Upstream NAS flooding my radius
locu.lists at gmail.com
Thu Dec 15 03:11:23 CET 2011
I have a setup such as:
NAS > Freeradius Proxy > Freeradius Auth
Periodically the NAS (different company and outside of my control)
gets rebooted and when it starts up it sends thousands of simultaneous
requests to the radius proxy, which in turn forwards them all to the
appropriate freeradius auth server. The challenge is, the auth server
can get overwhelmed and starts throwing some of these errors:
Error: rlm_sql (sql): There are no DB handles to use!
I'm curious if there's an elegant way on the freeradius proxy to rate
limit the # of connections per second being thrown at the auth server.
Ideally if the threshold is reached, requests above the threshold
would be dropped (and not rejected). I've searched all the docs, the
mailing list, and config files and haven't turned up a solution yet.
Any help or advice is appreciated.
More information about the Freeradius-Users