forum.bitel.ru :: Просмотр темы - PoD работает, COA

nas.port_time.default.*=1
nas.port_traffic.default.*=2:RADIN;3:RADOUT
month.break=1
nas.inspector.sleep_time=60
nas.inspector.kill.max_messages=5
drop.sleep.timeout=3600
nas.inspector.class=bitel.billing.server.processor.PoDNASConnectionInspector
nas.inspector.radius.port=3799
nas.inspector.radius.host=192.168.0.10
nas.inspector.radius.secret=******
nas.inspector.radius.attributes=Framed-IP-Address;Acct-Session-Id
nas.inspector.coa.timeout=5
nas.inspector.coa.retries=2
nas.inspector.coa.threads=4

aaa new-model
aaa session-mib disconnect
!
aaa group server radius bgbill
server-private 192.168.0.1 auth-port 1812 acct-port 1813 non-standard key ******
!
aaa authentication login default local
aaa authentication ppp default local group bgbill
aaa authorization network default local group bgbill
aaa accounting delay-start
aaa accounting delay-start all
aaa accounting jitter maximum 30
aaa accounting update periodic 3
aaa accounting network default
action-type start-stop
group bgbill
!
!
aaa server radius dynamic-author
client 192.168.0.1
server-key *****
port 3799
auth-type any
!
aaa session-id common

445130: Nov 7 16:37:22 MSK: ++++++ POD Attribute List ++++++
445131: Nov 7 16:37:22 MSK: 0ABDBC30 0 00000009 username(367) 7 office4
445132: Nov 7 16:37:22 MSK: 0AC91548 0 00000001 addr(7) 4 172.16.16.4
445133: Nov 7 16:37:22 MSK: 0AC91558 0 00000009 string-session-id(339) 8 001A2247
445134: Nov 7 16:37:22 MSK:
445135: Nov 7 16:37:22 MSK: POD: Received Acct-Session-Id of 001A2247
445136: Nov 7 16:37:22 MSK: POD: Converted to internal Session-Id of 001A2247
445137: Nov 7 16:37:22 MSK: POD: 192.168.0.1 user office4 172.16.16.4 sessid 0x1A2247 key 0x0
445138: Nov 7 16:37:22 MSK: POD: Line User IDB Session Id Key
445139: Nov 7 16:37:22 MSK: POD: KILL Virtual- office4 172.16.16.4 0x1A2247 0x9C148A3A
445140: Nov 7 16:37:22 MSK: POD: Sending ACK from port 3799 to 192.168.0.1/59308

445111: Nov 7 16:02:29 MSK: ++++++ CoA Attribute List ++++++
445112: Nov 7 16:02:29 MSK: 0B40D7E8 0 00000009 username(367) 7 office4
445113: Nov 7 16:02:29 MSK: 0B9D10C8 0 00000001 addr(7) 4 172.16.16.4
445114: Nov 7 16:02:29 MSK: 0B9D10D8 0 00000009 string-session-id(339) 8 001A2247
445115: Nov 7 16:02:29 MSK: 0B9D10E8 0 00000009 interface-config(176) 85 rate-limit output 3384000 634500 1269000 conform-action transmit exceed-action d
445116: Nov 7 16:02:29 MSK: 0B9D10F8 0 00000009 interface-config(176) 23 ip unnumbered Loopback1
445117: Nov 7 16:02:29 MSK: 0B9D1108 0 00000009 interface-config(176) 84 rate-limit input 3384000 634500 1269000 conform-action transmit exceed-action dr
445118: Nov 7 16:02:29 MSK:
445119: Nov 7 16:02:29 MSK: COA: No matching entry found
445120: Nov 7 16:02:29 MSK: COA: Added Reply Message: No Matching Session
445121: Nov 7 16:02:29 MSK: COA: Added NACK Error Cause: Session Context Not Found
445122: Nov 7 16:02:29 MSK: COA: Sending NAK from port 3799 to 192.168.0.1/43232
445123: Nov 7 16:02:29 MSK: RADIUS: 18 21 4E6F204D61746368696E672053657373696F6E
445124: Nov 7 16:02:29 MSK: RADIUS: 101 6 000001F7

445120: Nov 7 16:02:29 MSK: COA: Added Reply Message: No Matching Session

11-10/08:00:49 INFO [Thread-8] connections - [ dialup-04; office4; 27937 ] sendKillRequest
11-10/08:00:49 INFO [Thread-8] connections - [ dialup-04; office4; 27937 ] PoD reset packet on 192.168.0.10:3799
Type=40
Attributes:
User-Name=office4
Framed-IP-Address=172.16.16.4
Acct-Session-Id=001AAFFD

11-10/09:02:01 INFO [Thread-40] connections - [ dialup-04; office4; 51042 ] Need CoA request
11-10/09:02:01 INFO [Thread-40] connections - [ dialup-04; office4; 51042 ] Send CoA request with attribute sets: 1,11,29,28
11-10/09:02:01 INFO [pool-1-thread-2] connections - [ dialup-04; office4; 51042 ] CoA packet tryCount=1 on 192.168.0.10:3799
Type=43
Attributes:
User-Name=office4
Framed-IP-Address=172.16.16.4
Framed-Pool=my
Acct-Session-Id=001AB7CF
cisco-avpair=lcp:interface-config=ip unnumbered Loopback1
cisco-avpair=lcp:interface-config=rate-limit output 2256000 423000 846000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=rate-limit input 2256000 423000 846000 conform-action transmit exceed-action drop

11-10/09:02:01 INFO [pool-4-thread-24] connections - [ dialup-04; office4; 51042 ] DialUpNASConnection set STATUS=1
11-10/09:02:01 ERROR [pool-1-thread-2] connections - [ dialup-04; office4; 51042 ] CoA packet response 45

no rate-limit output ПРЕДЫДУЩАЯ СКОРОСТЬ conform-action transmit exceed-action drop

rate-limit output НОВАЯ СКОРОСТЬ conform-action transmit exceed-action drop

Mar 16 15:42:43.031: COA: 212.42.120.242 request queued
*Mar 16 15:42:43.031: RADIUS: authenticator 9A E3 43 27 D1 9B AB 16 - 69 45 C5 F6 67 A4 BF 4D
*Mar 16 15:42:43.031: RADIUS: User-Name [1] 8 "ip0203"
*Mar 16 15:42:43.031: RADIUS: Framed-IP-Address [8] 6 212.42.120.232
*Mar 16 15:42:43.031: RADIUS: Acct-Session-Id [44] 10 "00000002"
*Mar 16 15:42:43.031: RADIUS: Vendor, Unknown [26] 35
*Mar 16 15:42:43.031: RADIUS: Framed-Protocol [7] 29
*Mar 16 15:42:43.031: RADIUS: 6F 75 74 23 33 3D 61 6C 6C 20 73 68 61 70 65 20 [out#3=all shape ]
*Mar 16 15:42:43.031: RADIUS: 32 35 36 30 30 30 20 70 61 73 73 [ 256000 pass]
*Mar 16 15:42:43.031: RADIUS: Vendor, Cisco [26] 229
*Mar 16 15:42:43.031: RADIUS: Cisco AVpair [1] 223 "lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop"
*Mar 16 15:42:43.031: ++++++ CoA Attribute List ++++++
*Mar 16 15:42:43.031: 07271E9C 0 00000009 username(422) 6 ip0203
*Mar 16 15:42:43.031: 07271DC4 0 00000001 addr(8) 4 212.42.120.232
*Mar 16 15:42:43.031: 07271DD4 0 00000001 session-id(385) 4 2(2)
*Mar 16 15:42:43.031: 07271DE4 0 00000009 interface-config(205) 200 no rate-limit output access-group 2001 512000 96000 192000 conform-action transmi
*Mar 16 15:42:43.031:
*Mar 16 15:42:43.031: COA: Unsupported vendor or attribute for LI
*Mar 16 15:42:43.031: COA: Added Reply Message: Unsupported Attribute
*Mar 16 15:42:43.031: COA: Added NACK Error Cause: Unsupported Attribute
*Mar 16 15:42:43.031: COA: Sending NAK from port 1800 to 212.42.120.242/63926
*Mar 16 15:42:43.031: RADIUS: 18 23 556E737570706F7274656420417474726962757465
*Mar 16 15:42:43.031: RADIUS: 101 6 00000191

01-10/14:39:12 INFO [pool-8-thread-3] connections - [ 73737373; ip0203; 26558 ] Taking zone 512 from response on calculate sid=3
01-10/14:39:12 INFO [pool-8-thread-3] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1
01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection..
01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3
01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] Changed tariff zone from 512 to 256
01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1
01-10/14:40:08 INFO [Thread-39] connections - [ 73737373; ip0203; 26558 ] Change zone do: 10.01.2011 14:40:08
01-10/14:40:08 INFO [Thread-39] connections - [ 73737373; ip0203; 26558 ] Need CoA request
01-10/14:40:08 INFO [Thread-39] connections - [ 73737373; ip0203; 26558 ] Send CoA request with attribute sets: 7
01-10/14:40:08 INFO [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet tryCount=2 on 212.42.120.246:1800
Type=43
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.232
Acct-Session-Id=00000002
mpd-limit=out#3=all shape 256000 pass
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

01-10/14:40:08 ERROR [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet response 45
01-10/14:40:08 INFO [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet tryCount=1 on 212.42.120.246:1800
Type=43
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.232
Acct-Session-Id=00000002
mpd-limit=out#3=all shape 256000 pass
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

01-10/14:40:11 INFO [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet tryCount=0 on 212.42.120.246:1800
Type=43
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.232
Acct-Session-Id=00000002
mpd-limit=out#3=all shape 256000 pass
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

01-10/14:41:07 INFO [pool-8-thread-5] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection..
01-10/14:41:07 INFO [pool-8-thread-5] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3
01-10/14:41:07 INFO [pool-8-thread-5] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1
01-10/14:42:11 INFO [pool-8-thread-6] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection..
01-10/14:42:11 INFO [pool-8-thread-6] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3
01-10/14:42:11 INFO [pool-8-thread-6] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1
01-10/14:43:11 INFO [pool-8-thread-7] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection..
01-10/14:43:11 INFO [pool-8-thread-7] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3
01-10/14:43:11 INFO [pool-8-thread-7] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1
01-10/14:43:20 INFO [Thread-34] connections - [ 73737373; ip0203; 26558 ] Set connection to KILL
01-10/14:43:20 INFO [Thread-34] connections - [ 73737373; ip0203; 26558 ] Killing connection by user request
01-10/14:43:20 INFO [Thread-14] connections - [ 73737373; ip0203; 26558 ] sendKillRequest
01-10/14:43:20 INFO [Thread-14] connections - [ 73737373; ip0203; 26558 ] PoD reset packet on 212.42.120.246:1800
Type=40
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.232
Acct-Session-Id=00000002

