Re: DSL Accouting?
29-Jan-03 at 09:47, Dave Seddon ([EMAIL PROTECTED]) wrote : Greetings, Yeah IP accouting is how I do it now. I use a FreeBSD bridge box, so nobody can even see it. Works well, however it makes billing on-net traffic difficult if you aren't billing the PPP sessions. What do you mean by on-net traffic? What's the extra info you get from the PPP sessions? -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
28-Jan-03 at 12:20, Dave Seddon ([EMAIL PROTECTED]) wrote : Thanks for your responce. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? The way I have heard of is to use Linux traffic shaping on a 2.4.x kernel, where iptables will keep track of how much bandwidth each IP has used as long as you get the rules right. However that's not trivial either if DHCP allocates a different IP each time there is an on/off, but then that can be tracked in liaison with Radius logs. Good luck. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
of the queries work so you can customise them for your needs. The queries that are default are IMHO broken (I will probably cop some shit for this comment) as they are only any good for a small dialin ISP running generic radius. However, I have not patched them as my accounting needs are a bit more specialised than the average ISP, I am using only cisco equipment and I am not doing any standard ISP type dialin currently so I don't have the time to test how my changes affect others. I have been planning to complete my documentation howver and commit it as advanced_sql_accounting.txt or something. Would other people be interested in this? Now I have to go and do some work. I have 2.1GB worth of billing records (A monthly DB dump from one site) to match/check today :-( Hope that helps -Peter On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote: Greetings, Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. I'm also wondering if this should be part of the proxy (which seems to be in the realm code) functionality, eg. Make the proxy feature break RFC and allow it to modify the 'alive' and create a 'start' and a 'stop'. Any thoughts on whether it should be a seperate module or a modification to the proxy code? thanks, Dave Seddon - Original Message - From: Dave Seddon [EMAIL PROTECTED] Date: Saturday, January 25, 2003 4:20 pm Subject: DSL Accouting? Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct ( RadAcctId int unsigned NOT NULL auto_increment, NASIPAddress varchar(15) NOT NULL default '', NASPortId tinyint unsigned default NULL, NASPortType varchar(32) default NULL, UserName varchar(64) NOT NULL default '', AcctStatusType varchar(20) NOT NULL default '', AcctAuthentic varchar(20) NOT NULL default '', ServiceType varchar(32) default NULL, AcctSessionID varchar(12) NOT NULL default '', FramedProtocol varchar(6) default NULL, TunnelServerEndpoint varchar(15) NOT NULL default '', TunnelClientEndpoint varchar(15) NOT NULL default '', TunnelType varchar(10) NOT NULL default '', TunnelClientAuthID varchar(25) NOT NULL default '', TunnelServerAuthID varchar(25) NOT NULL default '', AcctTunnelConnection int unsigned default NULL, FramedIPAddress varchar(15) NOT NULL default '', AcctInputOctets int unsigned default NULL, AcctOutputOctets int unsigned default NULL, AcctInputPackets int unsigned default NULL, AcctOutputPackets int unsigned default NULL, AcctSessionTime int unsigned default NULL, AcctDelayTime int unsigned default NULL, ClientIPAddress
Re: DSL Accouting?
