reject_delay

[Gabriel Blanchard]

On 2010-07-13, at 9:02 AM, Ben Wiechman wrote:

> 
> Problem: misbehaving clients that are not valid making many, many repeated
> network entry attempts in quick succession. Receiving a repeat request from
> the client appears to be causing a "discarding duplicate request" entry in
> the logs. Is there a (simple...) way to identify if a response is being
> delayed and update the discarding dups log entry accordingly? 
> 

The solution to this is to implement it at the NAS level so that it doesn't hammer out your radius servers. I know Juniper supports it and we have it implemented. I just can't seem to find the documentation for it at the moment though...