01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] IP address unregistred from collector 212.42.120.232
01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection stoppingConnection
01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection has stop Packet => true
01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=3
01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection sessionTime => 379

version 5.0 build 298 from 09.12.2010 18:59:44
10.01.2011 15:07:50 2 0 2 0
Request accounts per minute start: 0; stop: 0; update: 0
Request auths per minute accept: 0; reject: 0
Netfow packets per minute: 0
Ignore per minute auth: 0; update: 0
Antispam ban count: 0; used per minute: 0
FlowListener: queue_size: 0; threads_active: 0; largest: 6; core: 1000; pool_size: 6; recv_socket_buf_size: 209 712; recv_buf_size: 4 194 304; packets: 6
Started: 10.01.2011 15:07:02 Uptime: 0 d 00:00:47
Memory total: 5 177 344; max: 266 403 840; free: 1 350 600
Trees in cache: 1
Connections pool to Master status Idle: 3; Active: 0; maxActive: 300; maxIdle: 20

Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

*Mar 16 15:42:43.031: RADIUS: Cisco AVpair [1] 223 "lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop"
*Mar 16 15:42:43.031: ++++++ CoA Attribute List ++++++
*Mar 16 15:42:43.031: 07271E9C 0 00000009 username(422) 6 ip0203
*Mar 16 15:42:43.031: 07271DC4 0 00000001 addr(8) 4 212.42.120.232
*Mar 16 15:42:43.031: 07271DD4 0 00000001 session-id(385) 4 2(2)
*Mar 16 15:42:43.031: 07271DE4 0 00000009 interface-config(205) 200 no rate-limit output access-group 2001 512000 96000 192000 conform-action transmi
*Mar 16 15:42:43.031:
*Mar 16 15:42:43.031: COA: Unsupported vendor or attribute for LI
*Mar 16 15:42:43.031: COA: Added Reply Message: Unsupported Attribute
*Mar 16 15:42:43.031: COA: Added NACK Error Cause: Unsupported Attribute
*Mar 16 15:42:43.031: COA: Sending NAK from port 1800 to 212.42.120.242/63926

cisco-avpair=lcp:interface-config#1=no rate-limit output 30720000 5760000 11520000 conform-action transmit exceed-action drop;cisco-avpair=lcp:interface-config#1=no rate-limit input 30720000 5760000 11520000 conform-action transmit exceed-action drop

BRAS#sh debug
General OS:
AAA POD packet processing debugging is on
AAA CoA packet processing debugging is on
AAA Subsystem debugs debugging is on
PPP:
PPP authentication debugging is on
PPP authorization debugging is on
PPPoE:
PPPoE protocol events debugging is on
PPPoE protocol errors debugging is on

Radius protocol debugging is on
Radius packet protocol debugging is on
BRAS#
BRAS#
*Mar 17 16:11:10.209: PPPoE 0: I PADI R:000c.2923.b362 L:ffff.ffff.ffff Gi0/3
*Mar 17 16:11:10.209: Service tag: NULL Tag
*Mar 17 16:11:10.209: PPPoE 0: O PADO, R:0009.b65e.1019 L:000c.2923.b362 Gi0/3
*Mar 17 16:11:10.209: Service tag: NULL Tag
*Mar 17 16:11:10.209: PPPoE 0: I PADR R:000c.2923.b362 L:0009.b65e.1019 Gi0/3
*Mar 17 16:11:10.209: Service tag: NULL Tag
*Mar 17 16:11:10.209: PPPoE : encap string prepared
*Mar 17 16:11:10.209: [4]PPPoE 4: Access IE handle allocated
*Mar 17 16:11:10.209: [4]PPPoE 4: AAA get retrieved attrs
*Mar 17 16:11:10.209: [4]PPPoE 4: AAA get nas port details
*Mar 17 16:11:10.209: RADIUS: [No of bits] slot : 0 port : 0 adapter : 0
vlanid : 0 vci : 0 vpi : 0 inner_vlan_id : 0
*Mar 17 16:11:10.209: [4]PPPoE 4: AAA get dynamic attrs
*Mar 17 16:11:10.209: [4]PPPoE 4: AAA unique ID allocated
*Mar 17 16:11:10.209: [4]PPPoE 4: AAA method list set
*Mar 17 16:11:10.209: [4]PPPoE 4: Service request sent to SSS
*Mar 17 16:11:10.213: [4]PPPoE 4: Created, Service: None R:0009.b65e.1019 L:000c.2923.b362 Gi0/3
*Mar 17 16:11:10.213: [4]PPPoE 4: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
*Mar 17 16:11:10.213: ppp4 PPP: Using AAA Unique Id = 1BA
*Mar 17 16:11:10.213: [4]PPPoE 4: data path set to PPP
*Mar 17 16:11:10.213: [4]PPPoE 4: Segment (SSS class): PROVISION
*Mar 17 16:11:10.213: [4]PPPoE 4: State PROVISION_PPP Event SSM PROVISIONED
*Mar 17 16:11:10.213: [4]PPPoE 4: O PADS R:000c.2923.b362 L:0009.b65e.1019 Gi0/3
*Mar 17 16:11:10.213: ppp4 PPP: Authorization required
*Mar 17 16:11:10.213: ppp4 PPP: Using vpn set call direction
*Mar 17 16:11:10.213: ppp4 PPP: Treating connection as a callin
*Mar 17 16:11:10.213: ppp4 PPP: Session handle[6000004] Session id[4]
*Mar 17 16:11:10.317: ppp4 CHAP: O CHALLENGE id 1 len 25 from "BRAS"
*Mar 17 16:11:10.325: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:10.325: ppp4 PPP: Sent CHAP LOGIN Request
*Mar 17 16:11:10.325: AAA SRV(000001BA): process authen req
*Mar 17 16:11:10.325: AAA SRV(000001BA): Authen method=SERVER_GROUP radius
*Mar 17 16:11:10.325: RADIUS/ENCODE(000001BA):Orig. component type = PPPoE
*Mar 17 16:11:10.325: RADIUS: Format E value 0x1B2 for character U with bitmask 0xFFFFFFFF
*Mar 17 16:11:10.325: RADIUS: Format E port 0x1B2 with bit 32 processed
*Mar 17 16:11:10.325: RADIUS(000001BA): Config NAS IP: 0.0.0.0
*Mar 17 16:11:10.325: RADIUS/ENCODE: No idb found! Framed IP Addr might not be included
*Mar 17 16:11:10.325: RADIUS/ENCODE(000001BA): acct_session_id: 434
*Mar 17 16:11:10.325: RADIUS(000001BA): sending
*Mar 17 16:11:10.325: RADIUS/ENCODE: Best Local IP-Address 212.42.120.246 for Radius-Server 212.42.120.242
*Mar 17 16:11:10.325: RADIUS(000001BA): Send Access-Request to 212.42.120.242:1812 id 1645/4, len 141
*Mar 17 16:11:10.325: RADIUS: authenticator AF 3C 19 07 0B 21 A8 EB - C9 B6 48 27 0F EE BA 9D
*Mar 17 16:11:10.325: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Mar 17 16:11:10.325: RADIUS: User-Name [1] 8 "ip0203"
*Mar 17 16:11:10.325: RADIUS: CHAP-Password [3] 19 *
*Mar 17 16:11:10.325: RADIUS: Calling-Station-Id [31] 14 "000c2923b362"
*Mar 17 16:11:10.325: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Mar 17 16:11:10.325: RADIUS: NAS-Port [5] 6 434
*Mar 17 16:11:10.325: RADIUS: NAS-Port-Id [87] 9 "0/0/3/0"
*Mar 17 16:11:10.325: RADIUS: Vendor, Cisco [26] 41
*Mar 17 16:11:10.325: RADIUS: Cisco AVpair [1] 35 "client-mac-address=000c.2923.b362"
*Mar 17 16:11:10.325: RADIUS: Service-Type [6] 6 Framed [2]
*Mar 17 16:11:10.325: RADIUS: NAS-IP-Address [4] 6 212.42.120.246
*Mar 17 16:11:10.325: RADIUS(000001BA): Started 5 sec timeout
*Mar 17 16:11:10.409: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute
*Mar 17 16:11:12.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:12.245: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:14.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:14.245: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:14.921: RADIUS(000001BA): Request timed out
*Mar 17 16:11:14.921: RADIUS: Retransmit to (212.42.120.242:1812,1813) for id 1645/4
*Mar 17 16:11:14.921: RADIUS(000001BA): Started 5 sec timeout
*Mar 17 16:11:14.985: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute
*Mar 17 16:11:16.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:16.249: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:18.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:18.249: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:19.561: RADIUS(000001BA): Request timed out
*Mar 17 16:11:19.561: RADIUS: Retransmit to (212.42.120.242:1812,1813) for id 1645/4
*Mar 17 16:11:19.561: RADIUS(000001BA): Started 5 sec timeout
*Mar 17 16:11:19.617: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute
*Mar 17 16:11:20.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:20.249: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:20.333: ppp4 AUTH: Timeout 1
*Mar 17 16:11:22.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:22.249: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:23.937: RADIUS(000001BA): Request timed out
*Mar 17 16:11:23.937: RADIUS: Retransmit to (212.42.120.242:1812,1813) for id 1645/4
*Mar 17 16:11:23.937: RADIUS(000001BA): Started 5 sec timeout
*Mar 17 16:11:24.085: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute
*Mar 17 16:11:24.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:24.245: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:26.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:26.245: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:28.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203"
*Mar 17 16:11:28.245: ppp4 CHAP: Ignoring Additional Response
*Mar 17 16:11:28.629: RADIUS(000001BA): Request timed out
*Mar 17 16:11:28.629: RADIUS: No response from (212.42.120.242:1812,1813) for id 1645/4
*Mar 17 16:11:28.629: RADIUS/DECODE: No response from radius-server; parse response; FAIL
*Mar 17 16:11:28.629: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL
*Mar 17 16:11:28.629: AAA SRV(000001BA): protocol reply FAIL for Authentication
*Mar 17 16:11:28.629: AAA SRV(000001BA): Authen method=NOT_SET - No methods left to try
*Mar 17 16:11:28.629: AAA SRV(000001BA): Return Authentication status=FAIL
*Mar 17 16:11:28.629: ppp4 PPP: Received LOGIN Response FAIL
*Mar 17 16:11:28.629: ppp4 PPP AUTHOR: Author Data Available
*Mar 17 16:11:28.629: ppp4 PPP: Receive Attrs from[authen] Keep[LCP] MERGE
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: clid-mac-addr 30 30 30 63 2E 32 39 32 33 2E 62 33 36 32
*Mar 17 16:11:28.629: ppp4 PPP: Keep Attr: Framed-Protocol 1 [PPP]
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: username "ip0203"
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: challenge <hidden>
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: id <hidden>
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: response <hidden>
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: formatted-clid "000c2923b362"
*Mar 17 16:11:28.629: ppp4 PPP: Receive Attrs from[authen] Keep[LCP] MERGE
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: clid-mac-addr 30 30 30 63 2E 32 39 32 33 2E 62 33 36 32
*Mar 17 16:11:28.629: ppp4 PPP: Keep Attr: Framed-Protocol 1 [PPP]
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: username "ip0203"
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: challenge <hidden>
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: id <hidden>
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: response <hidden>
*Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: formatted-clid "000c2923b362"
*Mar 17 16:11:28.629: ppp4 CHAP: O FAILURE id 1 len 25 msg is "Authentication failed"
*Mar 17 16:11:28.629: ppp4 PPP: Sending Acct Event[Down] id[1BA]
*Mar 17 16:11:28.629: [4]PPPoE 4: AAA get dynamic attrs
*Mar 17 16:11:28.629: [4]PPPoE 4: AAA get dynamic attrs
*Mar 17 16:11:28.641: ppp4 PPP: Clearing AAA Unique Id = 1BA
*Mar 17 16:11:28.641: [4]PPPoE 4: State LCP_NEGOTIATION Event PPP DISCONNECT
*Mar 17 16:11:28.641: [4]PPPoE 4: O PADT R:000c.2923.b362 L:0009.b65e.1019 Gi0/3
*Mar 17 16:11:28.641: [4]PPPoE 4: Destroying R:000c.2923.b362 L:0009.b65e.1019 Gi0/3
*Mar 17 16:11:28.641: [4]PPPoE 4: AAA get dynamic attrs
*Mar 17 16:11:28.641: [4]PPPoE 4: AAA get dynamic attrs
*Mar 17 16:11:28.641: [4]PPPoE 4: AAA account stopped
*Mar 17 16:11:28.641: PPPoE 4: I PADT R:000c.2923.b362 L:0009.b65e.1019 Gi0/3
*Mar 17 16:11:28.641: [4]PPPoE 4: Segment (SSS class): UNPROVISION
BRAS#