Dave Seddon [EMAIL PROTECTED] wrote: Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Hmm.. so you want to break the server to work around a broken billing system. I can't say I like that idea. Maybe you have an idea of an easier way? Use the detail file, and the alive packets, to create another fake 'detail' file, with the daily start/stop packets for the users session. You can then use feed that hacked detail file to the billing software. Why is generating new packets problematic? Surely proxying generates packets reliably? Yes, but creating and receiving new packets *outside* of the existing infrastructure should be avoided. I believe that you can come up with a slightly different solution to the problem, which doesn't require such weirdness *inside* of the RADIUS server. The billing system we use backeds to oracle, so I guess I could do inserts directly into that, however I thought the community would be better served by a module like I'm suggesting, that could input standard dail-up radius into any billing system. I believe that you would be better off hacking 'radrelay', or creating your own equivalent. Read the detail files, crunch the sessions, and create daily start/stop packets. That way, the program generating the fake packets is *not* inside of the RADIUS server, and is much simpler. Cool. It looks like I can just copy the rlm_detail module. If you do write a module, I would say that you need some combination of radutmp detail. Use the utmp information to determine who's online, and for how long. Then, when you receive a new 'alive' packet at the start of a day, write to the pseduo-detail file a 'stop' packet for the previous day, and a 'start' packet for the current day. Then update the 'utmp' information, with the fact that the user logged in again. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, Yeah IP accouting is how I do it now. I use a FreeBSD bridge box, so nobody can even see it. Works well, however it makes billing on-net traffic difficult if you aren't billing the PPP sessions. thanks, Dave - Original Message - From: Simon White [EMAIL PROTECTED] Date: Tuesday, January 28, 2003 7:55 pm Subject: Re: DSL Accouting? 28-Jan-03 at 12:20, Dave Seddon ([EMAIL PROTECTED]) wrote : Thanks for your responce. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? The way I have heard of is to use Linux traffic shaping on a 2.4.x kernel, where iptables will keep track of how much bandwidth each IP has used as long as you get the rules right. However that's not trivial either if DHCP allocates a different IP each time there is an on/off, but then that can be tracked in liaison with Radius logs. Good luck. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Hi Dave What exactly is it that you want to do? Make Extent work better, or switch to freeradius. It sounds like freeradius is doing exactly what it is configured to do by default, and that is to UPDATE and exisiting session record when it recieves a ALIVE packet, NOT add a new record. I suggest you have a good read of sql.conf (or mysql.conf of whatever) and understand the queries that are being executed at different stages. I myself am using Freeradius with a large VoIP setup, and I found that the default queries were useless to me as they would kill the database. I switched all queries to INSERTS, set different types of records to go to different tables, and and threw away most of the default fields that were being stored and replaced them with Cisco VoIP specific attributes (VSAs). You should not have to use a cron script to parse your detail files. Just modify the freeradius queries so it stores the information that you want. I also found that MySQL simply could not handle the load I was throwing at it, so I switched to Postgres and have been happy ever since. The fact that postgres can do sub selects and views, makes it much more usefull if you have split your radacct table up into multiple tables too. Not to mention that I use the start and stop times as reported by the ciscos instead of having freeradius timestamp the records, which is much more accurate, and postgres supports cisco timestamp format while mysql does not. HTH Peter On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote: Greetings, Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. I'm also wondering if this should be part of the proxy (which seems to be in the realm code) functionality, eg. Make the proxy feature break RFC and allow it to modify the 'alive' and create a 'start' and a 'stop'. Any thoughts on whether it should be a seperate module or a modification to the proxy code? thanks, Dave Seddon - Original Message - From: Dave Seddon [EMAIL PROTECTED] Date: Saturday, January 25, 2003 4:20 pm Subject: DSL Accouting? Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct ( RadAcctId int unsigned NOT NULL auto_increment, NASIPAddress varchar(15) NOT NULL default '', NASPortId tinyint unsigned default NULL, NASPortType varchar(32) default NULL, UserName varchar(64) NOT NULL default '', AcctStatusType varchar(20) NOT NULL default '', AcctAuthentic varchar(20) NOT NULL default '', ServiceType varchar(32) default NULL, AcctSessionID varchar(12) NOT NULL default '', FramedProtocol varchar(6) default NULL, TunnelServerEndpoint varchar(15) NOT NULL default '', TunnelClientEndpoint varchar(15) NOT NULL default '', TunnelType varchar(10) NOT NULL default '', TunnelClientAuthID varchar(25) NOT NULL default '', TunnelServerAuthID varchar(25
Re: DSL Accouting?
