Limit on frequent PPPoE-session authentication failures?

RouterOS v3.30 on x86.

We have some pppoe servers with radius-authentication. Sometimes, our customers tune their pppoe-clients to retry every second forever. For blocked (by billing) customers we offer so-called ‘gray’ pppoe-session (with ip 192.168.x.x), that have access only to a few corp sites. But some of them made errors in password, use invalid logins or do other mistakes. So our radius server takes a high load to process such useless frequent queries, while they (customers) sleeps or went away to job, and etc.

Is there any method to limit these negative pppoe-session creation requests?

There is nothing to do on PPPoE server, how do you know specific PPPoE connection is good or bad?
Educate your customer and create configuration guide for PPPoE client configuration to avoid bad username/password users.

We have frequent negative PAP-results on PPPoE sessions from one MAC-address (for ex more than 20-30 in one minute). Can it be the right description?

Educate your customer and create configuration guide for PPPoE client configuration to avoid bad username/password users.

Thank you, we will.

Hello.

I think it would be a useful feature.

Educate your customer and create configuration guide for PPPoE client configuration to avoid bad username/password users.

Great idea. But it from fantastic area.

Rate limit for authentication attempts in time window per MAC address is a great variant, I think.

Regards, Sergey.

[UPD] similar requests:
http://forum.mikrotik.com/t/limit-radius-authentication-tries/16053/1
http://forum.mikrotik.com/t/pppoe-authentication-limit/39087/1

Sometimes user’s accounts disabled for non-payment. It is a lot every begin of month usually. This causes explosive growth in the number of attempts:

89172209 Jan  2 03:15 radiator.log.1.bz2
13945926 Jan  1 03:13 radiator.log.2.bz2
 6846862 Dec 31 03:13 radiator.log.3.bz2
 7216602 Dec 30 03:13 radiator.log.4.bz2