01-11/15:08:42 INFO [pool-7-thread-6] connections - [ 73737373; ip0203; 17947 ] DialUpNASConnection stoppingConnection
01-11/15:08:42 INFO [pool-7-thread-6] connections - [ 73737373; ip0203; 17947 ] DialUpNASConnection has stop Packet => false
01-11/15:08:47 INFO [pool-7-thread-7] connections - [ 73737373; ip0203; 22522 ] DialUpNASConnection stoppingConnection
01-11/15:08:47 INFO [pool-7-thread-7] connections - [ 73737373; ip0203; 22522 ] DialUpNASConnection has stop Packet => false
01-11/15:08:51 INFO [pool-7-thread-8] connections - [ 73737373; ip0203; 27168 ] DialUpNASConnection stoppingConnection
01-11/15:08:51 INFO [pool-7-thread-8] connections - [ 73737373; ip0203; 27168 ] DialUpNASConnection has stop Packet => false

01-11/15:08:37 INFO [pool-7-thread-5] radius - AUTH:
Type=AUTHENTICATION_REQUEST
Attributes:
User-Name=ip0203
NAS-Port-Id=0/0/3/0
CHAP-Password=ЇЋэ«цзлаnDж
NAS-IP-Address=212.42.120.246
NAS-Port=434
Service-Type=2
Framed-Protocol=1
NAS-Port-Type=5
Calling-Station-Id=000c2923b362
cisco-avpair=client-mac-address=000c.2923.b362

01-11/15:08:37 INFO [pool-7-thread-5] radius - RESPONSE:
Type=AUTHENTICATION_ACCEPT
Process time auth: 60 init_tariff: 9; set_ip: 1; common_auth: 51
Attributes:
Acct-Interim-Interval=60
Service-Type=2
Framed-Protocol=1
Framed-IP-Address=212.42.120.233
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop

Trace:
Login found.

01-11/15:08:42 INFO [pool-7-thread-6] radius - AUTH:
Type=AUTHENTICATION_REQUEST
Attributes:
User-Name=ip0203
NAS-Port-Id=0/0/3/0
CHAP-Password=ЇЋэ«цзлаnDж
NAS-IP-Address=212.42.120.246
NAS-Port=434
Service-Type=2
Framed-Protocol=1
NAS-Port-Type=5
Calling-Station-Id=000c2923b362
cisco-avpair=client-mac-address=000c.2923.b362

01-11/15:08:42 INFO [pool-7-thread-6] radius - RESPONSE:
Type=AUTHENTICATION_ACCEPT
Process time auth: 53 init_tariff: 10; set_ip: 1; common_auth: 44
Attributes:
Acct-Interim-Interval=60
Service-Type=2
Framed-Protocol=1
Framed-IP-Address=212.42.120.235
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop

Trace:
Login found.

01-11/15:08:42 ERROR [pool-7-thread-6] LoggingPrintStream - Stop without start!
01-11/15:08:47 INFO [pool-7-thread-7] radius - AUTH:
Type=AUTHENTICATION_REQUEST
Attributes:
User-Name=ip0203
NAS-Port-Id=0/0/3/0
CHAP-Password=ЇЋэ«цзлаnDж
NAS-IP-Address=212.42.120.246
NAS-Port=434
Service-Type=2
Framed-Protocol=1
NAS-Port-Type=5
Calling-Station-Id=000c2923b362
cisco-avpair=client-mac-address=000c.2923.b362

01-11/15:08:47 INFO [pool-7-thread-7] radius - RESPONSE:
Type=AUTHENTICATION_ACCEPT
Process time auth: 50 init_tariff: 10; set_ip: 1; common_auth: 41
Attributes:
Acct-Interim-Interval=60
Service-Type=2
Framed-Protocol=1
Framed-IP-Address=212.42.120.232
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop

Trace:
Login found.

01-11/15:08:47 ERROR [pool-7-thread-7] LoggingPrintStream - Stop without start!
01-11/15:08:51 INFO [pool-7-thread-8] radius - AUTH:
Type=AUTHENTICATION_REQUEST
Attributes:
User-Name=ip0203
NAS-Port-Id=0/0/3/0
CHAP-Password=ЇЋэ«цзлаnDж
NAS-IP-Address=212.42.120.246
NAS-Port=434
Service-Type=2
Framed-Protocol=1
NAS-Port-Type=5
Calling-Station-Id=000c2923b362
cisco-avpair=client-mac-address=000c.2923.b362

01-11/15:08:51 INFO [pool-7-thread-8] radius - RESPONSE:
Type=AUTHENTICATION_ACCEPT
Process time auth: 98 init_tariff: 9; set_ip: 1; common_auth: 85
Attributes:
Acct-Interim-Interval=60
Service-Type=2
Framed-Protocol=1
Framed-IP-Address=212.42.120.234
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop

Trace:
Login found.

01-11/15:08:51 ERROR [pool-7-thread-8] LoggingPrintStream - Stop without start!

BRAS#
*Mar 17 16:49:00.911: COA: 212.42.120.242 request queued
*Mar 17 16:49:00.911: RADIUS: authenticator 9C 5E DE F7 0A CB 9D 3E - 57 8F 99 87 85 79 CF 70
*Mar 17 16:49:00.911: RADIUS: User-Name [1] 8 "ip0203"
*Mar 17 16:49:00.911: RADIUS: Framed-IP-Address [8] 6 212.42.120.235
*Mar 17 16:49:00.911: RADIUS: Acct-Session-Id [44] 10 "00000004"
*Mar 17 16:49:00.911: RADIUS: Vendor, Unknown [26] 35
*Mar 17 16:49:00.915: RADIUS: Framed-Protocol [7] 29
*Mar 17 16:49:00.915: RADIUS: 6F 75 74 23 33 3D 61 6C 6C 20 73 68 61 70 65 20 [out#3=all shape ]
*Mar 17 16:49:00.915: RADIUS: 32 35 36 30 30 30 20 70 61 73 73 [ 256000 pass]
*Mar 17 16:49:00.915: RADIUS: Vendor, Cisco [26] 130
*Mar 17 16:49:00.915: RADIUS: Cisco AVpair [1] 124 "lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop"
*Mar 17 16:49:00.915: RADIUS: Vendor, Cisco [26] 128
*Mar 17 16:49:00.915: RADIUS: Cisco AVpair [1] 122 "lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop"
*Mar 17 16:49:00.915: RADIUS: Vendor, Cisco [26] 126
*Mar 17 16:49:00.915: RADIUS: Cisco AVpair [1] 120 "lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop"
*Mar 17 16:49:00.915: ++++++ CoA Attribute List ++++++
*Mar 17 16:49:00.915: 0720A29C 0 00000009 username(422) 6 ip0203
*Mar 17 16:49:00.915: 0720A0EC 0 00000001 addr(8) 4 212.42.120.235
*Mar 17 16:49:00.915: 0720A0FC 0 00000001 session-id(385) 4 4(4)
*Mar 17 16:49:00.915: 0720A10C 0 00000009 interface-config(205) 101 no rate-limit output access-group 2001 512000 96000 192000 conform-action transmi
*Mar 17 16:49:00.915: 0720A11C 0 00000009 interface-config(205) 99 no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit e
*Mar 17 16:49:00.915: 0720A12C 0 00000009 interface-config(205) 97 rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exc
*Mar 17 16:49:00.915:
*Mar 17 16:49:00.915: COA: Unsupported vendor or attribute for LI
*Mar 17 16:49:00.915: COA: Added Reply Message: Unsupported Attribute
*Mar 17 16:49:00.915: COA: Added NACK Error Cause: Unsupported Attribute
*Mar 17 16:49:00.915: COA: Sending NAK from port 1800 to 212.42.120.242/50230
*Mar 17 16:49:00.915: RADIUS: 18 23 556E737570706F7274656420417474726962757465
*Mar 17 16:49:00.915: RADIUS: 101 6 00000191!
BRAS#
BRAS#
BRAS#sh int virtual-access 3 rate
Virtual-Access3
Output
matches: access-group 2001
params: 512000 bps, 96000 limit, 192000 extended limit
conformed 8807 packets, 11382647 bytes; action: transmit
exceeded 1338 packets, 1693185 bytes; action: drop
last packet: 4ms ago, current burst: 107308 bytes
last cleared 00:02:59 ago, conformed 506548 bps, exceeded 75349 bps
BRAS#

