, which doesn't require such weirdness *inside* of the RADIUS server. The billing system we use backeds to oracle, so I guess I could do inserts directly into that, however I thought the community would be better served by a module like I'm suggesting, that could input standard dail-up radius into any billing system. I believe that you would be better off hacking 'radrelay', or creating your own equivalent. Read the detail files, crunch the sessions, and create daily start/stop packets. That way, the program generating the fake packets is *not* inside of the RADIUS server, and is much simpler. Cool. It looks like I can just copy the rlm_detail module. If you do write a module, I would say that you need some combination of radutmp detail. Use the utmp information to determine who's online, and for how long. Then, when you receive a new 'alive' packet at the start of a day, write to the pseduo-detail file a 'stop' packet for the previous day, and a 'start' packet for the current day. Then update the 'utmp' information, with the fact that the user logged in again. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, Yeah IP accouting is how I do it now. I use a FreeBSD bridge box, so nobody can even see it. Works well, however it makes billing on-net traffic difficult if you aren't billing the PPP sessions. thanks, Dave - Original Message - From: Simon White [EMAIL PROTECTED] Date: Tuesday, January 28, 2003 7:55 pm Subject: Re: DSL Accouting? 28-Jan-03 at 12:20, Dave Seddon ([EMAIL PROTECTED]) wrote : Thanks for your responce. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? The way I have heard of is to use Linux traffic shaping on a 2.4.x kernel, where iptables will keep track of how much bandwidth each IP has used as long as you get the rules right. However that's not trivial either if DHCP allocates a different IP each time there is an on/off, but then that can be tracked in liaison with Radius logs. Good luck. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Hi Dave
What exactly is it that you want to do? Make Extent work better, or switch to
freeradius. It sounds like freeradius is doing exactly what it is configured
to do by default, and that is to UPDATE and exisiting session record when it
recieves a ALIVE packet, NOT add a new record. I suggest you have a good read
of sql.conf (or mysql.conf of whatever) and understand the queries that are
being executed at different stages.
I myself am using Freeradius with a large VoIP setup, and I found that the
default queries were useless to me as they would kill the database. I
switched all queries to INSERTS, set different types of records to go to
different tables, and and threw away most of the default fields that were
being stored and replaced them with Cisco VoIP specific attributes (VSAs).
You should not have to use a cron script to parse your detail files. Just
modify the freeradius queries so it stores the information that you want.
I also found that MySQL simply could not handle the load I was throwing at it,
so I switched to Postgres and have been happy ever since. The fact that
postgres can do sub selects and views, makes it much more usefull if you have
split your radacct table up into multiple tables too.
Not to mention that I use the start and stop times as reported by the ciscos
instead of having freeradius timestamp the records, which is much more
accurate, and postgres supports cisco timestamp format while mysql does not.
HTH
Peter
On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
Greetings,
Still wondering how to convert DSL interum updates to standard dail-up
type radius accounting.
I've done some digging through the source code, and have decided that
perhaps I need to create a module, perhaps rlm_alive_to_dialup. If
the new module was based on rlm_detail, it would just be a matter of
linking to a mysql database to see the last update, calculate the
difference, then generate the new radius packets, for start and stop.
I'm also wondering if this should be part of the proxy (which seems to
be in the realm code) functionality, eg. Make the proxy feature break
RFC and allow it to modify the 'alive' and create a 'start' and
a 'stop'.
Any thoughts on whether it should be a seperate module or a
modification to the proxy code?
thanks,
Dave Seddon
- Original Message -
From: Dave Seddon [EMAIL PROTECTED]
Date: Saturday, January 25, 2003 4:20 pm
Subject: DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel
terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table.
There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the
Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The
accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little
perl
script to parse the detail log and stick the data in MySQL so I
could
easily do select statements. I discovered that the records I
created
where structured differently, so perhaps that's why it's not going
to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25
Re: DSL Accouting?
On Mon, 27 Jan 2003, Peter Nixon wrote:
Hi Dave
What exactly is it that you want to do? Make Extent work better, or switch to
freeradius. It sounds like freeradius is doing exactly what it is configured
to do by default, and that is to UPDATE and exisiting session record when it
recieves a ALIVE packet, NOT add a new record. I suggest you have a good read
of sql.conf (or mysql.conf of whatever) and understand the queries that are
being executed at different stages.
I myself am using Freeradius with a large VoIP setup, and I found that the
default queries were useless to me as they would kill the database. I
switched all queries to INSERTS, set different types of records to go to
different tables, and and threw away most of the default fields that were
being stored and replaced them with Cisco VoIP specific attributes (VSAs).
You should not have to use a cron script to parse your detail files. Just
modify the freeradius queries so it stores the information that you want.
