Penguin

I've had some issues when first setting up FreeRADIUS to deal with Telecom's proxy RADIUS servers for Jetstream/ADSL in NZ. Here are some of the things I did.

FreeRADIUS by default has an AcctSessionId? field which is of type varchar(32).

Telecom's servers tend to send things like

Acct-Session-Id = "erx atm 0/0.12100065:121.65:0126979819"

in their RADIUS replies which is just a few more than 32 characters. Enough to cause issues with a default FreeRADIUS setup.

When FreeRADIUS sees this in an ALIVE packet, it tries to do an accouting update by finding a row that matches the session Id.. Of course if it's stored a shorter value, then you'll always get it finding no rows, so it goes on to create a NEW row. This ends up in a big mess of packets, and it makes it appear as if users have logged on hundreds of times and never logged off.

You need to increase the length of the AcctSessionId? field in the radacct table of the SQL database to something larger than the default of 32. I've set mine to 48 and this has solved all the problems.

You might also want to customize the radacct table further, along with the sql queries that FreeRADIUS sends to your database in order to incorporate some more of the fields that Telecom's RADIUS servers send out. I've added in AcctInputGigawords?, AcctOutputGigawords?, ERXIngressPolicyName and NASIdentifier. I'm not sure that the Gigawords are being used yet, certainly none of my historical records seem to show them, but it is possible they will be used in the future so I figured I'd add them in there. The ERXIngressPolicyName and NASIdentifier are just informational more than anything.

There are also some useful notes for setting up FreeRADIUS and MySQL over here : http://www.frontios.com/freeradius.html