01-11/15:45:26 INFO [pool-8-thread-9] connections - [ 73737373; ip0203; 64331 ] Taking zone 512 from response on calculate sid=3
01-11/15:45:26 INFO [pool-8-thread-9] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=1
01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection update connection..
01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] Taking zone 256 from response on calculate sid=3
01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] Changed tariff zone from 512 to 256
01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=1
01-11/15:46:24 INFO [Thread-40] connections - [ 73737373; ip0203; 64331 ] Change zone do: 11.01.2011 15:46:24
01-11/15:46:24 INFO [Thread-40] connections - [ 73737373; ip0203; 64331 ] Need CoA request
01-11/15:46:24 INFO [Thread-40] connections - [ 73737373; ip0203; 64331 ] Send CoA request with attribute sets: 7
01-11/15:46:24 INFO [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet tryCount=2 on 212.42.120.246:1800
Type=43
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.235
Acct-Session-Id=00000004
mpd-limit=out#3=all shape 256000 pass
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

01-11/15:46:24 ERROR [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet response 45
01-11/15:46:24 INFO [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet tryCount=1 on 212.42.120.246:1800
Type=43
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.235
Acct-Session-Id=00000004
mpd-limit=out#3=all shape 256000 pass
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

01-11/15:46:27 INFO [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet tryCount=0 on 212.42.120.246:1800
Type=43
Attributes:
User-Name=ip0203
Framed-IP-Address=212.42.120.235
Acct-Session-Id=00000004
mpd-limit=out#3=all shape 256000 pass
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop
cisco-avpair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

01-11/15:47:28 INFO [pool-8-thread-11] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection update connection..
01-11/15:47:28 INFO [pool-8-thread-11] connections - [ 73737373; ip0203; 64331 ] Taking zone 256 from response on calculate sid=3
01-11/15:47:28 INFO [pool-8-thread-11] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=1
01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] IP address unregistred from collector 212.42.120.235
01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection stoppingConnection
01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection has stop Packet => true
01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=3
01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection sessionTime => 212
01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] Taking zone 256 from response on calculate sid=3

03-31/09:11:55 INFO [radiusListener-p-4-t-5] connections - [ 92923; u92923; 84382 ] DialUpNASConnection update connection..
03-31/09:11:55 INFO [radiusListener-p-4-t-4] connections - [ 79871; u79871; 84481 ] DialUpNASConnection update connection..
03-31/09:11:55 INFO [radiusListener-p-4-t-6] connections - [ 90074; u90074; 84162 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-8] connections - [ vega-misha; misha; 83627 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-10] connections - [ 81730; u81730; 83537 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-7] connections - [ 09356; u09356; 83404 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-9] connections - [ 16640; u16640; 84630 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-11] connections - [ 52562; u52562; 84010 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-12] connections - [ 01905; u01905; 83991 ] DialUpNASConnection update connection..
03-31/09:11:56 INFO [radiusListener-p-4-t-13] connections - [ 01855; u01855; 83776 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-15] connections - [ 06776; u06776; 83365 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-14] connections - [ 99474; u99474; 84334 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-17] connections - [ 0001; bi_creativ; 83649 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-16] connections - [ 84748; u84748; 83642 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-18] connections - [ 07914; u07914; 84154 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-19] connections - [ 75104; u75104; 83635 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-21] connections - [ 55274; u55274; 83694 ] DialUpNASConnection update connection..
03-31/09:11:57 INFO [radiusListener-p-4-t-20] connections - [ 26079; u27421; 84446 ] DialUpNASConnection update connection..
03-31/09:11:58 INFO [radiusListener-p-4-t-22] connections - [ 38695; u38695; 84298 ] DialUpNASConnection update connection..
03-31/09:11:58 INFO [radiusListener-p-4-t-27] connections - [ 39263; u39263; 84469 ] DialUpNASConnection update connection..
03-31/09:11:58 INFO [radiusListener-p-4-t-24] connections - [ 70638; u70638; 83664 ] DialUpNASConnection update connection..
03-31/09:11:59 INFO [radiusListener-p-4-t-23] connections - [ 79111; u79111; 84185 ] DialUpNASConnection update connection..
03-31/09:11:59 INFO [radiusListener-p-4-t-25] connections - [ 56927; u56927; 84494 ] DialUpNASConnection update connection..
03-31/09:12:00 INFO [radiusListener-p-4-t-28] connections - [ 01292; u01292; 83875 ] DialUpNASConnection update connection..
03-31/09:12:00 INFO [radiusListener-p-4-t-29] connections - [ 98855; u98855; 83320 ] DialUpNASConnection update connection..

Автор:	optimous [ 07 ноя 2010, 20:45 ]
Заголовок сообщения:	PoD работает, COA - нет
Здравствуйте, коллеги. BG v.4.6 dialup build 255 Пытаюсь настроить PoD/CoA для смены параметров сессии (ТП типа день/ночь). Настройки для НАСа стандартны: Код: nas.port_time.default.=1 nas.port_traffic.default.=2:RADIN;3:RADOUT month.break=1 nas.inspector.sleep_time=60 nas.inspector.kill.max_messages=5 drop.sleep.timeout=3600 nas.inspector.class=bitel.billing.server.processor.PoDNASConnectionInspector nas.inspector.radius.port=3799 nas.inspector.radius.host=192.168.0.10 nas.inspector.radius.secret=**** nas.inspector.radius.attributes=Framed-IP-Address;Acct-Session-Id nas.inspector.coa.timeout=5 nas.inspector.coa.retries=2 nas.inspector.coa.threads=4 В качестве НАСа Cisco 7204vxr: Код: aaa new-model aaa session-mib disconnect ! aaa group server radius bgbill server-private 192.168.0.1 auth-port 1812 acct-port 1813 non-standard key ** ! aaa authentication login default local aaa authentication ppp default local group bgbill aaa authorization network default local group bgbill aaa accounting delay-start aaa accounting delay-start all aaa accounting jitter maximum 30 aaa accounting update periodic 3 aaa accounting network default action-type start-stop group bgbill ! ! aaa server radius dynamic-author client 192.168.0.1 server-key * port 3799 auth-type any ! aaa session-id common Ставлю в зоне разрыв соединения- все отрабатывает как надо(дебаг с циски): Код: 445130: Nov 7 16:37:22 MSK: ++++++ POD Attribute List ++++++ 445131: Nov 7 16:37:22 MSK: 0ABDBC30 0 00000009 username(367) 7 office4 445132: Nov 7 16:37:22 MSK: 0AC91548 0 00000001 addr(7) 4 172.16.16.4 445133: Nov 7 16:37:22 MSK: 0AC91558 0 00000009 string-session-id(339) 8 001A2247 445134: Nov 7 16:37:22 MSK: 445135: Nov 7 16:37:22 MSK: POD: Received Acct-Session-Id of 001A2247 445136: Nov 7 16:37:22 MSK: POD: Converted to internal Session-Id of 001A2247 445137: Nov 7 16:37:22 MSK: POD: 192.168.0.1 user office4 172.16.16.4 sessid 0x1A2247 key 0x0 445138: Nov 7 16:37:22 MSK: POD: Line User IDB Session Id Key 445139: Nov 7 16:37:22 MSK: POD: KILL Virtual- office4 172.16.16.4 0x1A2247 0x9C148A3A 445140: Nov 7 16:37:22 MSK: POD: Sending ACK from port 3799 to 192.168.0.1/59308 Если установлена отправка CoA , то: Код:** 445111: Nov 7 16:02:29 MSK: ++++++ CoA Attribute List ++++++ 445112: Nov 7 16:02:29 MSK: 0B40D7E8 0 00000009 username(367) 7 office4 445113: Nov 7 16:02:29 MSK: 0B9D10C8 0 00000001 addr(7) 4 172.16.16.4 445114: Nov 7 16:02:29 MSK: 0B9D10D8 0 00000009 string-session-id(339) 8 001A2247 445115: Nov 7 16:02:29 MSK: 0B9D10E8 0 00000009 interface-config(176) 85 rate-limit output 3384000 634500 1269000 conform-action transmit exceed-action d 445116: Nov 7 16:02:29 MSK: 0B9D10F8 0 00000009 interface-config(176) 23 ip unnumbered Loopback1 445117: Nov 7 16:02:29 MSK: 0B9D1108 0 00000009 interface-config(176) 84 rate-limit input 3384000 634500 1269000 conform-action transmit exceed-action dr 445118: Nov 7 16:02:29 MSK: 445119: Nov 7 16:02:29 MSK: COA: No matching entry found 445120: Nov 7 16:02:29 MSK: COA: Added Reply Message: No Matching Session 445121: Nov 7 16:02:29 MSK: COA: Added NACK Error Cause: Session Context Not Found 445122: Nov 7 16:02:29 MSK: COA: Sending NAK from port 3799 to 192.168.0.1/43232 445123: Nov 7 16:02:29 MSK: RADIUS: 18 21 4E6F204D61746368696E672053657373696F6E 445124: Nov 7 16:02:29 MSK: RADIUS: 101 6 000001F7 Версия ИОСа на циске c7200p-adventerprisek9-mz.124-24.T2 Не могу понять , почему для ПОДа находится подходящая сессия, а для ЦОА нет. Подозреваю, что все-таки виноват ИОС цискинский...но проверить пока нет возможности на другом, ну скажем из серии 12.2S- может быть он поддерживает ЦоА не так коряво.. Может кто-то сталкивался с похожей ситуацией и подскажете, куда все же копать?

