[Chilli] Period "Reauthorisation"
Royce Ausburn
royce.ml at inomial.com
Tue Jun 14 03:47:06 UTC 2011
Hi Tim,
Turning on acctupdate will have Chilli send accounting updates periodically to your FreeRADIUS server. Enabling CoA on the Chilli end will have Chilli listen on a port for CoA and Disconnect Messages. Your FreeRADIUS server may at any time decide to issue a CoA packet to Chilli, updating the session with new attributes.
So you'd stop using Chilli to manage the session limits and instead use accounting updates to keep your FreeRADIUS server up to date on how much data has been used. Your FreeRADIUS server may then calculate whether their over their limit and use CoA or a Disconnect Message to take action. If you can get this working with FreeRADIUS you'll have quite a bit of flexibility when your next difficult requirement comes up ;)
I have very little experience with FreeRADIUS - I'm not sure how you'd do it. My company has its own RADIUS server so this sort of thing is quite easy for us... Hopefully it's easy with FreeRADIUS ;)
Does that help?
--Royce
Chief Engineer @ Inomial
03 9663 3554
0417 954 640
On 14/06/2011, at 12:03 PM, Tim White wrote:
> Thanks Royce. I wasn't aware of CoA.
> If I understand this correctly, with accounting updates chilli sends a CoA packet (if coaport is defined). However, some googleing also shows acctupdate. I'm using FreeRadius, and some of the documentation in the old Coova Wiki seems to be gone.
> Any idea which is the better one to do? CoA or acctupdate? Do they both work for updating the remaining data/time or is CoA just for disconnects?
> Normally I can find most things with Google, however this topic is eluding me. Having the right search terms is helping now, but there seems to be a lack of documentation.
>
> Thanks
>
> Tim
>
> On 14/06/11 11:09, Royce Ausburn wrote:
>> You could look at doing this from your RADIUS server's end rather than from within chilli. Using accounting updates chilli already sends and initiating a RADIUS CoA when you need to kick/wall garden.
>>
>> HTH
>>
>> --Royce
>>
>> On 14/06/2011, at 10:43 AM, Tim White wrote:
>>
>>> I'm wondering if there has been any discussion about implementing period reauthorisation in Coova Chilli?
>>> Basically, I'm hoping to implement "recurring limits" using sqlcounter. However, this becomes more difficult with sessions that go over the time period used for recurrance.
>>>
>>> For example, data limits. If you have an hourly data limit of 50Mb, the only attribute you can use to tell Coova this is the ChilliSpot-Max-Total-Octets. Ideally what we need is for Chilli to periodically reauthorise the sessions so that new attributes can be sent back.
>>>
>>> My guess is that this could cause lots of problems with leaky_bucket and other counters, so I was thinking that it's probably best implemented by ending the current session, and starting a new session, all transparently to the user.
>>> From my understanding of RADIUS, it would need a whole new authentication, which would require saving the users password. And, if the user uses CHAP (which I believe comes from RADIUS and not CoovaChilli) then we are dead in the water.
>>>
>>> Can someone with a better understanding of RADIUS and CoovaChilli let me know if this is possible in the world of RADIUS, or totally impossible?
>>>
>>> I think I'm beginning to understand why ISP's generally use a monthly limit! :-P
>>>
>>> Tim
>>> _______________________________________________
>>> Chilli mailing list
>>> Chilli at coova.org
>>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
More information about the Chilli
mailing list