Hello guys, <br><br>we have a server setup running freeradius (= 1.1.2-2) with a mysql backend on debian Linux.<br>We receive a lot of authorization requests and accounting requests from the equipment of an isp.<br><br>Setup is as follows :
<br><br>server A with master freeradius and mysql, <br>server B with backup radius that uses mysql on server A.<br><br>The mysql is of course still single point of failure. <br>We tried it first with a local mysql server on server B but
<br>did find it difficult to process the accounting records in an easy and simple way when they are scattered over two databases on two different servers. Any suggestions on this setup would be greatly appreciated.<br><br>
Everything seems to work except for the following:<br><br>- if we try to start the server threaded and as it is supposed to work (ie /etc/init.d/freeradius start), it crashes regularly under load without any further explanation...
<br>If we run freeradius in debugmode (/usr/sbin/freeradius -X) , everything keeps working just fine... I have done several upgrades (coming from version 0.9) but i still see the same problem and i cannot get it to work without a crash (sooner or later) in threaded mode.
<br><br>Do any of you experience similar problems ? Is there a remedy or things i could try to find the cause ?<br><br><br>- usernames that can't (and should not be able to) login (username not present anymore in the mysql database, nor any passwd file) and get a "Login incorrect" most of the time, sometimes get through and get authenticated (!)...
<br>Its very strange behavior and i have been trying to find a cause for this. <br>At first i thought the culprit would be the equipment at the other side that did something wrong, <br>but apparently it receives explicitly a Login OK from our radius (togheter with profile info etc) as i see in the packetflow.
<br><br>I cannot find a single Login OK for these specific users in the debuginfo however, <br>only the login incorrects and acct records (see below). <br><br>rlm_chap: login attempt by "USERNAME1" with CHAP password
<br>
rlm_chap: Could not find clear text password for user USERNAME1<br>
Login incorrect (rlm_chap: Clear text password not available): [USERNAME1/<CHAP-Password>] (from clie<br>
nt adsl port xxxxxxx)<br><br>The mysql acct records do show traffic and alive records for these logins (a few) and a lot of Login Failures.<br>Is there an easy way to dig deeper into this problem and find the cause for these spooky logins that should not happen ?
<br>Any help or suggestions greatly appreciated, <br><br>Best regards, <br><br>Tom <br><br><br><br><br> <br><br><br> <br><br>