Malformed RADIUS packet from host

rsg ranil.santhish at gmail.com
Thu May 29 12:00:56 CEST 2008


Hi,

Thanks Alan for your response. The reasoning you provided could be
very likely the situation.

The objective in my case is simply to send selected set of AVPs like
Acct-Session-Id and Framed-IP-Address to the home server.

I need to achieve two things.

1) Need to satisfy successful delivery of Accounting-Request to the home server.

2) This Accounting transaction has to be transparent to the
Client(NAS). (With the general Proxy setup this is quite difficult
achieve and I see Duplicate requests originated from NAS for
incomplete transactions.

Explanation of the problem:

Rep. of my archi:

NAS ---- FreeRADIUS Proxy(192.168.0.107) ---- WAP gateway(Home
Server-192.168.1.6)


--../radius.log...on Proxy(192.168.0.107)
----------------------------
Thu May 29 11:33:14 2008 : Error: WARNING: Malformed RADIUS packet
from host 192.168.1.6: too short (received 10 < minimum 20)

Thu May 29 11:33:16 2008 : Error: Discarding duplicate request from
client NAS port 1813 - ID: 140 due to unfinished request 32
Thu May 29 11:33:20 2008 : Error: Discarding duplicate request from
client NAS port 1813 - ID: 140 due to unfinished request 32
-----------------------------

Here when the proxy receives a malformed packet from the home
server..Accounting transaction is unfinished thus the NAS retries with
duplicate requests. That's why I want to make the Proxying of
Accounting transparent to the NAS.

Would it be possible to achieve these with the proxy configuration?
Theoretically it may not sound sensible, however I would like to have
your expert opinion on this.


Thanks,
srg.







On Wed, May 28, 2008 at 7:03 PM, Alan DeKok <aland at deployingradius.com> wrote:
> rsg wrote:
>> I see malformed packets received by the Proxy. The same client when
>> used with xtradius (+ an external perl script) to simply forward the
>> accounting request to the wap gateway it works well.
>
>  I have a hard time seeing how changing the proxy can change the
> packets sent by the client.
>
>  My guess (I am biased) is that xtradius just ignores the malformed
> packets, and doesn't print an error.
>
>> Could you explain me the possible causes for this situation please?
>> Any areas I have overlooked when configuring FreeRADIUS
>> proxy(indicated below)?
>
>  There is nothing you can configure in FreeRADIUS to change the size of
> the packets sent by a client.
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
>



More information about the Freeradius-Devel mailing list