On Mon, 27 Jan 2003, Peter Nixon wrote: Hi Dave What exactly is it that you want to do? Make Extent work better, or switch to freeradius. It sounds like freeradius is doing exactly what it is configured to do by default, and that is to UPDATE and exisiting session record when it recieves a ALIVE packet, NOT add a new record. I suggest you have a good read of sql.conf (or mysql.conf of whatever) and understand the queries that are being executed at different stages. I myself am using Freeradius with a large VoIP setup, and I found that the default queries were useless to me as they would kill the database. I switched all queries to INSERTS, set different types of records to go to different tables, and and threw away most of the default fields that were being stored and replaced them with Cisco VoIP specific attributes (VSAs). You should not have to use a cron script to parse your detail files. Just modify the freeradius queries so it stores the information that you want. I also found that MySQL simply could not handle the load I was throwing at it, so I switched to Postgres and have been happy ever since. The fact that postgres can do sub selects and views, makes it much more usefull if you have split your radacct table up into multiple tables too. Just to comment on that. If you add a few more indexes and use InnoDB tables instead of the default MyISAM (row level instead of table level locking) things can improve a lot. We have around 20 rows a day in radacct, do double login detection through the sql module and still get nice performance. Not to mention that I use the start and stop times as reported by the ciscos instead of having freeradius timestamp the records, which is much more accurate, and postgres supports cisco timestamp format while mysql does not. HTH Peter On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote: Greetings, Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. I'm also wondering if this should be part of the proxy (which seems to be in the realm code) functionality, eg. Make the proxy feature break RFC and allow it to modify the 'alive' and create a 'start' and a 'stop'. Any thoughts on whether it should be a seperate module or a modification to the proxy code? thanks, Dave Seddon - Original Message - From: Dave Seddon [EMAIL PROTECTED] Date: Saturday, January 25, 2003 4:20 pm Subject: DSL Accouting? Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct ( RadAcctId int unsigned NOT NULL auto_increment, NASIPAddress varchar(15) NOT NULL default '', NASPortId tinyint unsigned default NULL, NASPortType varchar(32) default NULL, UserName varchar(64) NOT NULL default '', AcctStatusType varchar(20) NOT NULL
Re: DSL Accouting?
Thanks for your responce. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. Most ISP billing packages are designed to bill stardard dialup, where there is a start and a stop. DSL ppp sessions stay up for ages, so a seesion might go for more than a month. Also, billing packages usually show pretty graphs of usage, based on starts and stops. Therefore, it would make billing really easy if for each 'Alive' recieved, a start and a stop was sent to the Billing system. It would appear as if each DSL customer connected and disconnected every ten minutes. Maybe you have an idea of an easier way? Generating new packets is always problematic. I would suggest avoiding it if you can. Why is generating new packets problematic? Surely proxying generates packets reliably? The billing system we use backeds to oracle, so I guess I could do inserts directly into that, however I thought the community would be better served by a module like I'm suggesting, that could input standard dail-up radius into any billing system. This would be better don't you think? Why would it be necessary to create a new start/stop packet? Any thoughts on whether it should be a seperate module or a modification to the proxy code? A module. Cool. It looks like I can just copy the rlm_detail module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, OK. I have a Cisco Terminating PPPoX and it also sends accounting updates. I found I had to modify the update sql statements for them to do anything. Normal sql accounting is one record per call. I havent checked the detail files. What modifications did you make? Could you send me the sql.conf file? How did you cope with counter roll? If you keep doing UPDATE and the counter rolls, at 32bits, then you'll get an update of a low number and miss out on one metic s#it load of data. The boss wouldn't be very happy. If you have any method of graphing resulting data, I would appreciate a holler There are lots of billing system and other programs to graph standard dialup radius accounting. I'm currently thinking a module could recieve an 'alive' and generate