Date: Wed, 20 Dec 2006 17:49:38 -0500 From: Jeremy Tregunna <jtregunna@blurgle.ca> To: dblais@interplex.ca Cc: freebsd-isp@freebsd.org Subject: Re: RADIUS/PPPoE Dead Connections Message-ID: <6FA799B6-ED28-47A5-9A45-E90C86280A65@blurgle.ca> In-Reply-To: <56245.24.122.21.214.1166649785.squirrel@secure.interplex.ca> References: <2004672F-664F-4331-A09F-D09A0C9DD99E@blurgle.ca> <56245.24.122.21.214.1166649785.squirrel@secure.interplex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20-Dec-06, at 4:23 PM, Dominic Blais wrote: > Try mpd instead of ppp, great performances... we're using it as a =20 > pppoe > concentrator for more than 100 simultaneous connections.. That's fine and dandy, but I've already got this box deployed, and I =20 don't like making major changes mid-stream. Unless I can guarantee =20 that mpd won't suffer this same issue, I'm not interested in even =20 considering changing, I'm more interested in fixing my problem. Regards; Jeremy Tregunna > > See /usr/ports/net/mpd > > mpd4 is beta, don't try it for production. > > > >> >> I've got a FreeBSD NAS and a FreeBSD RADIUS server (both running 6.1) >> serving up access to a wireless network. In any event, everything >> seems to work peachy when a user logs in and disconnects manually. >> But if for instance, someone closes the lid on their laptop and their >> wireless card powers off due to standby mode, the connection to the >> NAS is broken and the disconnect request never makes it from the NAS >> to the RADIUS server to inform it that the client went offline. >> >> Now then, I'm not so much worried about that stale entry staying on >> the RADIUS server until the user tries to log in again (I don't care >> much about time used, only bandwidth numbers); but ultimately it >> would be nice to have one of two solutions: >> >> (1) A user tries to log in when he's already logged in, have it >> disconnect that user and then log in; or >> (2) Have the NAS send a Disconnect-Request to the RADIUS server =20 >> when-- >> as in the above example--someone closes the lid on their laptop. >> >> An idle timeout isn't a workable solution for me, neither is a >> session timeout; I need both to have no fixed limit for all clients. >> >> My ppp.conf file is basically defined as: >> >> ### ppp.conf begin >> >> default: >> set log Chat Command Phase >> enable pap >> allow mode direct >> enable proxy >> disable ipv6cp >> set radius /etc/radius.conf >> set mru 1492 >> set mtu 1492 >> accept dns >> >> ### end ppp.conf >> >> The relevant users portion is like: >> >> DEFAULT Auth-Type :=3D System >> Service-Type :=3D Framed-User, >> Framed-Protocol :=3D PPP, >> Framed-IP-Address :=3D 192.168.8.50, >> Framed-IP-Netmask :=3D 255.255.255.0, >> Framed-Routing :=3D Broadcast-Listen, >> Framed-MTU :=3D 1492 >> >> And the relevant portions of attrs is like: >> >> DEFAULT >> Service-Type =3D=3D Framed-User, >> Framed-Protocol =3D=3D PPP, >> Framed-MTU =3D=3D 1492, >> Framed-Filter-ID =3D* ANY, >> Reply-Message =3D* ANY, >> Session-Timeout =3D=3D 0, >> Idle-Timeout =3D=3D 0, >> Port-Limit <=3D 2 >> >> Any assistance would be greatly appreciated. >> >> Regards, >> >> Jeremy Tregunna >> >> >> >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-=20 >> unsubscribe@freebsd.org" >> > > > --=20 > Dominic Blais > Administrateur r=E9seau > Interplex T=E9l=E9com Inc. > http://www.interplex.ca > > > > !DSPAM:4589a963678325368818224! >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6FA799B6-ED28-47A5-9A45-E90C86280A65>