Автор:	Администратор [ 09 ноя 2010, 12:26 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Посмотрите по connection.log какие атрибуты идут в PoD и CoA, Код: 445120: Nov 7 16:02:29 MSK: COA: Added Reply Message: No Matching Session Как будто не может найти сессию для пакета..

Автор:	optimous [ 10 ноя 2010, 12:03 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Да, именно не может найти подходящую сессию для пакета. Вот отправка PoD : Код: 11-10/08:00:49 INFO [Thread-8] connections - [ dialup-04; office4; 27937 ] sendKillRequest 11-10/08:00:49 INFO [Thread-8] connections - [ dialup-04; office4; 27937 ] PoD reset packet on 192.168.0.10:3799 Type=40 Attributes: User-Name=office4 Framed-IP-Address=172.16.16.4 Acct-Session-Id=001AAFFD А вот для CoA: Код: 11-10/09:02:01 INFO [Thread-40] connections - [ dialup-04; office4; 51042 ] Need CoA request 11-10/09:02:01 INFO [Thread-40] connections - [ dialup-04; office4; 51042 ] Send CoA request with attribute sets: 1,11,29,28 11-10/09:02:01 INFO [pool-1-thread-2] connections - [ dialup-04; office4; 51042 ] CoA packet tryCount=1 on 192.168.0.10:3799 Type=43 Attributes: User-Name=office4 Framed-IP-Address=172.16.16.4 Framed-Pool=my Acct-Session-Id=001AB7CF cisco-avpair=lcp:interface-config=ip unnumbered Loopback1 cisco-avpair=lcp:interface-config=rate-limit output 2256000 423000 846000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=rate-limit input 2256000 423000 846000 conform-action transmit exceed-action drop 11-10/09:02:01 INFO [pool-4-thread-24] connections - [ dialup-04; office4; 51042 ] DialUpNASConnection set STATUS=1 11-10/09:02:01 ERROR [pool-1-thread-2] connections - [ dialup-04; office4; 51042 ] CoA packet response 45 А интересно, что за attribute sets:1,11,29,28? Вроде как не совпадает с номерами аттрибутов в РФК, хотя сниф показывает в пакете те аттрибуты, которые и есть в connection.log

Автор:	Администратор [ 11 ноя 2010, 16:22 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Ну вроде отправляется всё корректно. На циске что-то смотреть нужно, выходит..

Автор:	corban [ 19 ноя 2010, 14:17 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Была такая же проблема на 7201. Удалось решить проблему изменением версии IOS. У нас заработало на версии enterprise-12.2-31-SB(18). Правда для того, чтобы применялась новая скорость, приходится сначала писать : Код: no rate-limit output ПРЕДЫДУЩАЯ СКОРОСТЬ conform-action transmit exceed-action drop а потом уже Код: rate-limit output НОВАЯ СКОРОСТЬ conform-action transmit exceed-action drop В принципе, в нашем варианте не сильно мешает, а вообще-то не удобно.

forum.bitel.ru http://forum.bitel.ru/

PoD работает, COA - нет http://forum.bitel.ru/viewtopic.php?f=5&t=4755	Страница 1 из 1

Автор:	optimous [ 20 ноя 2010, 03:26 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Ага, точно такая же проблема и у меня сейчас на 12.2-33 SRE1 . Поменял ИОС на эту версию и заметил то же, что на виртуальном интерфейсе старые параметры не удаляются, а дополняются новыми. Придется применять вариант, описанный вами, пока ищу решение без передачи параметров с "no".

Автор:	optimous [ 24 ноя 2010, 19:58 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Кому интересно, могу сказать, что заработало на версии ИОСа 12.2-33SRE1 в конфигурации : Цитата: no rate-limit input СТАРАЯ СКОРОСТЬ conform-action transmit exceed-action drop\nrate-limit input НОВАЯ СКОРОСТЬ conform-action transmit exceed-action drop Причем, именно в такой последовательности - сначала НО, а потом уже новая скорость. Если ставили наоборот - вусмерть не хотела работать.Причем на интерфейсе применялась, по команде Цитата: sh int virtual-access 1 rate видны были и применненные скорости, и лимиты, а в conformed - 0 пакетов...соответственно и скорость не резалась. Также не работало, когда аттрибут содержал не сдвоенную команду (через \n), а отдельную.

Автор:	ip0203 [ 10 янв 2011, 15:23 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Всем доброго времени суток! Апну тему - так как проблема топикпастера актуальна и для нас. Итак Cisco 7206VXR (NPE-G2) странно работает CoA на исосах типа c7200p-a3jk91s-mz.122-31.SB18.bin и c7200p-js-mz.122-31.SB18.bin фича работает как описано corban: attrset.11.title=speed 512 kbit/s in attrset.11.attributes=Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop без сдвоенной команды с no применяются сразу 2 райт лимита sh int virtual-access 3 rate Virtual-Access3 Output matches: access-group 2001 params: 512000 bps, 96000 limit, 192000 extended limit conformed 8816 packets, 11978578 bytes; action: transmit exceeded 2690 packets, 3673303 bytes; action: drop last packet: 0ms ago, current burst: 133168 bytes last cleared 00:03:20 ago, conformed 478702 bps, exceeded 146797 bps matches: access-group 2001 params: 256000 bps, 48000 limit, 96000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1184192ms ago, current burst: 0 bytes last cleared 00:01:24 ago, conformed 0 bps, exceeded 0 bps с no все нормально, но не работает вариант когда вариантов скорости на тарифе более 2х типа: Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop на исосах типа c7200p-adventerprisek9-mz.122-33.SRE1.bin и c7200p-adventerprisek9-mz.122-33.SRC6.bin не работает совсем вот дебаг CoA c циски Код: Mar 16 15:42:43.031: COA: 212.42.120.242 request queued Mar 16 15:42:43.031: RADIUS: authenticator 9A E3 43 27 D1 9B AB 16 - 69 45 C5 F6 67 A4 BF 4D Mar 16 15:42:43.031: RADIUS: User-Name [1] 8 "ip0203" Mar 16 15:42:43.031: RADIUS: Framed-IP-Address [8] 6 212.42.120.232 Mar 16 15:42:43.031: RADIUS: Acct-Session-Id [44] 10 "00000002" Mar 16 15:42:43.031: RADIUS: Vendor, Unknown [26] 35 Mar 16 15:42:43.031: RADIUS: Framed-Protocol [7] 29 Mar 16 15:42:43.031: RADIUS: 6F 75 74 23 33 3D 61 6C 6C 20 73 68 61 70 65 20 [out#3=all shape ] Mar 16 15:42:43.031: RADIUS: 32 35 36 30 30 30 20 70 61 73 73 [ 256000 pass] Mar 16 15:42:43.031: RADIUS: Vendor, Cisco [26] 229 Mar 16 15:42:43.031: RADIUS: Cisco AVpair [1] 223 "lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop" Mar 16 15:42:43.031: ++++++ CoA Attribute List ++++++ Mar 16 15:42:43.031: 07271E9C 0 00000009 username(422) 6 ip0203 Mar 16 15:42:43.031: 07271DC4 0 00000001 addr(8) 4 212.42.120.232 Mar 16 15:42:43.031: 07271DD4 0 00000001 session-id(385) 4 2(2) Mar 16 15:42:43.031: 07271DE4 0 00000009 interface-config(205) 200 no rate-limit output access-group 2001 512000 96000 192000 conform-action transmi Mar 16 15:42:43.031: Mar 16 15:42:43.031: COA: Unsupported vendor or attribute for LI Mar 16 15:42:43.031: COA: Added Reply Message: Unsupported Attribute Mar 16 15:42:43.031: COA: Added NACK Error Cause: Unsupported Attribute Mar 16 15:42:43.031: COA: Sending NAK from port 1800 to 212.42.120.242/63926 Mar 16 15:42:43.031: RADIUS: 18 23 556E737570706F7274656420417474726962757465 Mar 16 15:42:43.031: RADIUS: 101 6 00000191 вот лог радиуса Код: 01-10/14:39:12 INFO [pool-8-thread-3] connections - [ 73737373; ip0203; 26558 ] Taking zone 512 from response on calculate sid=3 01-10/14:39:12 INFO [pool-8-thread-3] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1 01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection.. 01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3 01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] Changed tariff zone from 512 to 256 01-10/14:40:08 INFO [pool-8-thread-4] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1 01-10/14:40:08 INFO [Thread-39] connections - [ 73737373; ip0203; 26558 ] Change zone do: 10.01.2011 14:40:08 01-10/14:40:08 INFO [Thread-39] connections - [ 73737373; ip0203; 26558 ] Need CoA request 01-10/14:40:08 INFO [Thread-39] connections - [ 73737373; ip0203; 26558 ] Send CoA request with attribute sets: 7 01-10/14:40:08 INFO [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet tryCount=2 on 212.42.120.246:1800 Type=43 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.232 Acct-Session-Id=00000002 mpd-limit=out#3=all shape 256000 pass cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop 01-10/14:40:08 ERROR [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet response 45 01-10/14:40:08 INFO [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet tryCount=1 on 212.42.120.246:1800 Type=43 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.232 Acct-Session-Id=00000002 mpd-limit=out#3=all shape 256000 pass cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop 01-10/14:40:11 INFO [pool-3-thread-1] connections - [ 73737373; ip0203; 26558 ] CoA packet tryCount=0 on 212.42.120.246:1800 Type=43 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.232 Acct-Session-Id=00000002 mpd-limit=out#3=all shape 256000 pass cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop 01-10/14:41:07 INFO [pool-8-thread-5] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection.. 01-10/14:41:07 INFO [pool-8-thread-5] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3 01-10/14:41:07 INFO [pool-8-thread-5] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1 01-10/14:42:11 INFO [pool-8-thread-6] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection.. 01-10/14:42:11 INFO [pool-8-thread-6] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3 01-10/14:42:11 INFO [pool-8-thread-6] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1 01-10/14:43:11 INFO [pool-8-thread-7] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection update connection.. 01-10/14:43:11 INFO [pool-8-thread-7] connections - [ 73737373; ip0203; 26558 ] Taking zone 256 from response on calculate sid=3 01-10/14:43:11 INFO [pool-8-thread-7] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=1 01-10/14:43:20 INFO [Thread-34] connections - [ 73737373; ip0203; 26558 ] Set connection to KILL 01-10/14:43:20 INFO [Thread-34] connections - [ 73737373; ip0203; 26558 ] Killing connection by user request 01-10/14:43:20 INFO [Thread-14] connections - [ 73737373; ip0203; 26558 ] sendKillRequest 01-10/14:43:20 INFO [Thread-14] connections - [ 73737373; ip0203; 26558 ] PoD reset packet on 212.42.120.246:1800 Type=40 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.232 Acct-Session-Id=00000002 01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] IP address unregistred from collector 212.42.120.232 01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection stoppingConnection 01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection has stop Packet => true 01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection set STATUS=3 01-10/14:43:25 INFO [pool-4-thread-1] connections - [ 73737373; ip0203; 26558 ] DialUpNASConnection sessionTime => 379 optimous уточните пожалуйста вашу версию иос полностью Кстати в версиях c7200p-a3jk91s-mz.122-31.SB18.bin и c7200p-js-mz.122-31.SB18.bin в фиче навигаторе только ISG:Policy Control: Policy Server: CoA ASCII Command Code Support в иосах c7200p-adventerprisek9-mz.122-33.SRE1.bin и c7200p-adventerprisek9-mz.122-33.SRC6.bin 2 фичи ISG:Policy Control: Policy Server: CoA (QoS, L4 redirect, User ACL, TimeOut) ISG:Policy Control: Policy Server: CoA ASCII Command Code Support Код: version 5.0 build 298 from 09.12.2010 18:59:44 10.01.2011 15:07:50 2 0 2 0 Request accounts per minute start: 0; stop: 0; update: 0 Request auths per minute accept: 0; reject: 0 Netfow packets per minute: 0 Ignore per minute auth: 0; update: 0 Antispam ban count: 0; used per minute: 0 FlowListener: queue_size: 0; threads_active: 0; largest: 6; core: 1000; pool_size: 6; recv_socket_buf_size: 209 712; recv_buf_size: 4 194 304; packets: 6 Started: 10.01.2011 15:07:02 Uptime: 0 d 00:00:47 Memory total: 5 177 344; max: 266 403 840; free: 1 350 600 Trees in cache: 1 Connections pool to Master status Idle: 3; Active: 0; maxActive: 300; maxIdle: 20 Буду рад любым советам по организации связки Cisco+pppoe+coa+rate-limit+больше 2х скоростей на тарифе

