Re: Keeping servers in sync
Luiz Lima [EMAIL PROTECTED] wrote: Anyway, what I want to know is if FreeRADIUS can generate Alive packets to VPRRS with the goal of keeping them in sync. No, and I wouldn't recommend implementing it, either. Why not? A RADIUS server, by design and intent, is nearly stateless. It ONLY does something when a NAS requests something. Making the server generate fake Alive packets completely changes it's functionality. Rather than hacking the server, I would suggest using something like 'radrelay', which is a seperate process, which ONLY relays/duplicates packets. If FreeRADIUS sees the users online, why doesn't the other system? You said that FreeRADIUS is doing nothing more than proxying packets, so they SHOULD be in sync automatically. I really don't know, Alan. But right now I'm kind of dependant on the other RADIUS server and I had some hope that FreeRADIUS could help me fix the situation. You still haven't discovered what's wrong. Sure, you know that the live users aren't in sync, but you don't know *why* they're not in sync. Trying to add more code, and expend a lot of effort to work around the problem is going to be a waste of your time. Find out the CAUSE of the problem, and fix THAT. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Keeping servers in sync
Luiz Lima [EMAIL PROTECTED] wrote: I'm 95% sure about the cause and it's that the telco screws up, sending packets from the same port-id for different customers and with different session-ids for Start and Stop packets for the same connection (among other stuff). Problem is, as in most of the places in the world, talking to the telco is even easy sometimes, but it's nearly impossible to convince them that they're wrong. That does happen... FreeRADIUS recovers from these glitches but by other server doesn't. That's why my first idea was that FreeRADIUS could keep its target RADIUS server informed of online users through Alive packets. Since it already may be configured to have its own internal schedule for retries, I figured why not sync remote servers with Alive packets. The retries sent by the server are ONLY for about 30 seconds. What you're talking about is having the server send Alive packets for as long as the user is logged in, which may be hours. That means the server has probably 100 to 1000 times as much information to keep track of, which isn't a good thing. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Keeping servers in sync
The retries sent by the server are ONLY for about 30 seconds. What you're talking about is having the server send Alive packets for as long as the user is logged in, which may be hours. That means the server has probably 100 to 1000 times as much information to keep track of, which isn't a good thing. What if a second program was written to periodicaly read radutmp and generate the Alive packets? I could be a daemon or something to be run by crond. Would anyone but me find it usefull? Well, now all I need is to learn C and start coding... :-) Thanks a lot for all the info, Alan. -- Luiz Lima Image Link Internet http://www.imagelink.com.br - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Keeping servers in sync
Luiz Lima [EMAIL PROTECTED] wrote: What if a second program was written to periodicaly read radutmp and generate the Alive packets? I could be a daemon or something to be run by crond. Would anyone but me find it usefull? You don't want it reading radutmp to generate packets. There's too much information lost when records get saved to radutmp. What you want is something like radrelay, which reads the detail file, and keeps track of which users have NOT logged out. It can then periodically send Alive packets. It may not be too difficult to modify radrelay to do this. But it WILL use a lot of RAM... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Keeping servers in sync
Luiz Lima [EMAIL PROTECTED] wrote: Anyway, what I want to know is if FreeRADIUS can generate Alive packets to VPRRS with the goal of keeping them in sync. No, and I wouldn't recommend implementing it, either. The telco does not send watchdogs packets of its own. Can FreeRADIUS that? Or if there's any other way to keep them together at all times? If FreeRADIUS sees the users online, why doesn't the other system? You said that FreeRADIUS is doing nothing more than proxying packets, so they SHOULD be in sync automatically. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Keeping servers in sync
Hello, I'm new to this list, altough I've been using FreeRADIUS for a while now. I use it exclusively to receive requests from my DSL customers and relay them to my other RADIUS server (which is a Vircom Proxy and Roaming RADIUS Server -- VPRRS). I use FreeRADIUS for nothing else. All my DSL operations are run by the telco and I only authenticate the users. What happens is that I can see that VPRRS shows different users than FreeRADIUS. It's like Vircom's server would loose control of who is actually online. At this momment, there are 55 users online and VPRRS only shows 21. I DO know that the telco screws things a little bit, including duplicate ports, different session-ids and things like that, but FreeRADIUS seems to recover more gracefully than VPRRS from those mistakes. They use Cisco equipment (DSL concentrators and a software called Dashboard to authenticate the users after they are already connected to the DSL system). Anyway, what I want to know is if FreeRADIUS can generate Alive packets to VPRRS with the goal of keeping them in sync. The telco does not send watchdogs packets of its own. Can FreeRADIUS that? Or if there's any other way to keep them together at all times? Thanks a lot. -- Luiz Lima Image Link Internet http://www.imagelink.com.br - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html