Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
  
[+] Expand All
[-] Collapse All

Sessions in the CST

The CST maintains a record for most, but not all, sessions.

  • When only System fields are active in the CST, Steel-Belted Radius Carrier creates a CST record using a two-stage process:
    1. At authentication, when a RADIUS authentication request is processed successfully and a RADIUS authentication response is sent. Tracked resources are allocated for the session. These sessions are phantom sessions, and are typically promoted to a real session when a RADIUS Accounting-Start message arrives.
    2. At accounting start, when a RADIUS Accounting-Start message for the session is received.
  • If RadAttr fields are active in the CST, Steel-Belted Radius Carrier creates a phantom session for every authentication request (not just those containing attributes to be captured in a RadAttr field). Steel-Belted Radius Carrier then records RADIUS attributes, including the RadAttr fields, in the CST.

Acknowledging Authentication and Accounting Requests when the CST Cannot Be Contacted

By default, accounting requests are acknowledged even if the session database cannot be contacted. To cause accounting requests to be discarded when the session database cannot be contacted, which may be desirable when using load-balancing equipment, modify radius.ini as follows:

[Configuration] Section
DiscardAccountingRequestOnCstFailure = 1
  • If set to 1, accounting requests (start, stop, on, off, and interim) are discarded when the session database cannot be contacted.
  • If set to 0, accounting requests (start, stop, on, off, and interim) are acknowledged when the session database cannot be contacted.

    Similarly, to cause the discard of authentication requests that contact the session database to assign resources (such as IP address assignment or concurrency), modify radius.ini as follows:

    [Configuration] Section
    DiscardAccessRequestOnCstFailure = 1
    • If set to 1, authentication requests requiring access to the session database are discarded when the session database cannot be contacted.
    • If set to 0, SBR Carrier sends an Access-Reject when the session database cannot be contacted.

    Note: Operation is not affected for requests not requiring session database access.

Current Sessions Table Display

You can display the working CST by executing the ShowSessions.sh script. The format used by the ShowSessions.sh tool is specified in the SQL data-display language. The ShowSessions.sh script may be modified.

When Steel-Belted Radius Carrier SSR is installed, the ShowSessions.sh tool is configured to work with the default CST schema. The ShowSessions.sh tool contains display commands for all System fields, which are commented-in or commented-out appropriately. If you comment or uncomment entries in the SQL schema to meet site requirements, you must comment or uncomment corresponding entries in ShowSessions.sh too.

Figure 15 shows sample ShowSessions.sh output.

Modified: 2017-10-26