Автор:	corban [ 11 янв 2011, 12:09 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
ip0203 писал(а): Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop Попробуйте вместо многострочной AV-пары использовать несколько пар: Код: Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop

Автор:	ip0203 [ 11 янв 2011, 12:35 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
пробовал - результат тот же самый

Автор:	corban [ 11 янв 2011, 13:03 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Странно, у Вас NAK посылается даже в ответ на вариант с одним no rate-limit: Цитата: Код: Mar 16 15:42:43.031: RADIUS: Cisco AVpair [1] 223 "lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop" Mar 16 15:42:43.031: ++++++ CoA Attribute List ++++++ Mar 16 15:42:43.031: 07271E9C 0 00000009 username(422) 6 ip0203 Mar 16 15:42:43.031: 07271DC4 0 00000001 addr(8) 4 212.42.120.232 Mar 16 15:42:43.031: 07271DD4 0 00000001 session-id(385) 4 2(2) Mar 16 15:42:43.031: 07271DE4 0 00000009 interface-config(205) 200 no rate-limit output access-group 2001 512000 96000 192000 conform-action transmi Mar 16 15:42:43.031: Mar 16 15:42:43.031: COA: Unsupported vendor or attribute for LI Mar 16 15:42:43.031: COA: Added Reply Message: Unsupported Attribute Mar 16 15:42:43.031: COA: Added NACK Error Cause: Unsupported Attribute *Mar 16 15:42:43.031: COA: Sending NAK from port 1800 to 212.42.120.242/63926

Автор:	ip0203 [ 11 янв 2011, 13:54 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
это на иосах c7200p-adventerprisek9-mz.122-33.SRE1.bin и c7200p-adventerprisek9-mz.122-33.SRC6.bin с ISG:Policy Control: Policy Server: CoA (QoS, L4 redirect, User ACL, TimeOut) ISG:Policy Control: Policy Server: CoA ASCII Command Code Support на c7200p-a3jk91s-mz.122-31.SB18.bin и c7200p-js-mz.122-31.SB18.bin без ISG:Policy Control: Policy Server: CoA (QoS, L4 redirect, User ACL, TimeOut) ситуация другая - все норм с 1 no, с 2мя no(через \ или отдельными Cisco-AVPair) - не происходит даже подключения на всех типах иос - 619 ошибка, если интересно могу показать логи и дэбаг циски поэтому и просил optimous уточнить его версию иос - у него как я понял получилось завести с 1 no на SR* иосе, могет и с 2мя no его способ заработает

Автор:	corban [ 11 янв 2011, 14:39 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
Цитата: если интересно могу показать логи и дэбаг циски очень интересно кстати, у нас например используется два no rate-limit сразу, правда input и output: Код: cisco-avpair=lcp:interface-config#1=no rate-limit output 30720000 5760000 11520000 conform-action transmit exceed-action drop;cisco-avpair=lcp:interface-config#1=no rate-limit input 30720000 5760000 11520000 conform-action transmit exceed-action drop это работает на версии IOS c7200p-js-mz.122-31.SB18

Автор:	ip0203 [ 11 янв 2011, 14:48 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
у меня input и output - разные атрибуты, так исторически сложилось логи выложу чуть позже, через час - полтора

Страница 1 из 1	Часовой пояс: UTC + 5 часов [ Летнее время ]
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/

