No cleanup for abandoned EAP requests in radiusd
Alan DeKok
aland at deployingradius.com
Mon Jun 28 15:50:44 CEST 2010
Kunal Solanki wrote:
> Thanks for replying Alan,
> I have found the issue in my case, I was using external LDAP with
> radius and if LDAP is down then for the same EAP requests multiple
> authentication sessions were getting created. And as the cleanup of eap
> requests is plugged in processing of a reply message, this makes the
> cleanup happen only when a successful EAP request goes through.
No... the cleanup *also* happens when a new request comes in. But it
takes 60s to expire old sessions. See raddb/eap.conf, "timer_expire".
> I am thinking to put a cleanup in session creation path also which
> cleans very old sessions( double of usual timer limit 20 seconds. So I
> guess this will not impact any ongoing EAP request(not making to go to
> "no state variable" state for EAP request, an early delete of an
> handler).
No... just change the timer_expire to be less.
Alan DeKok.
More information about the Freeradius-Devel
mailing list