Summary
We have learned a lot in this chapter about accounting in FreeRADIUS. Specifically, we have covered:
- Basic accounting: We have learned that accounting is separate from authentication and authorization and runs on port 1813. It consists of the client sending
Accounting-Requestpackets and the server replying withAccounting-Responsepackets. TheAcct-Status-TypeAVP inside anAccounting-Requestcan have a value ofStart,Stop,Interim-Update,Accounting-OfforAccounting-On. - Rogue accounting data: These are also known as orphan sessions and happen when the FreeRADIUS server's accounting data does not reflect the activities on the NAS. The
radzapcommand helps us to control these data. - Simultaneous sessions: There can be a limit to the simultaneous sessions of a user. A session section in FreeRADIUS specifies the session database that should be referenced. The session database obtains session data from the accounting section. To limit simultaneous sessions we use the internal
Simultaneous...