Автор:	ip0203 [ 11 янв 2011, 15:51 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
ситуация с атрибутом: attrset.11.attributes=Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop c7200p-adventerprisek9-mz.122-33.SRE1.bin иос 619 ошибка Код: BRAS#sh debug General OS: AAA POD packet processing debugging is on AAA CoA packet processing debugging is on AAA Subsystem debugs debugging is on PPP: PPP authentication debugging is on PPP authorization debugging is on PPPoE: PPPoE protocol events debugging is on PPPoE protocol errors debugging is on Radius protocol debugging is on Radius packet protocol debugging is on BRAS# BRAS# Mar 17 16:11:10.209: PPPoE 0: I PADI R:000c.2923.b362 L:ffff.ffff.ffff Gi0/3 Mar 17 16:11:10.209: Service tag: NULL Tag Mar 17 16:11:10.209: PPPoE 0: O PADO, R:0009.b65e.1019 L:000c.2923.b362 Gi0/3 Mar 17 16:11:10.209: Service tag: NULL Tag Mar 17 16:11:10.209: PPPoE 0: I PADR R:000c.2923.b362 L:0009.b65e.1019 Gi0/3 Mar 17 16:11:10.209: Service tag: NULL Tag Mar 17 16:11:10.209: PPPoE : encap string prepared Mar 17 16:11:10.209: [4]PPPoE 4: Access IE handle allocated Mar 17 16:11:10.209: [4]PPPoE 4: AAA get retrieved attrs Mar 17 16:11:10.209: [4]PPPoE 4: AAA get nas port details Mar 17 16:11:10.209: RADIUS: [No of bits] slot : 0 port : 0 adapter : 0 vlanid : 0 vci : 0 vpi : 0 inner_vlan_id : 0 Mar 17 16:11:10.209: [4]PPPoE 4: AAA get dynamic attrs Mar 17 16:11:10.209: [4]PPPoE 4: AAA unique ID allocated Mar 17 16:11:10.209: [4]PPPoE 4: AAA method list set Mar 17 16:11:10.209: [4]PPPoE 4: Service request sent to SSS Mar 17 16:11:10.213: [4]PPPoE 4: Created, Service: None R:0009.b65e.1019 L:000c.2923.b362 Gi0/3 Mar 17 16:11:10.213: [4]PPPoE 4: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS Mar 17 16:11:10.213: ppp4 PPP: Using AAA Unique Id = 1BA Mar 17 16:11:10.213: [4]PPPoE 4: data path set to PPP Mar 17 16:11:10.213: [4]PPPoE 4: Segment (SSS class): PROVISION Mar 17 16:11:10.213: [4]PPPoE 4: State PROVISION_PPP Event SSM PROVISIONED Mar 17 16:11:10.213: [4]PPPoE 4: O PADS R:000c.2923.b362 L:0009.b65e.1019 Gi0/3 Mar 17 16:11:10.213: ppp4 PPP: Authorization required Mar 17 16:11:10.213: ppp4 PPP: Using vpn set call direction Mar 17 16:11:10.213: ppp4 PPP: Treating connection as a callin Mar 17 16:11:10.213: ppp4 PPP: Session handle[6000004] Session id[4] Mar 17 16:11:10.317: ppp4 CHAP: O CHALLENGE id 1 len 25 from "BRAS" Mar 17 16:11:10.325: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:10.325: ppp4 PPP: Sent CHAP LOGIN Request Mar 17 16:11:10.325: AAA SRV(000001BA): process authen req Mar 17 16:11:10.325: AAA SRV(000001BA): Authen method=SERVER_GROUP radius Mar 17 16:11:10.325: RADIUS/ENCODE(000001BA):Orig. component type = PPPoE Mar 17 16:11:10.325: RADIUS: Format E value 0x1B2 for character U with bitmask 0xFFFFFFFF Mar 17 16:11:10.325: RADIUS: Format E port 0x1B2 with bit 32 processed Mar 17 16:11:10.325: RADIUS(000001BA): Config NAS IP: 0.0.0.0 Mar 17 16:11:10.325: RADIUS/ENCODE: No idb found! Framed IP Addr might not be included Mar 17 16:11:10.325: RADIUS/ENCODE(000001BA): acct_session_id: 434 Mar 17 16:11:10.325: RADIUS(000001BA): sending Mar 17 16:11:10.325: RADIUS/ENCODE: Best Local IP-Address 212.42.120.246 for Radius-Server 212.42.120.242 Mar 17 16:11:10.325: RADIUS(000001BA): Send Access-Request to 212.42.120.242:1812 id 1645/4, len 141 Mar 17 16:11:10.325: RADIUS: authenticator AF 3C 19 07 0B 21 A8 EB - C9 B6 48 27 0F EE BA 9D Mar 17 16:11:10.325: RADIUS: Framed-Protocol [7] 6 PPP [1] Mar 17 16:11:10.325: RADIUS: User-Name [1] 8 "ip0203" Mar 17 16:11:10.325: RADIUS: CHAP-Password [3] 19 * Mar 17 16:11:10.325: RADIUS: Calling-Station-Id [31] 14 "000c2923b362" Mar 17 16:11:10.325: RADIUS: NAS-Port-Type [61] 6 Virtual [5] Mar 17 16:11:10.325: RADIUS: NAS-Port [5] 6 434 Mar 17 16:11:10.325: RADIUS: NAS-Port-Id [87] 9 "0/0/3/0" Mar 17 16:11:10.325: RADIUS: Vendor, Cisco [26] 41 Mar 17 16:11:10.325: RADIUS: Cisco AVpair [1] 35 "client-mac-address=000c.2923.b362" Mar 17 16:11:10.325: RADIUS: Service-Type [6] 6 Framed [2] Mar 17 16:11:10.325: RADIUS: NAS-IP-Address [4] 6 212.42.120.246 Mar 17 16:11:10.325: RADIUS(000001BA): Started 5 sec timeout Mar 17 16:11:10.409: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute Mar 17 16:11:12.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:12.245: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:14.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:14.245: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:14.921: RADIUS(000001BA): Request timed out Mar 17 16:11:14.921: RADIUS: Retransmit to (212.42.120.242:1812,1813) for id 1645/4 Mar 17 16:11:14.921: RADIUS(000001BA): Started 5 sec timeout Mar 17 16:11:14.985: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute Mar 17 16:11:16.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:16.249: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:18.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:18.249: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:19.561: RADIUS(000001BA): Request timed out Mar 17 16:11:19.561: RADIUS: Retransmit to (212.42.120.242:1812,1813) for id 1645/4 Mar 17 16:11:19.561: RADIUS(000001BA): Started 5 sec timeout Mar 17 16:11:19.617: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute Mar 17 16:11:20.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:20.249: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:20.333: ppp4 AUTH: Timeout 1 Mar 17 16:11:22.249: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:22.249: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:23.937: RADIUS(000001BA): Request timed out Mar 17 16:11:23.937: RADIUS: Retransmit to (212.42.120.242:1812,1813) for id 1645/4 Mar 17 16:11:23.937: RADIUS(000001BA): Started 5 sec timeout Mar 17 16:11:24.085: RADIUS: Received from 212.42.120.242 - un-sane packet, invalid attribute Mar 17 16:11:24.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:24.245: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:26.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:26.245: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:28.245: ppp4 CHAP: I RESPONSE id 1 len 27 from "ip0203" Mar 17 16:11:28.245: ppp4 CHAP: Ignoring Additional Response Mar 17 16:11:28.629: RADIUS(000001BA): Request timed out Mar 17 16:11:28.629: RADIUS: No response from (212.42.120.242:1812,1813) for id 1645/4 Mar 17 16:11:28.629: RADIUS/DECODE: No response from radius-server; parse response; FAIL Mar 17 16:11:28.629: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL Mar 17 16:11:28.629: AAA SRV(000001BA): protocol reply FAIL for Authentication Mar 17 16:11:28.629: AAA SRV(000001BA): Authen method=NOT_SET - No methods left to try Mar 17 16:11:28.629: AAA SRV(000001BA): Return Authentication status=FAIL Mar 17 16:11:28.629: ppp4 PPP: Received LOGIN Response FAIL Mar 17 16:11:28.629: ppp4 PPP AUTHOR: Author Data Available Mar 17 16:11:28.629: ppp4 PPP: Receive Attrs from[authen] Keep[LCP] MERGE Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: clid-mac-addr 30 30 30 63 2E 32 39 32 33 2E 62 33 36 32 Mar 17 16:11:28.629: ppp4 PPP: Keep Attr: Framed-Protocol 1 [PPP] Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: username "ip0203" Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: challenge <hidden> Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: id <hidden> Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: response <hidden> Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: formatted-clid "000c2923b362" Mar 17 16:11:28.629: ppp4 PPP: Receive Attrs from[authen] Keep[LCP] MERGE Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: clid-mac-addr 30 30 30 63 2E 32 39 32 33 2E 62 33 36 32 Mar 17 16:11:28.629: ppp4 PPP: Keep Attr: Framed-Protocol 1 [PPP] Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: username "ip0203" Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: challenge <hidden> Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: id <hidden> Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: response <hidden> Mar 17 16:11:28.629: ppp4 PPP: Skip Attr: formatted-clid "000c2923b362" Mar 17 16:11:28.629: ppp4 CHAP: O FAILURE id 1 len 25 msg is "Authentication failed" Mar 17 16:11:28.629: ppp4 PPP: Sending Acct Event[Down] id[1BA] Mar 17 16:11:28.629: [4]PPPoE 4: AAA get dynamic attrs Mar 17 16:11:28.629: [4]PPPoE 4: AAA get dynamic attrs Mar 17 16:11:28.641: ppp4 PPP: Clearing AAA Unique Id = 1BA Mar 17 16:11:28.641: [4]PPPoE 4: State LCP_NEGOTIATION Event PPP DISCONNECT Mar 17 16:11:28.641: [4]PPPoE 4: O PADT R:000c.2923.b362 L:0009.b65e.1019 Gi0/3 Mar 17 16:11:28.641: [4]PPPoE 4: Destroying R:000c.2923.b362 L:0009.b65e.1019 Gi0/3 Mar 17 16:11:28.641: [4]PPPoE 4: AAA get dynamic attrs Mar 17 16:11:28.641: [4]PPPoE 4: AAA get dynamic attrs Mar 17 16:11:28.641: [4]PPPoE 4: AAA account stopped Mar 17 16:11:28.641: PPPoE 4: I PADT R:000c.2923.b362 L:0009.b65e.1019 Gi0/3 Mar 17 16:11:28.641: [4]PPPoE 4: Segment (SSS class): UNPROVISION BRAS# tail -f /usr/local/BGRadiusDialup/log/connection.log Код:* 01-11/15:08:42 INFO [pool-7-thread-6] connections - [ 73737373; ip0203; 17947 ] DialUpNASConnection stoppingConnection 01-11/15:08:42 INFO [pool-7-thread-6] connections - [ 73737373; ip0203; 17947 ] DialUpNASConnection has stop Packet => false 01-11/15:08:47 INFO [pool-7-thread-7] connections - [ 73737373; ip0203; 22522 ] DialUpNASConnection stoppingConnection 01-11/15:08:47 INFO [pool-7-thread-7] connections - [ 73737373; ip0203; 22522 ] DialUpNASConnection has stop Packet => false 01-11/15:08:51 INFO [pool-7-thread-8] connections - [ 73737373; ip0203; 27168 ] DialUpNASConnection stoppingConnection 01-11/15:08:51 INFO [pool-7-thread-8] connections - [ 73737373; ip0203; 27168 ] DialUpNASConnection has stop Packet => false tail -f /usr/local/BGRadiusDialup/log/radius.log Код: 01-11/15:08:37 INFO [pool-7-thread-5] radius - AUTH: Type=AUTHENTICATION_REQUEST Attributes: User-Name=ip0203 NAS-Port-Id=0/0/3/0 CHAP-Password=ЇЋэ«цзлаnDж NAS-IP-Address=212.42.120.246 NAS-Port=434 Service-Type=2 Framed-Protocol=1 NAS-Port-Type=5 Calling-Station-Id=000c2923b362 cisco-avpair=client-mac-address=000c.2923.b362 01-11/15:08:37 INFO [pool-7-thread-5] radius - RESPONSE: Type=AUTHENTICATION_ACCEPT Process time auth: 60 init_tariff: 9; set_ip: 1; common_auth: 51 Attributes: Acct-Interim-Interval=60 Service-Type=2 Framed-Protocol=1 Framed-IP-Address=212.42.120.233 cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop Trace: Login found. 01-11/15:08:42 INFO [pool-7-thread-6] radius - AUTH: Type=AUTHENTICATION_REQUEST Attributes: User-Name=ip0203 NAS-Port-Id=0/0/3/0 CHAP-Password=ЇЋэ«цзлаnDж NAS-IP-Address=212.42.120.246 NAS-Port=434 Service-Type=2 Framed-Protocol=1 NAS-Port-Type=5 Calling-Station-Id=000c2923b362 cisco-avpair=client-mac-address=000c.2923.b362 01-11/15:08:42 INFO [pool-7-thread-6] radius - RESPONSE: Type=AUTHENTICATION_ACCEPT Process time auth: 53 init_tariff: 10; set_ip: 1; common_auth: 44 Attributes: Acct-Interim-Interval=60 Service-Type=2 Framed-Protocol=1 Framed-IP-Address=212.42.120.235 cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop Trace: Login found. 01-11/15:08:42 ERROR [pool-7-thread-6] LoggingPrintStream - Stop without start! 01-11/15:08:47 INFO [pool-7-thread-7] radius - AUTH: Type=AUTHENTICATION_REQUEST Attributes: User-Name=ip0203 NAS-Port-Id=0/0/3/0 CHAP-Password=ЇЋэ«цзлаnDж NAS-IP-Address=212.42.120.246 NAS-Port=434 Service-Type=2 Framed-Protocol=1 NAS-Port-Type=5 Calling-Station-Id=000c2923b362 cisco-avpair=client-mac-address=000c.2923.b362 01-11/15:08:47 INFO [pool-7-thread-7] radius - RESPONSE: Type=AUTHENTICATION_ACCEPT Process time auth: 50 init_tariff: 10; set_ip: 1; common_auth: 41 Attributes: Acct-Interim-Interval=60 Service-Type=2 Framed-Protocol=1 Framed-IP-Address=212.42.120.232 cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop Trace: Login found. 01-11/15:08:47 ERROR [pool-7-thread-7] LoggingPrintStream - Stop without start! 01-11/15:08:51 INFO [pool-7-thread-8] radius - AUTH: Type=AUTHENTICATION_REQUEST Attributes: User-Name=ip0203 NAS-Port-Id=0/0/3/0 CHAP-Password=ЇЋэ«цзлаnDж NAS-IP-Address=212.42.120.246 NAS-Port=434 Service-Type=2 Framed-Protocol=1 NAS-Port-Type=5 Calling-Station-Id=000c2923b362 cisco-avpair=client-mac-address=000c.2923.b362 01-11/15:08:51 INFO [pool-7-thread-8] radius - RESPONSE: Type=AUTHENTICATION_ACCEPT Process time auth: 98 init_tariff: 9; set_ip: 1; common_auth: 85 Attributes: Acct-Interim-Interval=60 Service-Type=2 Framed-Protocol=1 Framed-IP-Address=212.42.120.234 cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop\nno rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop\nrate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop Trace: Login found. 01-11/15:08:51 ERROR [pool-7-thread-8] LoggingPrintStream - Stop without start!

