[Serusers] avp_radius - ser2.1 - Access Request Contents

samuel samu60 at gmail.com
Thu Jun 7 10:28:57 CEST 2007


Hi all,

Sorry for stepping so late in this post but I am facing exactly the same
"issue" and would like to call for attention from other SER 2.0 rc2
users/developers.

Whenever you try to load from RADIUS user class attributes, for example with

                                 radius_load_attr("$tu","@to.uri")
you get in radius only
User-Name = "sip:sam at test.voip.com"
SER-Service-Type=Get-User-Attrs.

In case you want to load uri class attributes, for example with
                                radius_load_attr("$tr","@to.uri")
 the Radius Request paquet has completely different contents, namely the URI
splited into 3 parameters SER-URI-Scheme = "sip"
User-Name = "sam"
SER-DID = "test.voip.com"

This double format complicates unnecessarily, at least for me, radius
configuration or forces you to do some "dirty", at least for me, tricks in
order to get in the User-Name paramenter the same value so you onlyhave ONE
USER DEFINITION in radius config and not all the possible combinations it
may appear...Remember you can call load_user_attr with different arguments
(@ruri, at to, at to.uri, at to.uri,username,....) and it will end up being a
complete mess.

I would therefore like to standardize both methods so the same data is
expected in radius or that someone explain why this different methods are
required.

Thanks to all!!!

Samuel.


P.D. I'm a radius newbie, using FreeRadius, and may be there are clean ways
to configure RADIUS so both Access-Requests are handled in a ellegant way
requiring you to have only one user definition.


2007/3/12, tzieleniewski <tzieleniewski at o2.pl>:
>
> Hi
>
> Is this correct that when I send the Get-URI-Attrs request type to radius
> it has the following contents:
>         SER-Uri-Scheme = "sip"
>         User-Name = "hellboy"
>         SER-DID = "voip.rd.touk.pl"
>         SER-Service-Type = Get-URI-Attrs
>         NAS-Port = 0
>         NAS-IP-Address = 127.0.0.1
> and when I send the Get-User_Attrs the contents are the following:
>         User-Name = "sip:hellboy at voip.rd.touk.pl"
>         SER-Service-Type = Get-User-Attrs
>         NAS-Port = 0
>         NAS-IP-Address = 127.0.0.1
>
> shouldn't here be the same split into the User-Name and SER-DID?
> Such form implies to have double records in radius for sip:hellboy and
> hellboy.
>
> Bests
> Tomasz
>
>
> > >
> > > tzieleniewski wrote:
> > > > hi!
> > > >
> > > > When I invoke the radius_load_attrs() the message send to radius has
> the following shape:
> > > > Thu Mar  8 10:50:46 2007
> > > >         Packet-Type = Access-Request
> > > >         User-Name = "sip:hellboy at voip.rd.touk.pl"
> > > >         SER-Service-Type = Get-User-Attrs
> > > >         NAS-Port = 0
> > > >         NAS-IP-Address = 127.0.0.1
> > > >
> > > > the message doesn't contain any authentication data like password.
> > > > so do I understand right that radius in such case should be
> configured in such a way to accept any message of the SER-Service-Type =
> Get-User-Attrs?
> > > >
> > > That's correct.
> > > > Are still the avp loaded from radius prefixed or they are just put
> into the particular track and class?
> > > >
> > > No prefixes.
> > > > Could You please give me one example of the radius one avp record
> and the shape in which it will appear in ser after loading.
> > > >
> > > SER-Attr -> avp[:=]value
> > Hi,
> >
> > I did it and connection with radius works fine - I see the
> Access-Request from ser being analyzed and answered by radius but I can see
> an avp value to appear in ser.
> > I did such a check:
> >
> > dump_attrs();
> > radius_load_attrs("$tr","@ruri");
> > dump_attrs();
> >
> > the following message arived at radius:
> >         SER-Uri-Scheme = "sip"
> >         User-Name = "tomix"
> >         SER-DID = "tezet.no-ip.org"
> >         SER-Service-Type = Get-URI-Attrs
> >         NAS-Port = 0
> >         NAS-IP-Address = 127.0.0.1
> >
> > and following one was answered:
> > Sending Access-Accept of id 85 to 127.0.0.1 port 32997
> >         SER-To-DID = "domain.any"
> >
> > the ser debug output haven't show any change related to did avp in to
> track, why is that, what do I missed?
> >
> > debug output:
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:540: class=GLOBAL
> > Mar  9 10:47:50 tomix ser[3721]: AVP["lang"]="en"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:550: track=FROM
> class=DOMAIN
> > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:560: track=TO class=DOMAIN
> > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:570: track=FROM class=USER
> > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:580: track=TO class=USER
> > Mar  9 10:47:50 tomix ser[3721]: AVP["uid"]="tomix at tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:590: track=FROM class=URI
> > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:600: track=TO class=URI
> > Mar  9 10:47:50 tomix ser[3721]: AVP["fforward_failure"]="
> sip:misia at tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]:  route[INBOUND]:
> radius_load_attrs($tr, at ruri) <ACK> <sip:tomix at tezet.no-ip.org>
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:540: class=GLOBAL
> > Mar  9 10:47:50 tomix ser[3721]: AVP["lang"]="en"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:550: track=FROM
> class=DOMAIN
> > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:560: track=TO class=DOMAIN
> > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]="tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:570: track=FROM class=USER
> > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:580: track=TO class=USER
> > Mar  9 10:47:50 tomix ser[3721]: AVP["uid"]="tomix at tezet.no-ip.org"
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:590: track=FROM class=URI
> > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:600: track=TO class=URI
> > Mar  9 10:47:50 tomix ser[3721]: AVP["fforward_failure"]="
> sip:misia at tezet.no-ip.org"
> >
> > Bests
> > Tomasz
> >
> >
> > >
> > > Integer values are automatically converted from string into integer
> avp.
> > > It is the responsibility of the RADIUS server to return the correct
> set
> > > of AVP dependent on SER-Service-Type (see etc/dictionary.ser).
> > > g-)
> > > > Thank you in advance
> > > > Best
> > > > Tomasz
> > > > _______________________________________________
> > > > Serusers mailing list
> > > > Serusers at lists.iptel.org
> > > > http://lists.iptel.org/mailman/listinfo/serusers
> > > >
> > > >
> > > >
> >
> > _______________________________________________
> > Serusers mailing list
> > Serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070607/94ef61a1/attachment.htm>


More information about the sr-users mailing list