help-gnu-radius
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnu-radius] several radius CDR's for each call !


From: Sergey Poznyakoff
Subject: Re: [Help-gnu-radius] several radius CDR's for each call !
Date: Sun, 03 Aug 2003 11:22:06 +0300

Hi Macram,

> But lately, and very often i am getting more than one CDR (sometimes 6)
> for each call. I noticed this in both the text files and the database
> 
> The radius log does not show any error
> Could it be that radius ackgnowledgement  is not reaching the Cisco ?

Yes, most probably this is so. First, make sure that the
request-cleanup-delay in the acct block of your config file
is set to at least 50 (radius-server retransmit * radius-server
timeout). This should make sure radiusd will catch all possible
duplicates.

There is another problem, though: Cisco rarely retransmits its
accounting requests using the same ID and request authenticator
as RFC requires. This may prevent radiusd from discerning
the duplicate requests. Usually it receives several accounting
requests with different Acct-Delay-Time attributes, but otherwise
completely equivalent. If this is so, you will have to use
the so-called extended comparison. To do so, you will first need
to upgrade to version 1.1. Then, read the section "Extended
comparison" (see
http://www.gnu.org/software/radius/manual/html_node/radius_69.html#SEC136)

In short, it boils down to the following:

1) Mark in your raddb/dictionary the accounting attributes that can
be reliably used for comparing the two requests. Usually these are:
User-Name,Acct-Status-Type,Acct-Session-Id,NAS-Port-Type, and
possibly Acct-Input-Octets and Acct-Output-Octets. To mark them,
add a single digit (say '1') to their syntax flags, like shown
in the example below:

ATTRIBUTE       Acct-Status-Type        40      integer - []1

2) To each entry in your raddb/naslist that describes a Cisco, add
the following flag: `compare-acct-flag=1', this will instruct radiusd
to use attributes marked with `1' for comparing the requests coming
from these NASes. A sample raddb/naslist entry will then look as follows:

cisco.domain.com        cisco1   as5300  compare-acct-flag=1

That's all :^)

And finally, to be quite sure no duplicates will ever slip
to your database, you may try creating a unique index on the accounting
table. For example

CREATE UNIQUE INDEX index_name ON calls (user_name,nas_ip_address,
       nas_port_id,acct_session_id,acct_input_octets,acct_output_octets);

Regards,
Sergey







reply via email to

[Prev in Thread] Current Thread [Next in Thread]