how-to_‎ > ‎

FreeRADIUS Acct-Unique-Session-Id fix

posted Nov 22, 2012, 1:14 AM by Daniele Albrizio   [ updated Nov 22, 2012, 1:15 AM ]
Some WLCs (wireless lan controllers) use the same session ID tracking for a session across
multiple access points (NAS-Port). 
Freeradius by default builds his session tracking using all of


  • User-Name
  • Acct-Session-Id
  • NAS-IP-Address
  • Client-IP-Address
  • NAS-Port
as key.
This results in never finished sessions since a client moving from one access point to another does
maintain the same Acct-Session-Id (provided by the WLC), but changes the Acct-Unique-Session-Id.


Example:

Radius type | Acct-Session-Id | NAS-Port | Acct-Unique-Session-Id
---------------+-----------------+----------+-----------------------
Start | A | M | X
Interim-Update | A | M | X
Interim-Update | A | N | Y
Stop | A | N | Y

To change the way FreeRADIUS buils the Acct-Unique-Session-Id I modified raddb/modules/acct_unique as follows:

#acct_unique { # key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" #}

acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address" }
Comments