Introduction
This method adding extra fields in the Freeradius database schema is obsolete and is NOT recommended by the Freeradius community. Please review this article for the right way to proceed
Many people using Radius for accounting don't know there are counters limits. Values defined in the protocol are stored in 32 bit fields meaning you will never go any higher than 4294967296 bits, that is fairly more than 4GB. If a session stays up for days, there are good chances that the counter resets to 0 and some traffic will go missing. Yet, some extensions have been added to the protocol to support bigger amount of traffic. Unfortunately, Freeradius doesn't come with these options activated by default. I am proposing to make a few changes to collect the "right" amount of data.
Before You Start
We assume you have a working Freeradius setup with Mysql to store your data. Changes should be easy to apply with other databases like Postgresql or Oracle. We also assume that your Network Access Server (NAS) supports gigawords as defined in RFC2869. It is usually the case for Cisco routers but check the manual of your NAS to know how to activate it.
Enabling Gigawords on NAS
Again, this section relates to Cisco but a similar set of commands is usually available on most devices. Gigawords option is enable by default on Cisco gear hence it doesn't appear in the configuration. If it does, simply run this command to activate it:
aaa accounting gigawords
You will be asked to reload the router to apply the new settings. This will activate Acct-Input-Gigawords and Acct-Output-Gigawords attributes which tell how many times the counters reset. Knowing this, we can then calculate the real values. Next step is to create extra column in the database.
Mysql Table Modification
Some extra columns are needed to store the new values in Mysql. This can be a long operation on databases with millions of records. It is always better to do it when the database has just been created. You can add the new fields with any Mysql client or PhpMyAdmin
ALTER TABLE radacct ADD AcctInputGigawords TINYINT UNSIGNED DEFAULT 0; ALTER TABLE radacct ADD AcctOutputGigawords TINYINT UNSIGNED DEFAULT 0;
Note You may have scripts that collect the traffic. These need to be modified to take the new values into account.
Note If you don't want to change the database structure, you can always use one of Freeradius modules to calculate AcctInputOctets and AcctOutputOctets. You can also create a stored procedure if you have Mysql 5.0 or later and call it from your Radius server. Please the notes on how to do daily accounting. Last step is to apply these changes on the Radius server.
Freeradius Update
The SQL code in sql.conf needs to be change for stop and update queries to log the new values into the database. Here's what they look like after modification:
accounting_update_query = "
UPDATE ${acct_table1}
SET AcctInputOctets = '%{Acct-Input-Octets}',
AcctInputGigawords = '%{Acct-Input-Gigawords}',
AcctOutputOctets = '%{Acct-Output-Octets}',
AcctOutputGigawords='%{Acct-Output-Gigawords}',
FramedIPAddress = '%{Framed-IP-Address}'
WHERE AcctSessionId = '%{Acct-Session-Id}'
AND UserName = '%{SQL-User-Name}'
AND NASIPAddress= '%{NAS-IP-Address}'
AND NASIPAddress= '%{NAS-IP-Address}'
AND AcctStopTime = 0"
accounting_stop_query ="
UPDATE ${acct_table2}
SET AcctStopTime = '%S',
AcctSessionTime = '%{Acct-Session-Time}',
AcctInputOctets ='%{Acct-Input-Octets}',
AcctInputGigawords = '%{Acct-Input-Gigawords}',
AcctOutputOctets = '%{Acct-Output-Octets}',
AcctOutputGigawords ='%{Acct-Output-Gigawords}',
AcctTerminateCause = '%{Acct-Terminate-Cause}',
AcctStopDelay = '%{Acct-Delay-Time}',
ConnectInfo_stop = '%{Connect-Info}'
WHERE AcctSessionId = '%{Acct-Session-Id}'
AND UserName = '%{SQL-User-Name}'
AND NASIPAddress = '%{NAS-IP-Address}'
AND AcctStopTime =0"
Restart Radius service, you're done!
Note The new counters will be empty and not 0 for the first round, that's why we initialize the column with 0.
If you have any comment or want to share some suggestions you may have, feel free to contact us.