RE: (RADIATOR) Radiator going down after Oracle SQL Timeout
Well, I think this was discussed quite a few times in the list and was recommended by Hugh. The point is, precisely, the single-thread-ness of Radiator (inherited from the still unstablesness of Perl's multi-threading). While Radiator IS really fast, the data bases it interfaces are not necessarily fast (nor available, as the problem I had shows). In my case, I'm using an oracle database to authenticate users and also to store accounting records and on-line users. For now, these all reside in the same database in the same host (not the same host that is running Radiator), but I designed it so it can scale and functionally divide the databases. But even being in the same host, by splitting up Radiator authentication and accounting processes the database delays querying the tables to authenticate don't stop Radiator's accounting from receiving and storing account records and maintain the on-line users table and vice-versa. If I detected that the process is still to slow and the culprit was the database, I might even be tempted to leave 2 radiator instances listening on the standard ports for authentication and accounting records and load- balancing them among a bunch of authentication and accounting radiator processes all running on non-standard ports on the same host. El 13 Dec 2001 a las 10:48, Harrison Ng escribió: Hello Mariano, Do you mind telling me the purpose of running two instances of Radiator on the same unix box. I've heard that Radiator is a single thread perl appplication. So it can't fully utilize system resource effectively. Harrison SmarTone BroadBand Services Ltd. -Original Message- From: [EMAIL PROTECTED] [ mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] ]On Behalf Of Hugh Irvine Sent: Thursday, December 13, 2001 9:14 AM To: Mariano Absatz; Radiator List Subject: Re: (RADIATOR) Radiator going down after Oracle SQL Timeout Hello Mariano - What you describe below sounds to me like a problem with the DBD-Oracle module. I would suggest that you try to use the restartWrapper program that we provide in the distribution (goodies/restartWrapper) instead of supervise (at least for debugging this problem). The restartWrapper program can be set up with a delay before restarting, and it can also be configured to email a designated email address with the exit status and any error messages that were written to stderr. We should then be able to see what is causing Radiator to die. regards Hugh On Thu, 13 Dec 2001 08:14, Mariano Absatz wrote: Hi, I'm having the following problem: I'm using Radiator (2.18.4) and have all of my data on a remote Oracle (8.1.6) server. Both machines are Sun Netra with Solaris 8. Perl version is 5.6.1. There are two instances of Radiator (one for authentication and the other for accounting). The problem is the following. If the Oracle server goes down, the queries time out (that's reasonable). The point is some times (not after every SQL timeout, but after some of them), Radiator goes down. It seems to be that this happens when the query in question is necessary as part of the authentication (e.g. during a username lookup or simultaneous use or port limit check), but not when it is nonessential (as a deletion from the radonline table for the nas/port recently received or an insertion in an AuthLog). On only one ocassion I saw the Could not connect to any SQL database. Request is ignored. Backing off for 600 second message, but even that time, Radiator went down. I'm using daemontool's supervise ( http://cr.yp.to/daemontools.html http://cr.yp.to/daemontools.html ) to keep the servers running so the server starts up again almost immediately. I see the messages when it is starting again in the log. The question is, why is Radiator silently shutting down rather than backing off? One of the main problems is that on the almost immediate restart, the first thing Radiator tries to do is to read the client list from the database. If Oracle is still down, it won't read it, it won't retry, and (since there are no hardwired Client's in the config file, it won't accept anything from any NAS. Regretfully, supervise's log is autorotated and autoerased on a size basis and I don't have the output to correlate with Radiator's log. I'm attaching parts of the logs showing the SQL Timeout error immediately followed by Radiator starting up again (via supervise). The DEBUG: Adding Clients from SQL database is the first message issued by a NEW Radiator starting. I'm also attaching the whole set of configuration files (the main one is radius-main.cfg) in a zip file. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets:
(RADIATOR) Error Questions
I set up Radiator and it initializes fine. When I try and run radpwtest I get the same error three times. I get a no reply error when it sends the Access-Request, the Accounting-Request Start and the Accounting-Request Stop. If someone could tell me what I am doing wrong that would be great. Here is a level 4 trace: Thu Dec 13 14:02:37 2001: INFO: Server started: Radiator 2.19 on zoots (DEMO) Thu Dec 13 14:06:44 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1982 Code: Access-Request Identifier: 179 Authentic: 1234567890123456 Attributes: User-Name = mikem Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 Called-Station-Id = 123456789 Calling-Station-Id = 987654321 NAS-Port-Type = Async User-Password = 159249:201175\424618889160216}x153 Thu Dec 13 14:06:44 2001: NOTICE: Request from unknown client 127.0.0.1: ignored Thu Dec 13 14:06:49 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1982 Code: Accounting-Request Identifier: 180 Authentic: [135G181220148239.127212 y12712235 Attributes: User-Name = mikem Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = 1234 Acct-Status-Type = Start Called-Station-Id = 123456789 Calling-Station-Id = 987654321 Thu Dec 13 14:06:49 2001: NOTICE: Request from unknown client 127.0.0.1: ignored Thu Dec 13 14:06:54 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1982 Code: Accounting-Request Identifier: 181 Authentic: H238'185|150242272382920920122672432 Attributes: User-Name = mikem Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = 1234 Acct-Status-Type = Stop Called-Station-Id = 123456789 Calling-Station-Id = 987654321 Acct-Delay-Time = 0 Acct-Session-Time = 1000 Acct-Input-Octets = 2 Acct-Output-Octets = 3 Thu Dec 13 14:06:54 2001: NOTICE: Request from unknown client 127.0.0.1: ignored Eric
(RADIATOR) Access Request...