a start and a stop, with the difference between two 'alives' calculated. thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, What exactly is it that you want to do? Make Extent work better, or switch to freeradius. I want to make it easy for small dailup based ISPs to bill DSL customers. Most small ISPs use billing systems based on stop starts, so it would be good for DSL wholesalers to be able to generate simple radius packets for smaller ISPs. It sounds like freeradius is doing exactly what it is configured to do by default, and that is to UPDATE and exisiting session record when it recieves a ALIVE packet, NOT add a new record. I suggest you have a good read of sql.conf (or mysql.conf of whatever) and understand the queries that are being executed at different stages. I myself am using Freeradius with a large VoIP setup, and I found that the default queries were useless to me as they would kill the database. I switched all queries to INSERTS, set different types of records to go to different tables, and and threw away most of the default fields that were being stored and replaced them with Cisco VoIP specific attributes (VSAs). You should not have to use a cron script to parse your detail files. Just modify the freeradius queries so it stores the information that you want. Different tables for different types of session? or was that for load reasons? Perhaps different tables for different realms? I also found that MySQL simply could not handle the load I was throwing at it, so I switched to Postgres and have been happy ever since. The fact that postgres can do sub selects and views, makes it much more usefull if you have split your radacct table up into multiple tables too. Not to mention that I use the start and stop times as reported by the ciscos instead of having freeradius timestamp the records, which is much more accurate, and postgres supports cisco timestamp format while mysql does not. Very intersting. Thanks. Also thanks to Kostas Kalevras for his comment on MySQL. Looks like Postgres could be the go for lots of reasons. Which part of freeradius creates the timestamps? thanks, Dave On Sun, 26 Jan 2003 04:16 am, Dave Seddon wrote: Greetings, Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. I'm also wondering if this should be part of the proxy (which seems to be in the realm code) functionality, eg. Make the proxy feature break RFC and allow it to modify the 'alive' and create a 'start' and a 'stop'. Any thoughts on whether it should be a seperate module or a modification to the proxy code? thanks, Dave Seddon - Original Message - From: Dave Seddon [EMAIL PROTECTED] Date: Saturday, January 25, 2003 4:20 pm Subject: DSL Accouting? Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct
Re: DSL Accouting?
How did you cope with counter roll? If you keep doing UPDATE and thecounter rolls, at 32bits, then you'll get an update of a low number and miss out on one metic s#it load of data. The boss wouldn't be very happy. Sorry, I just checked and it seems that the counter roll is at 31 bits (on a cisco). dave - NEW to mBox, receive faxes to any email address! Find out more http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Dave Seddon [EMAIL PROTECTED] wrote: Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. If your DSL box produces RADIUS accounting packets, then I don't see why this would be necessary. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. Generating new packets is always problematic. I would suggest avoiding it if you can. Why would it be necessary to create a new start/stop packet? Any thoughts on whether it should be a seperate module or a modification to the proxy code? A module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
OK. I have a Cisco Terminating PPPoX and it also sends accounting updates. I found I had to modify the update sql statements for them to do anything. Normal sql accounting is one record per call. I havent checked the detail files. If you have any method of graphing resulting data, I would appreciate a holler Joe Dave Seddon wrote: Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct ( RadAcctId int unsigned NOT NULL auto_increment, NASIPAddress varchar(15) NOT NULL default '', NASPortId tinyint unsigned default NULL, NASPortType varchar(32) default NULL, UserName varchar(64) NOT NULL default '', AcctStatusType varchar(20) NOT NULL default '', AcctAuthentic varchar(20) NOT NULL default '', ServiceType varchar(32) default NULL, AcctSessionID varchar(12) NOT NULL default '', FramedProtocol varchar(6) default NULL, TunnelServerEndpoint varchar(15) NOT NULL default '', TunnelClientEndpoint varchar(15) NOT NULL default '', TunnelType varchar(10) NOT NULL default '', TunnelClientAuthID varchar(25) NOT NULL default '', TunnelServerAuthID