Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(ASCEND) Backoff Q Full, discarding user x
According to what I have found by searching through the archive, this error
means that the TNT is not communicating with the Accounting server. I
should check ip's and passwords so that they match in the clients file of
radius. I did that, everything looks right, but just to check my work I've
pasted relevant configs below.
Output of "radstat" and "raddbgdump q" are also below... but I am unsure how
to read the results.
Here is the relevant parts of my setup:
first, the unix box running my acct/auth server:
showing all ports open, even listening:
# netstat -a
UDP
Local Address Remote Address State
-------------------- -------------------- -------
(among other things)
*.radius Idle
*.radacct Idle
these ports are defined in services as:
# grep "rad" /etc/services
radius 1645/udp
radacct 1646/udp
the processes are running:
# ps -ef | grep "rad"
root 15149 15148 0 Dec 01 pts/1 0:00 /usr/local/bin/radiusd -A
service
s -a /etc/radacct -p -w -d /etc/raddb
root 15148 1 0 Dec 01 pts/1 0:02 /usr/local/bin/radiusd -A
service
s -a /etc/radacct -p -w -d /etc/raddb
# cd /etc/raddb
# cat clients
# <hostname> <secret> [type] [version] [prefix]
# ---------- -------- ------ --------- --------
#pipeline testing123 type=Ascend:NAS
#max4004:1996 testing123 type=Ascend:NAS
ip.of.maxtnt password type=Ascend:NAS
this.hosts.ip type=PROXY
#
ip.of.maxtnt == the ip address of my maxtnt.
this.hosts.ip == is the ip of the unix box itself which is my acct/auth
server
And on the max:
admin> list rad-acct-cli
[in EXTERNAL-AUTH:rad-acct-client]
acct-server-1 = ip.of.auth/acct.server
acct-server-2 = ip.of.auth/acct.server
acct-server-3 = ip.of.auth/acct.server
acct-port = 1646
acct-src-port = 0
acct-key = password
acct-timeout = 30
acct-sess-interval = 0
acct-id-base = acct-base-10
acct-reset-time = 0
acct-checkpoint = 0
acct-stop-only = yes
acct-limit-retry = 0
acct-drop-stop-on-auth-fail = no
admin> raddbgdump q
AcctInfo (0) Pending Q (0):
AcctInfo (0) Backoff Q (1):
name=<(null pointer)>, logout=0, nasPort=128, nasPortType=-1 evTim=5
sessId=, authTyp=0, durat=0, len[class,calling#,called#]=[0,0,0]
id=51, statTyp 0 relT 6087, backT 7200, retryLim 0 tot ret 0
AcctInfo (1) Pending Q (0):
AcctInfo (1) Backoff Q (0):
admin>
admin> radstat
RADIUS authen stats:
0 sent[A,O]=[2,10078], rcv[A,O]=[2,10032]
timout[A,O]=[0,50], unexp=0, bad=17, authOK=2
IpAddress ip.of.auth/acct.server, curServerFlag 1
1 sent[A,O]=[0,40], rcv[A,O]=[0,5]
timout[A,O]=[0,38], unexp=0, bad=5, authOK=0
IpAddress ip.of.auth/acct.server, curServerFlag 0
2 sent[A,O]=[0,41], rcv[A,O]=[0,6]
timout[A,O]=[0,38], unexp=0, bad=6, authOK=0
IpAddress ip.of.auth/acct.server, curServerFlag 0
RADIUS accounting stats (0):
0 sent=264, rcv=0, timout=264, unexp=0, bad=0
IpAddress 0.0.0.0, curServerFlag 0
1 sent=0, rcv=0, timout=0, unexp=0, bad=0
IpAddress 0.0.0.0, curServerFlag 0
2 sent=0, rcv=0, timout=0, unexp=0, bad=0
IpAddress 0.0.0.0, curServerFlag 0
RADIUS accounting stats (1):
0 sent=2, rcv=2, timout=0, unexp=0, bad=0
IpAddress ip.of.auth/acct.server, curServerFlag 1
1 sent=0, rcv=0, timout=0, unexp=0, bad=0
IpAddress 0.0.0.0, curServerFlag 0
2 sent=0, rcv=0, timout=0, unexp=0, bad=0
IpAddress 0.0.0.0, curServerFlag 0
Local Rad Acct Stats:
nSent[OK,fail]=[266,12], nRcv=10017, nDrop[QFull,Other]=[0,0]
nRsp[TimOut,NoMatch]=[264,0], nBackoff[new,norsp]=[3,97]
nAllocFail[timer,mem]=[0,0], nTimOutNoMatch=0, nBadVect=0
Local Rad Serv Stats:
unkClient=0
index 0 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 1 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 2 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 3 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 4 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 5 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 6 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 7 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
index 8 #Sent = 0, #SendFail=0 badAuthRcv = 0, badPktRcv = 0
admin>
ip.of.maxtnt == the ip address of my maxtnt.
ip.of.auth/acct.server == is the ip of the unix box which is my acct/auth
server
With the above configs, why do I still get these:
Dec 2 09:14:10 ip.of.auth/acct.server 1/6: Backoff Q full, discarding user
dodo[28084712
5]
Snoop shows that I am communicating...
# snoop -V host authacct and port 1646 or port 1645
Using device /dev/hme (promiscuous mode)
________________________________
maxtnt -> authacct ETHER Type=0800 (IP), size = 88 bytes
maxtnt -> authacct IP D=authacct S=maxtnt LEN=74, ID=7922
maxtnt -> authacct UDP D=1645 S=1804 LEN=54
________________________________
authacct -> maxtnt ETHER Type=0800 (IP), size = 62 bytes
authacct -> maxtnt IP D=maxtnt S=authacct LEN=48, ID=19790
authacct -> maxtnt UDP D=1804 S=1645 LEN=28
________________________________
maxtnt -> authacct ETHER Type=0800 (IP), size = 88 bytes
maxtnt -> authacct IP D=authacct S=maxtnt LEN=74, ID=7923
maxtnt -> authacct UDP D=1645 S=1804 LEN=54
________________________________
authacct -> maxtnt ETHER Type=0800 (IP), size = 62 bytes
authacct -> maxtnt IP D=maxtnt S=authacct LEN=48, ID=19791
authacct -> maxtnt UDP D=1804 S=1645 LEN=28
Ideas?
Michael Johnson
Network Specialist - Telecommunications - University of Oklahoma
phone: 405.325.6290 fax: 405.325.7483 h323: 129.15.3.30 email:
mjohnson@ou.edu
http://www.telecom.ou.edu/
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>