Multilink PPP and RADIUS problem in ComOS 3.7

Oystein Homelien (oystein@homelien.no)
Thu, 14 Aug 1997 09:45:49 +0200 (MET DST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrew Foster: "v.fast?"
Previous message: Kevin Smith: "Re: Hayes 56k"
Next in thread: Jason Nealis: "Re: Hayes 56k"

I'm currently implementing a new accounting systen, and I have found what
seems to be a flaw in ComOS 3.7 regarding Multilink PPP and RADIUS. I'd
like your comments on this, and please feel free to correct me. (Sorry
for mixing radius-draft and radius.h keywords here)

First of all, I'll only be able to test this on ComOS 3.7, since I started
doing this work after the PM3 was upgraded to 3.7.

What happens is that I am trying to maintain a table of currently logged
in users. I know that this can be hard, especially when it comes to
handling situations where the access server is reset while there are users
logged on. In the event this happens, I can not see how the PM would be
able to tell me that all the users have logged out.

Does anyone know if the PM sends PW_STATUS_ALIVE accounting messages like
Ciscos do, or does it still only send _START and _STOP messages? If it
had _ALIVE support, this would make it easier to maintain a table of
currently logged in users. If anyone can shed any light on this problem,
please tell me.

The real problem, however, is that for some users I keep getting
Access-Request packets (those seem okay; we ack those packets since they
pass the verification checks. Then we get a PW_STATUS_START accounting
start message for that same session-id, but we never get a PW_STATUS_STOP
accounting stop message.

This effectively leaves a lot of "hanging" sessions in my table of
currently logged in users. The PM doesn't send PW_STATUS_STOP messages,
even though the users are not in the "show session" output on the PM.

After fiddling around with it a little, I think I can nail it down to
the following:

Whever a user connects with multilink PPP and _exceeds_ his or her
Port-Limit parameter for the max number of channels available for one
session, the PM seems to send an accounting START message, even though the
extra channel would exceed the channel limit. The user _is_ kicked out of
the PM, however, since the channel limit is exceeded - but an accounting
STOP message is never sent.

This surely must be a flaw in ComOS. I'd like to see it handled in one of
two ways;

1. Make sure that the PM sends accounting STOP messages for such sessions

or, preferably:

2. Make sure that the PM never sends the initial accounting START message
when the user tries to add a channel to a multilink ppp group and that
session is disallowed because the channel limit for that group has been
exceeded.

Livingston, please comment.. Megazone? :)

Oystein Homelien | email: oystein@powertech.no
PowerTech Information Systems AS | voice: +47-2220-3330
http://home.powertech.no/oystein/ | address: Storgata 37, N-0182 OSLO

Next message: Andrew Foster: "v.fast?"
Previous message: Kevin Smith: "Re: Hayes 56k"
Next in thread: Jason Nealis: "Re: Hayes 56k"