AR系列路由器debug radius命令(二)
- 0关注
- 0收藏 1210浏览
AR系列路由器debugging radius命令(二)
【举例】
例1:用户下线时,观察RADIUS的debug信息。
<Quidway> debugging radius packet
*0.173872734 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=Account off request Index = 1, ulParam3=0]
// 收到一个终止计费的请求
*0.173872847 Quidway RDS/8/DEBUG:- 1 -Send attribute list:
//发送atrrbute域的列表
*0.173872914 Quidway RDS/8/DEBUG:- 1 -
[1 User-name ] [6 ] [haha]
//Type为1即代表User-name,Length为6(协议中规定这个长度必须大于等于3),Value是haha
[32 NAS-Identifier ] [9 ] [Quidway]
//Type为32代表NAS-Identifier,也可以看做是NAS的sysname,Length为9(协议中规定这个长度必须大于等于3),Value是Quidway
[5 NAS-Port ] [6 ] [268468225]
//Type为5代表NAS-Port,Length为6,Value是268468225,注意这个端口号是和NAS连接的物理层上的端口号,不是TCP或者UDP里的端口号
[61 NAS-Port-Type ] [6 ] [15]
//Type为61代表NAS-Port-Type,Length为6,Value为15(表示通过Ethernet连接)
[31 Caller-ID ] [16] [303030662D316637392D63666264]
//Type为31代表Caller-ID(即Calling-Station-Id),Length为16(协议上规定这个长度必须大于等于3),Value为上述的值
[40 Acct-Status-Type ] [6 ] [2]
//Type为40代表Acct-Status-Type,Length为6,Value为2表示stop
*0.173873333 Quidway RDS/8/DEBUG:- 1 -
[45 Acct-Authentic ] [6 ] [1]
//Type为45代表Acct-Authentic,Length为6,Value为1表示通过RADIUS认证
[44 Acct-Session-Id ] [15] [1105032910182]
//Type为44代表Acct-Session-Id,Length为15(协议上规定要大于等于3),Value为上述值(注意在用户上线和下线的时候该值应该是一样的)
[4 NAS-IP-Address ] [6 ] [127.0.0.1]
//Type为4代表NAS-IP-Address,Length为6,Value为上述值
[55 Event-Timestamp ] [6 ] [1114770003]
//Type为55代表Event-Timestamp,Length为6,Value为上述值
[46 Acct-Session-Time ] [6 ] [95]
//Type为46代表Acct-Session-Time,Length为6,Value为95表示该用户一共上线的时间为95秒
[41 Acct-Delay-Time ] [6 ] [0]
//Type为41代表Acct-Delay-Time,Length为6,Value为0表示该用户发送record到server没有时延
*0.173873731 Quidway RDS/8/DEBUG:- 1 -
[42 Acct-Input-Octets ] [6 ] [1593446]
//Type为42代表Acct-Input-Octets,Length为6,Value为上述值表示用户在上线期间收到计费报文的长度,该字段只有在Acct-status-Type是stop的时候才有
[47 Acct-Input-Packets ] [6 ] [5018]
//Type为47代表Acct-Input-Packets,Length为6,Value为上述值表示从端口收到多少计费报文,该字段只有在Acct-status-Type是stop的时候才有
[43 Acct-Output-Octets ] [6 ] [34040316]
//Type为43代表Acct-Output-Octets,Length为6,Value为上述值表示server向端口发送了计费报文的长度,该字段只有在Acct-status-Type是stop的时候才有
[48 Acct-Output-Packets ] [6 ] [520839]
//Type为48代表Acct-Output-Packets,Length为6,Value为上述值表示发向端口多少计费报文,该字段只有在Acct-status-Type是stop的时候才有
[52 Acct_Input_Gigawords ] [6 ] [0]
//Type为52代表Acct-Input-Gigawords,Length为6,Value为上述值,表示记录Acct-Input-Octets计数器的长度到达2^32的次数,该字段只有在Acct-Status-Type为stop或者Interimupdate的时候才有
[53 Acct_Output_Gigawords ] [6 ] [0]
//Type为53代表Acct-Output-Gigawords,Length为6,Value为上述值,表示记录Acct-Output-Octets计数器的长度到达2^32的次数,该字段只有在Acct-Status-Type为stop或者Interim-update的时候才有
*0.173874133 Quidway RDS/8/DEBUG:- 1 -
[49 Terminate-Cause ] [6 ] [1]
//Type为49代表Terminate-Cause(协议中是Acct-Terminate-Cause),Length为6,Value是1表示终止的原因是用户要求(User Request)
*0.173874231 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[1], ID=[4], RetryTimes=[0], Code=[4], Length=[156]
//发送一个ip地址为127.0.0.1,ID为1,长度为156的Accounting-Request认证响应包(Code 为4)