varchar(25) NOT NULL default '', AcctTunnelConnection int unsigned default NULL, FramedIPAddress varchar(15) NOT NULL default '', AcctInputOctets int unsigned default NULL, AcctOutputOctets int unsigned default NULL, AcctInputPackets int unsigned default NULL, AcctOutputPackets int unsigned default NULL, AcctSessionTime int unsigned default NULL, AcctDelayTime int unsigned default NULL, ClientIPAddress varchar(15) NOT NULL, TimeStamp bigint unsigned default NULL, HumanTime varchar(10) default NULL, PRIMARY KEY (RadAcctId), KEY UserName (UserName) ); - So I've kind of solved the problem of getting the accouting data into the MySQL database, however it's a bit crap cos I need to process the logs with a cron job, instead of automatically inserting from FreeRadius. My company has lots of dialup also, and an ISP billing system called Extent (with built in radius) that works fine fo these dialup customers, however is unaware of 'Alive' packets. I'd really like to feed the accounting data from Freeradius to the Extent billing package. I'm thinking that for every Alive packet recieved from the RAS box perhaps I could calculate the difference in Octets between now and the last 'Alive', and then send a fake radius start and stop record to Extent, such that Extent would think the DSL user had dialed up for 10 minutes, used X amount of data, and hungup. This way the standard way of calculating usage would occur, and usage graphs, etc, would all work fine. It would be very nice to build this functionality into Freeradius. -- Perhaps I should email the developers list about how to do this? thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: DSL Accouting?
Greetings, Still wondering how to convert DSL interum updates to standard dail-up type radius accounting. I've done some digging through the source code, and have decided that perhaps I need to create a module, perhaps rlm_alive_to_dialup. If the new module was based on rlm_detail, it would just be a matter of linking to a mysql database to see the last update, calculate the difference, then generate the new radius packets, for start and stop. I'm also wondering if this should be part of the proxy (which seems to be in the realm code) functionality, eg. Make the proxy feature break RFC and allow it to modify the 'alive' and create a 'start' and a 'stop'. Any thoughts on whether it should be a seperate module or a modification to the proxy code? thanks, Dave Seddon - Original Message - From: Dave Seddon [EMAIL PROTECTED] Date: Saturday, January 25, 2003 4:20 pm Subject: DSL Accouting? Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct ( RadAcctId int unsigned NOT NULL auto_increment, NASIPAddress varchar(15) NOT NULL default '', NASPortId tinyint unsigned default NULL, NASPortType varchar(32) default NULL, UserName varchar(64) NOT NULL default '', AcctStatusType varchar(20) NOT NULL default '', AcctAuthentic varchar(20) NOT NULL default '', ServiceType varchar(32) default NULL, AcctSessionID varchar(12) NOT NULL default '', FramedProtocol varchar(6) default NULL, TunnelServerEndpoint varchar(15) NOT NULL default '', TunnelClientEndpoint varchar(15) NOT NULL default '', TunnelType varchar(10) NOT NULL default '', TunnelClientAuthID varchar(25) NOT NULL default '', TunnelServerAuthID varchar(25) NOT NULL default '', AcctTunnelConnection int unsigned default NULL, FramedIPAddress varchar(15) NOT NULL default '', AcctInputOctets int unsigned default NULL, AcctOutputOctets int unsigned default NULL, AcctInputPackets int unsigned default NULL, AcctOutputPackets int unsigned default NULL, AcctSessionTime int unsigned default NULL, AcctDelayTime int unsigned default NULL, ClientIPAddress varchar(15) NOT NULL, TimeStamp bigint unsigned default NULL, HumanTime varchar(10) default NULL, PRIMARY KEY (RadAcctId), KEY UserName (UserName) ); - So I've kind of solved the problem of getting the accouting data into the MySQL database, however it's a bit crap cos I need to process the logs with a cron job, instead of automatically inserting from FreeRadius. My company has lots of dialup also, and an ISP billing system called Extent (with built in radius) that works fine fo these dialup customers, however is unaware of 'Alive' packets. I'd really like to feed the accounting data from Freeradius to the Extent billing package. I'm thinking that for every Alive packet recieved from the RAS box perhaps I could calculate the difference in Octets between now and the last 'Alive', and then send a fake radius start and stop record to Extent, such that Extent would think the DSL user had dialed up for 10 minutes, used X amount of data, and hungup. This way the standard way of calculating usage would occur, and usage graphs, etc, would all work fine. It would be very nice to build
DSL Accouting?
