[rbak-nsp] How to allow only one session for every subscriber?
Peter W
lists at pw.de
Tue Jul 2 04:01:26 EDT 2013
Hello Eugene,
Am 02.07.2013 09:31, schrieb Eugene Prokopiev:
> Is it possible to allow only one session for every subscriber? Now I
> have many connection attempts with one valid pppoe login/password. I
> need to connect only first attempt and drop other attempts.
if all subscriber configured on smart-edge, you can try port-limit in
subscriber-section (saw in configuration, but never tested):
> [local]bras1(config)#context local
> [local]bras1(config-ctx)#subscriber name the-name-of-subscriber
> [local]bras1(config-sub)#port-limit ?
> 1..255 Max number of sessions user may establish
We used a limit based on agent-circuit-id:
> [local]bras1(config)#context local
> [local]bras1(config-ctx)#subscriber default
> [local]bras1(config-sub)#session-limit ?
> agent-circuit-id limit by agent-circuit-id
> agent-remote-id limit by agent-remote-id
An another approach is to solve this problem within the radius-server:
- store all active subscriber in a (in-mem-)database based on
radius-accounting
- during the radius-auth-phase, lookup in the database if subscriber is
already online
Best regards,
Peter.
More information about the redback-nsp
mailing list