*0.173874381 Quidway RDS/8/DEBUG:- 1 -Send Raw Pakcet is:
*0.173874448 Quidway RDS/8/DEBUG:- 1 -
04 04 00 fffffffff2a 6c fff3c ffffffffffff3c fff
2b fff4d 30 01 06 68 61 68 61 20 09 51 75 69 64
77 61 79 05 06 10 00 fff01 3d 06 00 00 00 0f 1f
10 30 30 30 66 2d 31 66 37 39 2d 63 66 62 64 28
06 00 00 00 02 2d 06 00 00 00 01 2c 0f 31 31 30
35 30 33 32 39 31 30 31 38 32 04 06 7f 00 00 01
37 06 42 72 0a 53 2e 06 00 00 00 5f 29 06 00 00
00 00 2a 06 00 18 50 66 2f 06 00 00 13 fff2b 06
02 07 69 fff30 06 00 07 ffffff34 06 00 00 00 00
35 06 00 00 00 00 31 06 00 00 00 01
//发送一个ip地址为127.0.0.1,ID为1,长度为156的未解析Accounting-Request认证响应包(Code 为4)
*0.173875114 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT response Index = 20, ulParam3=2192760468]
*0.173875231 Quidway RDS/8/DEBUG:- 1 -Receive Raw Packet is:
*0.173875297 Quidway RDS/8/DEBUG:- 1 -
05 04 00 14 4c ffffff6b 6e 7a fff0f 32 0f 0d 0f
54 fffffffff
*0.173875414 Quidway RDS/8/DEBUG:- 1 -Receive:IP=[127.0.0.1],
Code=[5],Length=[20]
//收到ip地址为127.0.0.1,长度为20的未解析的Accounting-Response认证响应包
*0.173875514 Quidway RDS/8/DEBUG:- 1 –NULL
例2:用户正常登录时,观察 RADIUS的debug信息。
<Quidway> debugging radius packet
*0.173964133 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=
//收到类型为正常认证请求的报文
*0.173964249 Quidway RDS/8/DEBUG:- 1 -Send attribute list:
*0.173964314 Quidway RDS/8/DEBUG:- 1 -
[1 User-name ] [6 ] [haha]
[3 Challenge-Password ] [19] [026EFFFFFFFFFF4005FF6BFFFF36FFFF3A]
//Type为3表示Challenge-Password(协议中是CHAP-Password),Length为19,Value为用户的CHAP Response,该属性只能用于Access-Request中
[60 CHAP_Challenge ] [18] [FFFFFFFFFFFF1720FF08630801FFFFFFFFFFE0]
//Type为60表示CHAP_Challenge,Length为18(协议中规定长度必须大于等于7),Value为上述值,该属性只能用于Access-Request中
[4 NAS-IP-Address ] [6 ] [127.0.0.1]
[32 NAS-Identifier ] [9 ] [Quidway]
[5 NAS-Port ] [6 ] [268468225]
*0.173964799 Quidway RDS/8/DEBUG:- 1 -
[61 NAS-Port-Type ] [6 ] [15]
[6 Service-Type ] [6 ] [2]
//Type为6表示Service-Type,Length为6,Value为2表示服务类型为Framed,该属性用在Access-Request和Access-Accept中
[7 Framed-Protocol ] [6 ] [1]
//Type为7表示Framed-Protocol,Length为6,Value为1表示帧封装类型为ppp,该属性用在Access-Request和Access-Accept中
[31 Caller-ID ] [16] [303030662D316637392D63666264]
*0.173965097 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[2], ID=[2], RetryTimes=[0], Code=[1], Length=[118]
*0.173965248 Quidway RDS/8/DEBUG:- 1 -Send Raw Pakcet is:
*0.173965314 Quidway RDS/8/DEBUG:- 1 -
01 02 00 76 ffffffffffffffffff17 20 fff08 63 08
01 fffffffff01 06 68 61 68 61 03 13 02 6e ffffff
fffffffff40 05 fff6b ffffff36 ffffff3a 3c 12 fff
fffffffffffffff17 20 fff08 63 08 01 fffffffff04
06 7f 00 00 01 20 09 51 75 69 64 77 61 79 05 06
10 00 fff01 3d 06 00 00 00 0f 06 06 00 00 00 02
07 06 00 00 00 01 1f 10 30 30 30 66 2d 31 66 37
39 2d 63 66 62 64
//发送ip为127.0.0.1,ID为2,长度为118的未解析的Access-Request认证请求包
*0.173965830 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT response Index = 20, ulParam3=2192760132]