Автор:	ip0203 [ 11 янв 2011, 16:01 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
ситуация с атрибутом: attrset.11.attributes=mpd-limit=out#3=all shape 512000 pass;Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop иос тот же - c7200p-adventerprisek9-mz.122-33.SRE1.bin интереснее, подключение происходит - не знаю даж вроде и раньше так пробовал - была 619, мистика . Спасибо за интерес corban! Но дальше при СоА имеем следующее Код: BRAS# Mar 17 16:49:00.911: COA: 212.42.120.242 request queued Mar 17 16:49:00.911: RADIUS: authenticator 9C 5E DE F7 0A CB 9D 3E - 57 8F 99 87 85 79 CF 70 Mar 17 16:49:00.911: RADIUS: User-Name [1] 8 "ip0203" Mar 17 16:49:00.911: RADIUS: Framed-IP-Address [8] 6 212.42.120.235 Mar 17 16:49:00.911: RADIUS: Acct-Session-Id [44] 10 "00000004" Mar 17 16:49:00.911: RADIUS: Vendor, Unknown [26] 35 Mar 17 16:49:00.915: RADIUS: Framed-Protocol [7] 29 Mar 17 16:49:00.915: RADIUS: 6F 75 74 23 33 3D 61 6C 6C 20 73 68 61 70 65 20 [out#3=all shape ] Mar 17 16:49:00.915: RADIUS: 32 35 36 30 30 30 20 70 61 73 73 [ 256000 pass] Mar 17 16:49:00.915: RADIUS: Vendor, Cisco [26] 130 Mar 17 16:49:00.915: RADIUS: Cisco AVpair [1] 124 "lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop" Mar 17 16:49:00.915: RADIUS: Vendor, Cisco [26] 128 Mar 17 16:49:00.915: RADIUS: Cisco AVpair [1] 122 "lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop" Mar 17 16:49:00.915: RADIUS: Vendor, Cisco [26] 126 Mar 17 16:49:00.915: RADIUS: Cisco AVpair [1] 120 "lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop" Mar 17 16:49:00.915: ++++++ CoA Attribute List ++++++ Mar 17 16:49:00.915: 0720A29C 0 00000009 username(422) 6 ip0203 Mar 17 16:49:00.915: 0720A0EC 0 00000001 addr(8) 4 212.42.120.235 Mar 17 16:49:00.915: 0720A0FC 0 00000001 session-id(385) 4 4(4) Mar 17 16:49:00.915: 0720A10C 0 00000009 interface-config(205) 101 no rate-limit output access-group 2001 512000 96000 192000 conform-action transmi Mar 17 16:49:00.915: 0720A11C 0 00000009 interface-config(205) 99 no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit e Mar 17 16:49:00.915: 0720A12C 0 00000009 interface-config(205) 97 rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exc Mar 17 16:49:00.915: Mar 17 16:49:00.915: COA: Unsupported vendor or attribute for LI Mar 17 16:49:00.915: COA: Added Reply Message: Unsupported Attribute Mar 17 16:49:00.915: COA: Added NACK Error Cause: Unsupported Attribute Mar 17 16:49:00.915: COA: Sending NAK from port 1800 to 212.42.120.242/50230 Mar 17 16:49:00.915: RADIUS: 18 23 556E737570706F7274656420417474726962757465 Mar 17 16:49:00.915: RADIUS: 101 6 00000191! BRAS# BRAS# BRAS#sh int virtual-access 3 rate Virtual-Access3 Output matches: access-group 2001 params: 512000 bps, 96000 limit, 192000 extended limit conformed 8807 packets, 11382647 bytes; action: transmit exceeded 1338 packets, 1693185 bytes; action: drop last packet: 4ms ago, current burst: 107308 bytes last cleared 00:02:59 ago, conformed 506548 bps, exceeded 75349 bps BRAS# tail -f /usr/local/BGRadiusDialup/log/connection.log Код:* 01-11/15:45:26 INFO [pool-8-thread-9] connections - [ 73737373; ip0203; 64331 ] Taking zone 512 from response on calculate sid=3 01-11/15:45:26 INFO [pool-8-thread-9] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=1 01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection update connection.. 01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] Taking zone 256 from response on calculate sid=3 01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] Changed tariff zone from 512 to 256 01-11/15:46:24 INFO [pool-8-thread-10] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=1 01-11/15:46:24 INFO [Thread-40] connections - [ 73737373; ip0203; 64331 ] Change zone do: 11.01.2011 15:46:24 01-11/15:46:24 INFO [Thread-40] connections - [ 73737373; ip0203; 64331 ] Need CoA request 01-11/15:46:24 INFO [Thread-40] connections - [ 73737373; ip0203; 64331 ] Send CoA request with attribute sets: 7 01-11/15:46:24 INFO [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet tryCount=2 on 212.42.120.246:1800 Type=43 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.235 Acct-Session-Id=00000004 mpd-limit=out#3=all shape 256000 pass cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop 01-11/15:46:24 ERROR [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet response 45 01-11/15:46:24 INFO [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet tryCount=1 on 212.42.120.246:1800 Type=43 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.235 Acct-Session-Id=00000004 mpd-limit=out#3=all shape 256000 pass cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop 01-11/15:46:27 INFO [pool-3-thread-2] connections - [ 73737373; ip0203; 64331 ] CoA packet tryCount=0 on 212.42.120.246:1800 Type=43 Attributes: User-Name=ip0203 Framed-IP-Address=212.42.120.235 Acct-Session-Id=00000004 mpd-limit=out#3=all shape 256000 pass cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop cisco-avpair=lcp:interface-config=rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop 01-11/15:47:28 INFO [pool-8-thread-11] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection update connection.. 01-11/15:47:28 INFO [pool-8-thread-11] connections - [ 73737373; ip0203; 64331 ] Taking zone 256 from response on calculate sid=3 01-11/15:47:28 INFO [pool-8-thread-11] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=1 01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] IP address unregistred from collector 212.42.120.235 01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection stoppingConnection 01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection has stop Packet => true 01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection set STATUS=3 01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] DialUpNASConnection sessionTime => 212 01-11/15:47:57 INFO [pool-4-thread-2] connections - [ 73737373; ip0203; 64331 ] Taking zone 256 from response on calculate sid=3

Автор:	braek-neck [ 24 янв 2011, 15:25 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
народ в разделе вроде активизировался после новогодних празников, апнем тему - решение все еще не найдено ((

Автор:	Kostiksnz [ 31 мар 2011, 09:12 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
мистическим образом пропали CoA пакеты позавчера все работало вчера не стало в connection.log Код: 03-31/09:11:55 INFO [radiusListener-p-4-t-5] connections - [ 92923; u92923; 84382 ] DialUpNASConnection update connection.. 03-31/09:11:55 INFO [radiusListener-p-4-t-4] connections - [ 79871; u79871; 84481 ] DialUpNASConnection update connection.. 03-31/09:11:55 INFO [radiusListener-p-4-t-6] connections - [ 90074; u90074; 84162 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-8] connections - [ vega-misha; misha; 83627 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-10] connections - [ 81730; u81730; 83537 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-7] connections - [ 09356; u09356; 83404 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-9] connections - [ 16640; u16640; 84630 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-11] connections - [ 52562; u52562; 84010 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-12] connections - [ 01905; u01905; 83991 ] DialUpNASConnection update connection.. 03-31/09:11:56 INFO [radiusListener-p-4-t-13] connections - [ 01855; u01855; 83776 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-15] connections - [ 06776; u06776; 83365 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-14] connections - [ 99474; u99474; 84334 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-17] connections - [ 0001; bi_creativ; 83649 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-16] connections - [ 84748; u84748; 83642 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-18] connections - [ 07914; u07914; 84154 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-19] connections - [ 75104; u75104; 83635 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-21] connections - [ 55274; u55274; 83694 ] DialUpNASConnection update connection.. 03-31/09:11:57 INFO [radiusListener-p-4-t-20] connections - [ 26079; u27421; 84446 ] DialUpNASConnection update connection.. 03-31/09:11:58 INFO [radiusListener-p-4-t-22] connections - [ 38695; u38695; 84298 ] DialUpNASConnection update connection.. 03-31/09:11:58 INFO [radiusListener-p-4-t-27] connections - [ 39263; u39263; 84469 ] DialUpNASConnection update connection.. 03-31/09:11:58 INFO [radiusListener-p-4-t-24] connections - [ 70638; u70638; 83664 ] DialUpNASConnection update connection.. 03-31/09:11:59 INFO [radiusListener-p-4-t-23] connections - [ 79111; u79111; 84185 ] DialUpNASConnection update connection.. 03-31/09:11:59 INFO [radiusListener-p-4-t-25] connections - [ 56927; u56927; 84494 ] DialUpNASConnection update connection.. 03-31/09:12:00 INFO [radiusListener-p-4-t-28] connections - [ 01292; u01292; 83875 ] DialUpNASConnection update connection.. 03-31/09:12:00 INFO [radiusListener-p-4-t-29] connections - [ 98855; u98855; 83320 ] DialUpNASConnection update connection.. ранее же после каждого апдейт бы ла строчка с зоной Taking zone День from response on calculate... в момент времени когда должна была быть смена атрибутов - в логах тишина биллинг даже не попробовал CoA послать в этот день в конфигурации менялось только nas.inspector.radius.attributes=User-Name;Framed-IP-Address;Acct-Session-Id отсюда убирал User-Name

Автор:	snark [ 03 апр 2011, 16:29 ]
Заголовок сообщения:	Re: PoD работает, COA - нет
ip0203 писал(а): attrset.11.attributes=mpd-limit=out#3=all shape 512000 pass;Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 256000 48000 96000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=no rate-limit output access-group 2001 64000 12000 24000 conform-action transmit exceed-action drop;Cisco-AVPair=lcp:interface-config=rate-limit output access-group 2001 512000 96000 192000 conform-action transmit exceed-action drop access-group в GTS через RADIUS раз уж надо указать ACL, то используйте для этого policy/class-map (пример для БГБ) - думаю все проблемы с изменением скорости после этого отпадут