I also found that MySQL simply could not handle the load I was throwing at it,
so I switched to Postgres and have been happy ever since. The fact that
postgres can do sub selects and views, makes it much more usefull if you have
split your radacct table up into multiple tables too.
Just to comment on that. If you add a few more indexes and use InnoDB tables
instead of the default MyISAM (row level instead of table level locking) things
can improve a lot. We have around 20 rows a day in radacct, do double login
detection through the sql module and still get nice performance.
Not to mention that I use the start and stop times as reported by the ciscos
instead of having freeradius timestamp the records, which is much more
accurate, and postgres supports cisco timestamp format while mysql does not.
HTH
Peter
On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
Greetings,
Still wondering how to convert DSL interum updates to standard dail-up
type radius accounting.
I've done some digging through the source code, and have decided that
perhaps I need to create a module, perhaps rlm_alive_to_dialup. If
the new module was based on rlm_detail, it would just be a matter of
linking to a mysql database to see the last update, calculate the
difference, then generate the new radius packets, for start and stop.
I'm also wondering if this should be part of the proxy (which seems to
be in the realm code) functionality, eg. Make the proxy feature break
RFC and allow it to modify the 'alive' and create a 'start' and
a 'stop'.
Any thoughts on whether it should be a seperate module or a
modification to the proxy code?
thanks,
Dave Seddon
- Original Message -
From: Dave Seddon [EMAIL PROTECTED]
Date: Saturday, January 25, 2003 4:20 pm
Subject: DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel
terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table.
There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the
Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The
accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little
perl
script to parse the detail log and stick the data in MySQL so I
could
easily do select statements. I discovered that the records I
created
where structured differently, so perhaps that's why it's not going
to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL
Re: DSL Accouting?
Thanks for your responce. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? Generating new packets is always problematic. I would suggest avoiding it if you can. Why is generating new packets problematic? Surely proxying generates packets reliably? The billing system we use backeds to oracle, so I guess I could do inserts directly into that, however I thought the community would be better served by a module like I'm suggesting, that could input standard dail-up radius into any billing system. This would be better don't you think? Why would it be necessary to create a new start/stop packet? Any thoughts on whether it should be a seperate module or a modification to the proxy code? A module. Cool. It looks like I can just copy the rlm_detail module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, OK. I have a Cisco Terminating PPPoX and it also sends accounting updates. I found I had to modify the update sql statements for them to do anything. Normal sql accounting is one record per call. I havent checked the detail files. What modifications did you make? Could you send me the sql.conf file? How did you cope with counter roll? If you keep doing UPDATE and the counter rolls, at 32bits, then you'll get an update of a low number and miss out on one metic s#it load of data. The boss wouldn't be very happy. If you have any method of graphing resulting data, I would appreciate a holler There are lots of billing system and other programs to graph standard dialup radius accounting. I'm currently thinking a module could recieve an 'alive' and generate a start and a stop, with the difference between two 'alives' calculated. thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings,
What exactly is it that you want to do? Make Extent work better, or
switch to
freeradius.
I want to make it easy for small dailup based ISPs to bill DSL
customers. Most small ISPs use billing systems based on stop starts, so
it would be good for DSL wholesalers to be able to generate simple
radius packets for smaller ISPs.
It sounds like freeradius is doing exactly what it is
configured
to do by default, and that is to UPDATE and exisiting session
record when it
recieves a ALIVE packet, NOT add a new record. I suggest you have a
good read
of sql.conf (or mysql.conf of whatever) and understand the queries
that are
being executed at different stages.
I myself am using Freeradius with a large VoIP setup, and I found
that the
default queries were useless to me as they would kill the database.
I
switched all queries to INSERTS, set different types of records to
go to
different tables, and and threw away most of the default fields
that were
being stored and replaced them with Cisco VoIP specific attributes
(VSAs).
You should not have to use a cron script to parse your detail
files. Just
modify the freeradius queries so it stores the information that you
want.
Different tables for different types of session? or was that for load
reasons? Perhaps different tables for different realms?
I also found that MySQL simply could not handle the load I was
throwing at it,
so I switched to Postgres and have been happy ever since. The fact
that
postgres can do sub selects and views, makes it much more usefull
if you have
split your radacct table up into multiple tables too.
Not to mention that I use the start and stop times as reported by
the ciscos
instead of having freeradius timestamp the records, which is much
more
accurate, and postgres supports cisco timestamp format while mysql
does not.
Very intersting. Thanks. Also thanks to Kostas Kalevras for his
comment on MySQL. Looks like Postgres could be the go for lots of reasons.
Which part of freeradius creates the timestamps?
thanks,
Dave
On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote:
Greetings,
Still wondering how to convert DSL interum updates to standard
dail-up
type radius accounting.
I've done some digging through the source code, and have decided
that perhaps I need to create a module, perhaps
rlm_alive_to_dialup. If
the new module was based on rlm_detail, it would just be a matter of
linking to a mysql database to see the last update, calculate the
difference, then generate the new radius packets, for start and
stop.