*0.173965947 Quidway RDS/8/DEBUG:- 1 -Receive Raw Packet is:
*0.173966014 Quidway RDS/8/DEBUG:- 1 -
02 02 00 14 38 ffffffffffffffffffffffff13 74 20
68 fff2b fff
*0.173966133 Quidway RDS/8/DEBUG:- 1 -Receive:IP=[127.0.0.1],
Code=[2],Length=[20]
*0.173966230 Quidway RDS/8/DEBUG:- 1 –NULL
//收到IP地址为127.0.0.1,长度为20的未解析的Access-Accept认证接受包
*0.173966280 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=Account request Index =2, ulParam3=0]
//收到计费请求包
*0.173966399 Quidway RDS/8/DEBUG:- 1 -Send attribute list:
*0.173966464 Quidway RDS/8/DEBUG:- 1 -
[1 User-name ] [6 ] [haha]
[32 NAS-Identifier ] [9 ] [Quidway]
[5 NAS-Port ] [6 ] [268468225]
[61 NAS-Port-Type ] [6 ] [15]
[31 Caller-ID ] [16] [303030662D316637392D63666264]
[40 Acct-Status-Type ] [6 ] [1]
//Value为1表示计费的状态为start
*0.173966880 Quidway RDS/8/DEBUG:- 1 -
[45 Acct-Authentic ] [6 ] [1]
[44 Acct-Session-Id ] [15] [1105032910213]
[4 NAS-IP-Address ] [6 ] [127.0.0.1]
[55 Event-Timestamp ] [6 ] [1114770095]
*0.173967180 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[2], ID=[5], RetryTimes=[0], Code=[4], Length=[102]
*0.173967330 Quidway RDS/8/DEBUG:- 1 -Send Raw Pakcet is:
*0.173967397 Quidway RDS/8/DEBUG:- 1 -
04 05 00 66 08 11 78 69 ffffffffffff37 fffffffff
fff30 fff47 01 06 68 61 68 61 20 09 51 75 69 64
77 61 79 05 06 10 00 fff01 3d 06 00 00 00 0f 1f
10 30 30 30 66 2d 31 66 37 39 2d 63 66 62 64 28
06 00 00 00 01 2d 06 00 00 00 01 2c 0f 31 31 30
35 30 33 32 39 31 30 32 31 33 04 06 7f 00 00 01
37 06 42 72 0a fff
//发送ip地址为127.0.0.1,ID为5,长度为102的未解析的Accounting-Reauest计费请求包
*0.173967847 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT response Index = 20, ulParam3=2192762388]
*0.173967981 Quidway RDS/8/DEBUG:- 1 -Receive Raw Packet is:
*0.173968047 Quidway RDS/8/DEBUG:- 1 -
05 05 00 14 34 2e fffffffff42 20 ffffff63 67 fff
64 fffffffff
*0.173968164 Quidway RDS/8/DEBUG:- 1 -Receive:IP=[127.0.0.1],
Code=[5],Length=[20]
*0.173968265 Quidway RDS/8/DEBUG:- 1 –NULL
//收到ip地址为127.0.0.1,长度为20的未解析的Accounting-Response认证响应包
例3:用户登录时,输入用户名正确,但输入密码错误,此时观察RADIUS的debug信息。
<Quidway> debugging radius packet
*0.199579167 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=
*0.199579281 Quidway RDS/8/DEBUG:- 1 -Send attribute list:
*0.199579348 Quidway RDS/8/DEBUG:- 1 -
[1 User-name ] [6 ] [haha]
[3 Challenge-Password ] [19] [02FF711AFF7B4AFF7C4934FFFFFFFF3469]
[60 CHAP_Challenge ] [18] [FFFF370AFFFFFFFFFFFFFF1EFF4FFF7F]
[4 NAS-IP-Address ] [6 ] [127.0.0.1]
[32 NAS-Identifier ] [9 ] [Quidway]
[5 NAS-Port ] [6 ] [268468225]
*0.199579831 Quidway RDS/8/DEBUG:- 1 -
[61 NAS-Port-Type ] [6 ] [15]
[6 Service-Type ] [6 ] [2]
[7 Framed-Protocol ] [6 ] [1]
[31 Caller-ID ] [16] [303030662D316637392D63666264]
*0.199580131 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[3], ID=[3], RetryTimes=[0], Code=[1], Length=[118]
*0.199580281 Quidway RDS/8/DEBUG:- 1 -Send Raw Pakcet is:
*0.199580348 Quidway RDS/8/DEBUG:- 1 -
