Query on UDP proxy socket using freeradius version 3.0.16

Alan DeKok aland at deployingradius.com
Fri Jun 16 12:45:03 UTC 2023

On Jun 16, 2023, at 8:35 AM, saurabha badhai <saurabha.badhai at gmail.com> wrote:
> I see UDP socket is bind to port 0 which means kernel will allocate the
> ephemeral port based on the available list.


> I am observing that the port is still in open state even though
> after request is served. It's listed in netstat -anp command after 2 days.
> There is no message served by that port for last 2 days.
> *netstat -anp* output
> udp        0      0*26307           **
>      19293/radiusd

  That's weird.  This is an OS issue.

  i.e. FreeRADIUS tells the OS "I'm giving you port 0, so that means _don't_ bind to port 0, but instead to some random high port".

  The OS should bind the socket to a random high port, and definitely not to port 0.

> Below is *ss -anp* output
> udp    UNCONN     0      0         *:26307                 *:*
>      users:(("radiusd",pid=19293,fd=26))
> Can anyone help to answer when this socket bind to port 26307 get closed or
> always in open state ? Problem here if suppose want to connect to 100
> different AAAs, then all socket will be in open state which may not correct.

  That port is used for outbound proxying.  If you want to close the port... just stop FreeRADIUS, or disable proxying.

 There is no problem here.  If you run multiple servers on the same machine, "bind to port 0" will work for all of them.  The OS will just pick different (and unused) ports for each one.

  Alan DeKok.

More information about the Freeradius-Devel mailing list