I'm also wondering if this should be part of the proxy (which
seems to
be in the realm code) functionality, eg. Make the proxy feature
break RFC and allow it to modify the 'alive' and create a 'start' and
a 'stop'.
Any thoughts on whether it should be a seperate module or a
modification to the proxy code?
thanks,
Dave Seddon
- Original Message -
From: Dave Seddon [EMAIL PROTECTED]
Date: Saturday, January 25, 2003 4:20 pm
Subject: DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel
terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table.
There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the
Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The
accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little
perl
script to parse the detail log and stick the data in MySQL so I
could
easily do select statements. I discovered that the records I
created
where structured differently, so perhaps that's why it's not going
to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct
Re: DSL Accouting?
How did you cope with counter roll? If you keep doing UPDATE and thecounter rolls, at 32bits, then you'll get an update of a low number and miss out on one metic s#it load of data. The boss wouldn't be very happy. Sorry, I just checked and it seems that the counter roll is at 31 bits (on a cisco). dave - NEW to mBox, receive faxes to any email address! Find out more http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Dave Seddon [EMAIL PROTECTED] wrote: Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. Generating new packets is always problematic. I would suggest avoiding it if you can. Why would it be necessary to create a new start/stop packet? Any thoughts on whether it should be a seperate module or a modification to the proxy code? A module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
OK. I have a Cisco Terminating PPPoX and it also sends accounting
updates. I found I had to modify the update sql statements for them to
do anything. Normal sql accounting is one record per call. I havent
checked the detail files.
If you have any method of graphing resulting data, I would appreciate a
holler
Joe
Dave Seddon wrote:
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table. There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little perl
script to parse the detail log and stick the data in MySQL so I could
easily do select statements. I discovered that the records I created
where structured differently, so perhaps that's why it's not going to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25) NOT NULL default '',
AcctTunnelConnection int unsigned default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctInputOctets int unsigned default NULL,
AcctOutputOctets int unsigned default NULL,
AcctInputPackets int unsigned default NULL,
AcctOutputPackets int unsigned default NULL,
AcctSessionTime int unsigned default NULL,
AcctDelayTime int unsigned default NULL,
ClientIPAddress varchar(15) NOT NULL,
TimeStamp bigint unsigned default NULL,
HumanTime varchar(10) default NULL,
PRIMARY KEY (RadAcctId),
KEY UserName (UserName)
);
-
So I've kind of solved the problem of getting the accouting data into
the MySQL database, however it's a bit crap cos I need to process the
logs with a cron job, instead of automatically inserting from
FreeRadius.
My company has lots of dialup also, and an ISP billing system called
Extent (with built in radius) that works fine fo these dialup
customers, however is unaware of 'Alive' packets. I'd really like to
feed the accounting data from Freeradius to the Extent billing
package. I'm thinking that for every Alive packet recieved from the
RAS box perhaps I could calculate the difference in Octets between now
and the last 'Alive', and then send a fake radius start and stop record
to Extent, such that Extent would think the DSL user had dialed up for
10 minutes, used X amount of data, and hungup. This way the standard
way of calculating usage would occur, and usage graphs, etc, would all
work fine. It would be very nice to build this functionality into
Freeradius. -- Perhaps I should email the developers list about how to
do this?
thanks,
Dave Seddon
-
Would you like to receive faxes to your personal email address?
You can with mBox. Visit http://www.mbox.com.au/fax
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings,
Still wondering how to convert DSL interum updates to standard dail-up
type radius accounting.
I've done some digging through the source code, and have decided that
perhaps I need to create a module, perhaps rlm_alive_to_dialup. If
the new module was based on rlm_detail, it would just be a matter of
linking to a mysql database to see the last update, calculate the
difference, then generate the new radius packets, for start and stop.
I'm also wondering if this should be part of the proxy (which seems to
be in the realm code) functionality, eg. Make the proxy feature break
RFC and allow it to modify the 'alive' and create a 'start' and
a 'stop'.
Any thoughts on whether it should be a seperate module or a
modification to the proxy code?
thanks,
Dave Seddon
- Original Message -
From: Dave Seddon [EMAIL PROTECTED]
Date: Saturday, January 25, 2003 4:20 pm
Subject: DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel
terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table.