01 03 00 76 ffffff37 0a fffffffffffffffffffff1e
fff4f fff7f 01 06 68 61 68 61 03 13 02 fff71 1a
fff7b 4a fff7c 49 34 ffffffffffff34 69 3c 12 fff
fff37 0a fffffffffffffffffffff1e fff4f fff7f 04
06 7f 00 00 01 20 09 51 75 69 64 77 61 79 05 06
10 00 fff01 3d 06 00 00 00 0f 06 06 00 00 00 02
07 06 00 00 00 01 1f 10 30 30 30 66 2d 31 66 37
39 2d 63 66 62 64
*0.199580864 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT response Index = 20, ulParam3=2192919780]
*0.199580981 Quidway RDS/8/DEBUG:- 1 -Receive Raw Packet is:
*0.199581048 Quidway RDS/8/DEBUG:- 1 -
03 03 00 14 3a 32 fff34 7f 7e fff09 7c ffffff0c
fff25 72 fff
*0.199581165 Quidway RDS/8/DEBUG:- 1 -Receive:IP=[127.0.0.1],
Code=[3],Length=[20 ]
*0.199581266 Quidway RDS/8/DEBUG:- 1 -NULL
*0.199581314 Quidway RDS/8/DEBUG:- 1 -RejectMsg=[Rejected by RADIUS server without any message ]
//Radius服务器拒绝信息
例4:用户登录时,输入用户名错误,此时观察RADIUS的debug信息。
<Quidway> debugging radius packet
*0.199650467 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=
x = 4, ulParam3=2192359764]
*0.199650581 Quidway RDS/8/DEBUG:- 1 -Send attribute list:
*0.199650647 Quidway RDS/8/DEBUG:- 1 -
[1 User-name ] [6 ] [lele]
[3 Challenge-Password ] [19] [027BFF104CFF4069FF5A30FF0502FFFF39]
[60 CHAP_Challenge ] [18] [582326FFFF1613FFFFFF18FF164C54FFFFFFA7]
[4 NAS-IP-Address ] [6 ] [127.0.0.1]
[32 NAS-Identifier ] [9 ] [Quidway]
[5 NAS-Port ] [6 ] [268468225]
*0.199651133 Quidway RDS/8/DEBUG:- 1 -
[61 NAS-Port-Type ] [6 ] [15]
[6 Service-Type ] [6 ] [2]
[7 Framed-Protocol ] [6 ] [1]
[31 Caller-ID ] [16] [303030662D316637392D63666264]
*0.199651431 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[4], ID=[4], RetryTimes=[0], Code=[1], Length=[118]
*0.199651581 Quidway RDS/8/DEBUG:- 1 -Send Raw Pakcet is:
*0.199651647 Quidway RDS/8/DEBUG:- 1 -
01 04 00 76 58 23 26 ffffff16 13 fffffffff18 fff
16 4c 54 fff01 06 6c 65 6c 65 03 13 02 7b fff10
4c fff40 69 fff5a 30 fff05 02 ffffff39 3c 12 58
23 26 ffffff16 13 fffffffff18 fff16 4c 54 fff04
06 7f 00 00 01 20 09 51 75 69 64 77 61 79 05 06
10 00 fff01 3d 06 00 00 00 0f 06 06 00 00 00 02
07 06 00 00 00 01 1f 10 30 30 30 66 2d 31 66 37
39 2d 63 66 62 64
*0.199653466 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT auth timeout Index = 4, ulParam3=0]
//收到认证超时报文
*0.199653581 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[4], ID=[4], RetryTimes=[1], Code=[1], Length=[118]
*0.199656468 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT auth timeout Index = 4, ulParam3=0]
*0.199656581 Quidway RDS/8/DEBUG:- 1 -Send: IP=[127.0.0.1], UserIndex=[4], ID=[4], RetryTimes=[2], Code=[1], Length=[118]
*0.199659566 Quidway RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT auth timeout Index = 4, ulParam3=0]
*0.199659681 Quidway RDS/8/DEBUG:- 1 -RADIUS Server No Response
//连续3次发送认证请求包,都超时,认为RADIUS服务器没有响应,认证失败
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作