udp sockets and proxy servers
Sergey Komarov
sergey.komaroff at gmail.com
Wed Jul 29 16:47:32 CEST 2015
Hello,
I've tested 3.0.10 with patch issued by Alan. Thanks for attention for the
case, but it still have some problems:
1. In case you put Dst-IP-Address, than FR ignores port settings in coa
sections of clients (coa server derived from clients.conf). Doesn't matter
if I put port 1700 in clients.conf it use 3799. Then I add Dst-IP-Port 1700
and after that it works normally. But... Next point still impact.
2. After 3.0.10 installed udp sockets finishing very quickly and then it
dies.
Best Regards, Serge Komaroff
> Date: Tue, 21 Jul 2015 10:23:43 +0300
> From: Sergey Komarov <sergey.komaroff at gmail.com>
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Subject: Re: udp sockets and proxy servers
> Message-ID:
> <CAAZqZfDuvfpQM6iERUOfA31X-pwgU=0ZBPxJ7st0K1=
> Zkis2qA at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Hello!
>
>
>
> > Hmmm, well that's problematic. Could you open a GitHub issue.
> >
> > -Arran
> >
>
> Hello Arran. Well, I'm not a developer actually I will try to post it to
> GitHub in case my credentials is ok for that...
>
>
> > Date: Mon, 20 Jul 2015 19:48:25 +0200
> > From: Alan DeKok <aland at deployingradius.com>
> > To: FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Subject: Re: udp sockets and proxy servers
> > Message-ID: <56E2A5E4-DFAD-4B47-816E-28CDFF51DACF at deployingradius.com>
> > Content-Type: text/plain; charset=us-ascii
> >
> > On Jul 20, 2015, at 7:15 PM, Sergey Komarov <sergey.komaroff at gmail.com>
> > wrote:
> > > I'm tring to run 3.0.9 configuration with about ~1500 clients and home
> > > servers (as I have about 1500 WLCs in the network and I try to proxy
> CoA
> > > packet to WLCs via radius).
> > >
> > > Radius server tries to open as many sockets as possible doing like
> that:
> > >
> > > Info: ... adding new socket proxy address * port 46527
> > > Info: ... adding new socket proxy address * port 38003
> > >
> > > It happens slowly or fast and it depends of load as I see it... And
> then
> > > after about 256 sockets server quits from running with error:
> >
> > Is that with TLS? Or TCP? We didn't predict that people would use 256
> > or more clients with CoA and TCP.
> >
> > But it *should* work for UDP. There's no reason for it to open many
> > proxy sockets. It just needs one or two.
> >
> > Alan DeKok.
> >
>
> Hello Alan! The case is that I'm using UDP only, no any TLS now, just
> common pap/sql and Acc Req/Accept/CoA Proxy... SQL sockets is ok and no
> overflow there (it even close some connections to DB when don't need it).
> But it looks like FR tries to create as many sockets as home servers and it
> happen slowly - depends on load. When I limit to 200 home servers - it
> stopped to create sockets at number about 153... In case it overcome 256 it
> drops soon with that error...
>
>
> Best Regards, Serge Komaroff
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> ------------------------------
>
> End of Freeradius-Users Digest, Vol 123, Issue 76
> *************************************************
>
More information about the Freeradius-Users
mailing list