Dear All, Would anyone tell me what configuration of CISCO send me an Access-Request or show me configuration file? CISCO do not send me an Access-Request I am using CISCO AS5300 and IOS 12.1. Thanks, === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Log File
Hello Shane - On Thu, 13 Dec 2001 22:05, Shane Malden wrote: Attached is a modified version of my config file. As i have multiple client NAS, how can i setup one Log file to record when a NAS makes a request?? If anyone is able to help, it would be appreciated. Radiator will automatically create a log file called logfile in the specified LogDir which will be used to record every packet when the Trace level is set to 4. You can alter the file name by specifying a LogFile parameter in your configuration file. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Error Questions
Hello Eric - The problem you have is due to your configuration file not containing a Client clause for localhost (127.0.0.1), so any requests sent from radpwtst on the same box are ignored. You should add this to your configuration file: # specify a Client clause for localhost Client 127.0.0.1 Secret mysecret DupInterval 0 /Client regards Hugh On Fri, 14 Dec 2001 07:37, Eric Johnson wrote: I set up Radiator and it initializes fine. When I try and run radpwtest I get the same error three times. I get a no reply error when it sends the Access-Request, the Accounting-Request Start and the Accounting-Request Stop. If someone could tell me what I am doing wrong that would be great. Here is a level 4 trace: Thu Dec 13 14:02:37 2001: INFO: Server started: Radiator 2.19 on zoots (DEMO) Thu Dec 13 14:06:44 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1982 Code: Access-Request Identifier: 179 Authentic: 1234567890123456 Attributes: User-Name = mikem Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 Called-Station-Id = 123456789 Calling-Station-Id = 987654321 NAS-Port-Type = Async User-Password = 159249:201175\424618889160216}x153 Thu Dec 13 14:06:44 2001: NOTICE: Request from unknown client 127.0.0.1: ignored Thu Dec 13 14:06:49 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1982 Code: Accounting-Request Identifier: 180 Authentic: [135G181220148239.127212 y12712235 Attributes: User-Name = mikem Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = 1234 Acct-Status-Type = Start Called-Station-Id = 123456789 Calling-Station-Id = 987654321 Thu Dec 13 14:06:49 2001: NOTICE: Request from unknown client 127.0.0.1: ignored Thu Dec 13 14:06:54 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1982 Code: Accounting-Request Identifier: 181 Authentic: H238'185|150242272382920920122672432 Attributes: User-Name = mikem Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = 1234 Acct-Status-Type = Stop Called-Station-Id = 123456789 Calling-Station-Id = 987654321 Acct-Delay-Time = 0 Acct-Session-Time = 1000 Acct-Input-Octets = 2 Acct-Output-Octets = 3 Thu Dec 13 14:06:54 2001: NOTICE: Request from unknown client 127.0.0.1: ignored Eric -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Access Request...
Hello GwangHee - On Fri, 14 Dec 2001 09:03, GwangHee Yi wrote: Dear All, Would anyone tell me what configuration of CISCO send me an Access-Request or show me configuration file? CISCO do not send me an Access-Request I am using CISCO AS5300 and IOS 12.1. There is an item on this in the FAQ: 5. How do I configure a Cisco NAS for Radius? You will need something like this in your Terminal server configuration: aaa new-model aaa authentication login DIAL-SCRIPT-USERS radius aaa authentication login TELNET-USERS local aaa authentication ppp PAP-USERS if-needed radius aaa authorization network radius aaa accounting network start-stop radius ... radius-server host 1.2.3.4 auth-port 1645 acct-port 1646 radius-server key blahblahblah You will probably want to use these reply attributes in order to enable PPP sessions: Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP There is a description of Cisco's use of Radius attributes for IOS 12 in RADIUS Attributes overview. There has also been a great deal of discussion on this topic on the mailing list, so check the archive site (www.open.com.au/archives/radiator) and of course the best source of information is the Cisco web site. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.