Greetings, I'm new to the list. I have two issues: -Problem logging accounting -Alive packet processing and integration with dial-up billing I use Freeradius(7.0) with MySQL(3.23.54) on FreeBSD(4.7) to authenticate lots of xDSL PPP sessions via an L2TP tunnel terminated on a big Cisco box. It works very well, however for some reason accounting records do not get put in the 'radacct' mysql table. There are some records in the table, but no where near as many as their should be since Interim updates or Alive packets get sent by the Cisco every 10 minutes. However I do get all the accouting records in /var/log/radacct/ip_address/detail. Here is some of the /usr/local/etc/raddb/radius.conf. The accounting section seems correct. The sql.conf is untouched from the example (except for the password and username). authorize { preprocess suffix sql files } authenticate { } preacct { preprocess suffix files } accounting { detail # unix sql radutmp } So what could be wrong? To see what data I was getting in the detail log, I wote a little perl script to parse the detail log and stick the data in MySQL so I could easily do select statements. I discovered that the records I created where structured differently, so perhaps that's why it's not going to the Freeradius radacct table? Essentially, the difference is the Tunnel attributes. The database structure I created is: - drop database radiusaccounting; create database radiusaccounting; use radiusaccounting; CREATE TABLE radacct ( RadAcctId int unsigned NOT NULL auto_increment, NASIPAddress varchar(15) NOT NULL default '', NASPortId tinyint unsigned default NULL, NASPortType varchar(32) default NULL, UserName varchar(64) NOT NULL default '', AcctStatusType varchar(20) NOT NULL default '', AcctAuthentic varchar(20) NOT NULL default '', ServiceType varchar(32) default NULL, AcctSessionID varchar(12) NOT NULL default '', FramedProtocol varchar(6) default NULL, TunnelServerEndpoint varchar(15) NOT NULL default '', TunnelClientEndpoint varchar(15) NOT NULL default '', TunnelType varchar(10) NOT NULL default '', TunnelClientAuthID varchar(25) NOT NULL default '', TunnelServerAuthID varchar(25) NOT NULL default '', AcctTunnelConnection int unsigned default NULL, FramedIPAddress varchar(15) NOT NULL default '', AcctInputOctets int unsigned default NULL, AcctOutputOctets int unsigned default NULL, AcctInputPackets int unsigned default NULL, AcctOutputPackets int unsigned default NULL, AcctSessionTime int unsigned default NULL, AcctDelayTime int unsigned default NULL, ClientIPAddress varchar(15) NOT NULL, TimeStamp bigint unsigned default NULL, HumanTime varchar(10) default NULL, PRIMARY KEY (RadAcctId), KEY UserName (UserName) ); - So I've kind of solved the problem of getting the accouting data into the MySQL database, however it's a bit crap cos I need to process the logs with a cron job, instead of automatically inserting from FreeRadius. My company has lots of dialup also, and an ISP billing system called Extent (with built in radius) that works fine fo these dialup customers, however is unaware of 'Alive' packets. I'd really like to feed the accounting data from Freeradius to the Extent billing package. I'm thinking that for every Alive packet recieved from the RAS box perhaps I could calculate the difference in Octets between now and the last 'Alive', and then send a fake radius start and stop record to Extent, such that Extent would think the DSL user had dialed up for 10 minutes, used X amount of data, and hungup. This way the standard way of calculating usage would occur, and usage graphs, etc, would all work fine. It would be very nice to build this functionality into Freeradius. -- Perhaps I should email the developers list about how to do this? thanks, Dave Seddon - Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html