[AusNOG] Locate a Telstra DSL service from details in a RADIUS packet?
Martin Visser
martinvisser99 at gmail.com
Tue Jul 9 18:22:02 EST 2019
Maybe your solution could go along the lines of a proposal I worked on for
a large telco many moons ago (November 2001!!!) as a follow on to a RADIUS
upgrade.
It was termed "Go To Jail" and the idea was to fix an issue with a whole
lot of (3rd party??) CPE that had been sold with a default credentials that
would incessantly try to authenticate in a tight endless loop (something
like a 60 second cycle) when rejected by the RADIUS server. These caused a
huge load on the RADIUS infrastructure.
The idea was after a number of failed requests in a short period, they
would get sent a RADIUS-Accept that put them in a "jail" that would give
them basically a limited IP and DNS that allowed the rogue to CPE to pretty
much go nowhere but it would stop trying authenticate. You might then have
the "jailed" user status then reset after a period (say 24 hours) or after
operator intervention (presumably after the user claimed that his new modem
didn't work).
Regards, Martin
MartinVisser99 at gmail.com
On Tue, 9 Jul 2019 at 18:00, Andrew Yager <andrew at rwts.com.au> wrote:
> On Tue, 9 Jul 2019 at 17:58, Mark Newton <newton at atdot.dotat.org> wrote:
>
>>
>> On 9 Jul 2019, at 4:41 PM, Andrew Yager <andrew at rwts.com.au> wrote:
>> > In our RAIDUS packets generated from our LAC we have a bunch of
>> information about Telstra DSL services when they terminate on our network.
>> We have a rogue service that we are trying to locate the FNN it's actually
>> on, but that useful data is not in the RADIUS packets.
>> > Does anyone know if it's possible to find the FNN in reverse from the
>> RADIUS packet?
>>
>> Can’t you just suspend the service and wait for them to call about a
>> fault?
>>
>
> Tried that one.
>
> We think it's a dead/dormant service that isn't actually in use, but is
> still somehow coming in. Packet usage is consistent with a
> deactivated/non-existent service; but auth packets are still coming in, so
> it's still alive somewhere.
>
> Andrew
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190709/a19dd22b/attachment.html>
More information about the AusNOG
mailing list