There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the
Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The
accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little
perl
script to parse the detail log and stick the data in MySQL so I
could
easily do select statements. I discovered that the records I
created
where structured differently, so perhaps that's why it's not going
to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25) NOT NULL default '',
AcctTunnelConnection int unsigned default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctInputOctets int unsigned default NULL,
AcctOutputOctets int unsigned default NULL,
AcctInputPackets int unsigned default NULL,
AcctOutputPackets int unsigned default NULL,
AcctSessionTime int unsigned default NULL,
AcctDelayTime int unsigned default NULL,
ClientIPAddress varchar(15) NOT NULL,
TimeStamp bigint unsigned default NULL,
HumanTime varchar(10) default NULL,
PRIMARY KEY (RadAcctId),
KEY UserName (UserName)
);
-
So I've kind of solved the problem of getting the accouting data
into
the MySQL database, however it's a bit crap cos I need to process
the
logs with a cron job, instead of automatically inserting from
FreeRadius.
My company has lots of dialup also, and an ISP billing system
called
Extent (with built in radius) that works fine fo these dialup
customers, however is unaware of 'Alive' packets. I'd really like
to
feed the accounting data from Freeradius to the Extent billing
package. I'm thinking that for every Alive packet recieved from
the
RAS box perhaps I could calculate the difference in Octets between
now
and the last 'Alive', and then send a fake radius start and stop
record
to Extent, such that Extent would think the DSL user had dialed up
for
10 minutes, used X amount of data, and hungup. This way the
standard
way of calculating usage would occur, and usage graphs, etc, would
all
work fine. It would be very nice to build
DSL Accouting?
Greetings,
I'm new to the list. I have two issues:
-Problem logging accounting
-Alive packet processing and integration with dial-up billing
I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to
authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on
a big Cisco box. It works very well, however for some reason
accounting records do not get put in the 'radacct' mysql table. There
are some records in the table, but no where near as many as their
should be since Interim updates or Alive packets get sent by the Cisco
every 10 minutes. However I do get all the accouting records
in /var/log/radacct/ip_address/detail.
Here is some of the /usr/local/etc/raddb/radius.conf. The accounting
section seems correct. The sql.conf is untouched from the example
(except for the password and username).
authorize {
preprocess
suffix
sql
files
}
authenticate {
}
preacct {
preprocess
suffix
files
}
accounting {
detail
# unix
sql
radutmp
}
So what could be wrong?
To see what data I was getting in the detail log, I wote a little perl
script to parse the detail log and stick the data in MySQL so I could
easily do select statements. I discovered that the records I created
where structured differently, so perhaps that's why it's not going to
the Freeradius radacct table? Essentially, the difference is
the Tunnel attributes.
The database structure I created is:
-
drop database radiusaccounting;
create database radiusaccounting;
use radiusaccounting;
CREATE TABLE radacct (
RadAcctId int unsigned NOT NULL auto_increment,
NASIPAddress varchar(15) NOT NULL default '',
NASPortId tinyint unsigned default NULL,
NASPortType varchar(32) default NULL,
UserName varchar(64) NOT NULL default '',
AcctStatusType varchar(20) NOT NULL default '',
AcctAuthentic varchar(20) NOT NULL default '',
ServiceType varchar(32) default NULL,
AcctSessionID varchar(12) NOT NULL default '',
FramedProtocol varchar(6) default NULL,
TunnelServerEndpoint varchar(15) NOT NULL default '',
TunnelClientEndpoint varchar(15) NOT NULL default '',
TunnelType varchar(10) NOT NULL default '',
TunnelClientAuthID varchar(25) NOT NULL default '',
TunnelServerAuthID varchar(25) NOT NULL default '',
AcctTunnelConnection int unsigned default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctInputOctets int unsigned default NULL,
AcctOutputOctets int unsigned default NULL,
AcctInputPackets int unsigned default NULL,
AcctOutputPackets int unsigned default NULL,
AcctSessionTime int unsigned default NULL,
AcctDelayTime int unsigned default NULL,
ClientIPAddress varchar(15) NOT NULL,
TimeStamp bigint unsigned default NULL,
HumanTime varchar(10) default NULL,
PRIMARY KEY (RadAcctId),
KEY UserName (UserName)
);
-
So I've kind of solved the problem of getting the accouting data into
the MySQL database, however it's a bit crap cos I need to process the
logs with a cron job, instead of automatically inserting from
FreeRadius.
My company has lots of dialup also, and an ISP billing system called
Extent (with built in radius) that works fine fo these dialup
customers, however is unaware of 'Alive' packets. I'd really like to
feed the accounting data from Freeradius to the Extent billing
package. I'm thinking that for every Alive packet recieved from the
RAS box perhaps I could calculate the difference in Octets between now
and the last 'Alive', and then send a fake radius start and stop record
to Extent, such that Extent would think the DSL user had dialed up for
10 minutes, used X amount of data, and hungup. This way the standard
way of calculating usage would occur, and usage graphs, etc, would all
work fine. It would be very nice to build this functionality into
Freeradius. -- Perhaps I should email the developers list about how to
do this?
thanks,
Dave Seddon
-
Would you like to receive faxes to your personal email address?
You can with mBox. Visit http://www.mbox.com.au/fax
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
