Aug 01 2007

Gigawords Support in Freeradius

Published by at 12:00 am under Cisco,Freeradius

Some people using Radius for accounting don’t know there are counters limits. Values defined in the protocol are stored in 32 bit fields meaning you will never go any higher than 4294967296 bits, that is fairly more than 4GB. If a session stays up for days, there are good chances that the counter resets to 0 and some traffic will go missing. Yet, some extensions have been added to the protocol to support bigger amount of traffic. Since Freeradius 1.1.7, Gigawords with a Mysql backend are supported by default. It is highly recommended to upgrade to the last version. While upgrading, do not forget to update your database schema as in mysql.sql changing AcctInputOctets and AcctOutputOctets from 32 to 64 bits. This article deals with those having Freeradius prior to 1.1.7.


Before You Start

We assume you have a working Freeradius setup with Mysql to store your data. We also assume that your Network Access Server (NAS) supports gigawords as defined in RFC2869. It is usually the case for Cisco routers but check the manual of your NAS to know how to activate it.


Enabling Gigawords on NAS

Again, this section relates to Cisco but a similar set of commands is usually available on most devices. Gigawords option is enable by default on Cisco gear hence it doesn’t appear in the configuration. If it does, simply run this command to activate it:

   aaa accounting gigawords


You will be asked to reload the router to apply the new settings. This will activate Acct-Input-Gigawords and Acct-Output-Gigawords attributes which tell how many times the counters reset. Knowing this, we can then calculate the real values. Next step is to create extra column in the database.


Mysql Table Modification

AcctInputOctet and AcctOutputOctet fields need to be changed from 32 to 64 bits. You can make the change with any Mysql client or PhpMyAdmin

   ALTER TABLE radacct CHANGE AcctInputOctets AcctInputOctets BIGINT(20) UNSIGNED;
   ALTER TABLE radacct CHQNGE AcctOutputOctets AcctOutputOctets BIGINT(20) UNSIGNED;


Freeradius Update

The SQL code in sql.conf needs to be change for stop and update queries to log the new values into the database. Here’s what they look like after modification:

   accounting_update_query = "
     UPDATE ${acct_table1}
     SET AcctInputOctets = '%{Acct-Input-Gigawords:-0}' << 32 | '%{Acct-Input-Octets:-0}',
       AcctOutputOctets = '%{Acct-Output-Gigawords:-0}' << 32 | '%{Acct-Output-Octets:-0}',
       FramedIPAddress = '%{Framed-IP-Address}'
     WHERE AcctSessionId = '%{Acct-Session-Id}'
       AND UserName = '%{SQL-User-Name}'
       AND NASIPAddress= '%{NAS-IP-Address}'
       AND NASIPAddress= '%{NAS-IP-Address}'
       AND AcctStopTime = 0"

   accounting_stop_query ="
     UPDATE ${acct_table2}
    SET AcctStopTime = '%S',
       AcctSessionTime = '%{Acct-Session-Time}',
       AcctInputOctets = '%{Acct-Input-Gigawords:-0}' << 32 | '%{Acct-Input-Octets:-0}',
       AcctOutputOctets = '%{Acct-Output-Gigawords:-0}' << 32 | '%{Acct-Output-Octets:-0}',
       AcctTerminateCause = '%{Acct-Terminate-Cause}',
       AcctStopDelay = '%{Acct-Delay-Time}',
       ConnectInfo_stop = '%{Connect-Info}'
     WHERE AcctSessionId = '%{Acct-Session-Id}'
       AND UserName = '%{SQL-User-Name}'
       AND NASIPAddress = '%{NAS-IP-Address}'
       AND AcctStopTime =0"


Restart Radius service, you’re done!

This concatenates the Gigawords and Octets values adding 32 null bits to the first and doing a logical OR on them.
If you have any comment or want to share some suggestions you may have, feel free to contact us.

This solution was provided on the Freeradius FAQ available at http://wiki.freeradius.org


9 responses so far

9 Responses to “Gigawords Support in Freeradius”

  1. Ebay hot itemson 09 Aug 2008 at 11:30 pm

    Very interesting blog, i have added it to my fovourites, greetings

  2. dannyon 07 Oct 2009 at 3:12 pm

    i am having a problem with 4GB when i activate the sql_counter
    it wraps when ever i put counter for download-upload.

    can you please tell me what should i do

    thank you in advance

  3. daveon 07 Oct 2009 at 11:16 pm

    Check your NAS documentation to activate Gigawords

  4. dannyon 10 Oct 2009 at 12:46 am

    i am using coovachilli and base on what is written there it s enabled by default.
    can you please tell how to why. or maybe im missing some configuration. Please ADVICE.

    thanks

  5. dannyon 10 Oct 2009 at 8:02 am

    FYI i am using freeradius 1.1.7 and coovachilli. base on what i can see it is already supported the gigawords by default.

    Please Advice. thanks!

  6. Marcelon 14 Oct 2009 at 1:50 am

    Im beggining to think this is just impossible, whereever i go i simply get the answer its already supported. Im running one of the version 2’s and My NAS does send gigawords, but this means nothing. Same 4gb has always existed.

    Can’t find documentation anywhere as to how to get this working. :/

  7. daveon 15 Oct 2009 at 7:49 pm

    Hi, Above changes had to be done in earlier releases of Freeradius.
    Gigawords has been fully supported for a while now.
    I’ve sent an email on to you

  8. dannyon 16 Oct 2009 at 11:32 am

    Thanks for the email

    Yes i did all that. and it works with gigawords.
    Suddenly i figure out another problem, that if a 1 month card with a value of 4GB has consume 3.5GB or let say less than the assign 4GB limit then STOP the session. Again if the user will log in again, that user will exceed up to 4GB for the last session.

    i dont know if you guys already experience this.

    my solution for that is to create a sqlcounter for upload download limit. BUT it seems that its NOT working i am having a Reply :Youre maximum never use limit has exceeded.

  9. dannyon 17 Oct 2009 at 9:46 am

    freeradius v1.1.7——

    i think in freeradius…. on each session what ever the assign max for input or output octet limit will be your LIMIT each session. so it means that if you have monthly card with 4GB limit. You can use 3.9GB per each session not to expire until one month.

    for us to prevent this problem i put a query compared to the assign limit if its equal (=) or greater than limit will not allow user login in within one month.

    i am looking for sqlcounter for data procedure. coz sqlcounter is only meant for TIME and date expiration.

    any query procedure that will help this problem…

    Thanks

Comments RSS

Leave a Reply