Re: NO multiple logins !! Livingston won't listen
System Manager (root@oberon.glo.be)
Tue, 25 Jun 1996 15:31:28 +0200 (MET DST)
> >There are many arguments on this topic. Anyone like to share there
> >experience, code etc. to the PM users such the a workable and not too
> >troublesome solution?
> >
> >We do believe that there is a demand but if the supplier cannot give
> >an solution, the users can seek the best possible solution and share it!
> >
> >Any takers?
> >
> >Alpha.
>
> I use UNET RADIUS, it lets you specify how many simultaneous logins are
> permitted for each user.
Due to line delays AND server loads we have 4 radius servers running (and
each portmaster is using 2 of them just in case one dies). We tried virtually
everything to get them synchronized but it is just impossible to avoid double
logins with this kind of config. So we just got down to the point of having
one box here doing nothing but telnetting in every single portmaster doing a
show users, collecting all the information, figuring out who's on twice (or
more; record currently is 14 connects in a single minute) and throwing their
oldest sessions out (very important; throwing the newest out is very annoying
if a line got stuck) plus sending them a reprimanding email. It's a clumsy
combination of bash and perl scripts and a C program, the hole thing eats
resources like hell but ... IT WORKS and after the initial week of battle
was over it still throws out around 20 users/day.
What I thinks needs to exists is some kind of communication between radius
servers AND a method for a radius server to contact a client to reset a
certain connection. Frankly, I do not believe we'll see this working soon :-(
Same problem with the actual accounting; having it distributed we need to
collect and combine all local data and it's not exactly _consistent_ info.
Sometimes we got multiple stop records of the same session or a single
500000+ second session (not very realistic considering telco lines here)
without a start record anywhere :-(
--Steven, Globe Internet.