Thanks alan for help. But I haven't got it done now..still cannot let it get into post-proxy-fail section.
Below is my proxy.conf.
Because the scenario what I simulate is that external AAA might not be freeradius, so I set status_check to "none". Also, as alan mentioned, I set response_window and zombie_period to 5.
About my ./site-available/default config, I only show the part of post-proxy. You can find that in Post-Proxy-Type Fail section, I want to update a Tmp-String value. Then I can know it is proxy timeout so that I will write down a log in perl.
rad_recv: Access-Request packet from host 172.30.179.21 port 55342, id=27, length=79
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x3d63469358ade53b4181dc50a857762b
# Executing section authorize from file /opt/freeRADIUS/etc/raddb/sites-enabled/default
+- entering group authorize {...}
expand: %{client:Gateway-Type} -> ALU
++[control] returns notfound
rlm_perl: RAD_CONFIG: Tmp-String-8 = ALU
rlm_perl: Added pair User-Name = test@test
rlm_perl: Added pair User-Password = 123
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Message-Authenticator = 0x3d63469358ade53b4181dc50a857762b
rlm_perl: Added pair Tmp-String-8 = ALU
++[test_client_config] returns noop
++[preprocess] returns ok
[auth_log] expand: %{Packet-Src-IP-Address} -> 172.30.179.21
[auth_log] expand: /opt/freeRADIUS/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d -> /opt/freeRADIUS/var/log/radius/radacct/172.30.179.21/auth-detail-20140214
[auth_log] /opt/freeRADIUS/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /opt/freeRADIUS/var/log/radius/radacct/172.30.179.21/auth-detail-20140214
[auth_log] expand: %t -> Fri Feb 14 09:36:15 2014
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] Looking up realm "test" for User-Name = "test@test"
[suffix] Found realm "test"
[suffix] Adding Realm = "test"
[suffix] Proxying request from user test to realm test
[suffix] Preparing to proxy authentication request to realm "test"
++[suffix] returns updated
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
# Executing section pre-proxy from file /opt/freeRADIUS/etc/raddb/sites-enabled/default
+- entering group pre-proxy {...}
[attr_filter.pre-proxy] expand: %{Realm} -> test
attr_filter: Matched entry DEFAULT at line 50
++[attr_filter.pre-proxy] returns updated
Sending Access-Request of id 219 to 172.30.179.22 port 1812
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3237
Proxying request 0 to home server 172.30.179.22 port 1812
Sending Access-Request of id 219 to 172.30.179.22 port 1812
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3237
Going to the next request
Waking up in 0.9 seconds.
Waking up in 4.0 seconds.
Cleaning up request 0 ID 27 with timestamp +7
Marking home server 172.30.179.22 port 1812 as zombie (it looks like it is dead).
rad_recv: Access-Request packet from host 172.30.179.21 port 55342, id=27, length=79
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x3d63469358ade53b4181dc50a857762b
# Executing section authorize from file /opt/freeRADIUS/etc/raddb/sites-enabled/default
+- entering group authorize {...}
expand: %{client:Gateway-Type} -> ALU
++[control] returns notfound
rlm_perl: RAD_CONFIG: Tmp-String-8 = ALU
rlm_perl: Added pair User-Name = test@test
rlm_perl: Added pair User-Password = 123
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Message-Authenticator = 0x3d63469358ade53b4181dc50a857762b
rlm_perl: Added pair Tmp-String-8 = ALU
++[test_client_config] returns noop
++[preprocess] returns ok
[auth_log] expand: %{Packet-Src-IP-Address} -> 172.30.179.21
[auth_log] expand: /opt/freeRADIUS/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d -> /opt/freeRADIUS/var/log/radius/radacct/172.30.179.21/auth-detail-20140214
[auth_log] /opt/freeRADIUS/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /opt/freeRADIUS/var/log/radius/radacct/172.30.179.21/auth-detail-20140214
[auth_log] expand: %t -> Fri Feb 14 09:36:20 2014
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] Looking up realm "test" for User-Name = "test@test"
[suffix] Found realm "test"
[suffix] Adding Realm = "test"
[suffix] Proxying request from user test to realm test
[suffix] Preparing to proxy authentication request to realm "test"
++[suffix] returns updated
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
# Executing section pre-proxy from file /opt/freeRADIUS/etc/raddb/sites-enabled/default
+- entering group pre-proxy {...}
[attr_filter.pre-proxy] expand: %{Realm} -> test
attr_filter: Matched entry DEFAULT at line 50
++[attr_filter.pre-proxy] returns updated
Sending Access-Request of id 69 to 172.30.179.22 port 1812
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3237
Proxying request 1 to home server 172.30.179.22 port 1812
Sending Access-Request of id 69 to 172.30.179.22 port 1812
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3237
Going to the next request
Waking up in 0.9 seconds.
Waking up in 4.0 seconds.
Marking home server 172.30.179.22 port 1812 as dead.
Cleaning up request 1 ID 27 with timestamp +12
rad_recv: Access-Request packet from host 172.30.179.21 port 55342, id=27, length=79
User-Name = "test@test"
User-Password = "123"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x3d63469358ade53b4181dc50a857762b
# Executing section authorize from file /opt/freeRADIUS/etc/raddb/sites-enabled/default
+- entering group authorize {...}
expand: %{client:Gateway-Type} -> ALU
++[control] returns notfound
rlm_perl: RAD_CONFIG: Tmp-String-8 = ALU
rlm_perl: Added pair User-Name = test@test
rlm_perl: Added pair User-Password = 123
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Message-Authenticator = 0x3d63469358ade53b4181dc50a857762b
rlm_perl: Added pair Tmp-String-8 = ALU
++[test_client_config] returns noop
++[preprocess] returns ok
[auth_log] expand: %{Packet-Src-IP-Address} -> 172.30.179.21
[auth_log] expand: /opt/freeRADIUS/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d -> /opt/freeRADIUS/var/log/radius/radacct/172.30.179.21/auth-detail-20140214
[auth_log] /opt/freeRADIUS/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /opt/freeRADIUS/var/log/radius/radacct/172.30.179.21/auth-detail-20140214
[auth_log] expand: %t -> Fri Feb 14 09:36:25 2014
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] Looking up realm "test" for User-Name = "test@test"
[suffix] Found realm "test"
[suffix] Adding Realm = "test"
[suffix] Proxying request from user test to realm test
[suffix] Preparing to proxy authentication request to realm "test"
++[suffix] returns updated
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
ERROR: Failed to find live home server for realm test
There was no response configured: rejecting request 2
Using Post-Auth-Type REJECT
# Executing group from file /opt/freeRADIUS/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> test@test
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 2 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 2
Sending Access-Reject of id 27 to 172.30.179.21 port 55342
Waking up in 4.9 seconds.
Cleaning up request 2 ID 27 with timestamp +17
Waking up in 53.9 seconds.
Marking home server 172.30.179.22 port 1812 alive again... we have no idea if it really is alive or not.
Ready to process requests.