how-to_‎ > ‎

FreeRADIUS Acct-Unique-Session-Id fix

posted Nov 22, 2012, 1:14 AM by Daniele Albrizio   [ updated Nov 22, 2012, 1:15 AM ] 
Some WLCs (wireless lan controllers) use the same session ID tracking for a session across
multiple access points (NAS-Port). 
Freeradius by default builds his session tracking using all of

  • User-Name
  • Acct-Session-Id
  • NAS-IP-Address
  • Client-IP-Address
  • NAS-Port
as key.
This results in never finished sessions since a client moving from one access point to another does
maintain the same Acct-Session-Id (provided by the WLC), but changes the Acct-Unique-Session-Id.

Example:

Radius type    | Acct-Session-Id | NAS-Port | Acct-Unique-Session-Id
---------------+-----------------+----------+-----------------------
Start          | A               | M        | X
Interim-Update | A               | M        | X
Interim-Update | A               | N        | Y
Stop           | A               | N        | Y

To change the way FreeRADIUS buils the  Acct-Unique-Session-Id I modified raddb/modules/acct_unique as follows:

#acct_unique {
#       key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
#}

acct_unique {
        key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address"
}
Comments