Query on UDP proxy socket using freeradius version 3.0.16

saurabha badhai saurabha.badhai at gmail.com
Fri Jun 16 17:40:18 UTC 2023

It's like

 freeradius <-> loadbalancer <-> AAA

Based on proxy udp src port load balancer map the request to a AAA, so if a
src port is mapped to AAA1 for few initial access request and
access-challenge before accept, if next request get proxied with a new src
port then load balancer sends to a different AAA, may be AAA2 which reject

Because of freeradius udp port change request get rejected.

That's why I asked this query ita related to freeradius.


On Fri, 16 Jun 2023, 22:39 Alan DeKok, <aland at deployingradius.com> wrote:

> On Jun 16, 2023, at 12:58 PM, saurabha badhai <saurabha.badhai at gmail.com>
> wrote:
> >
> > Yes customer deployed load balancer based on the source port map to
> > specific AAA server,
>   So you're asking if someone else's load balancer is working properly?
>   This isn't a FreeRADIUS issue.
> > Observed source port change for an ongoing
> > authentication session, access-request is initiated from a different port
> > after few access-challenges causing the load balancer to send the request
> > to a different AAA  and then get rejected.
> >
> > Is this behavior proper and expected, source port change for an ongoing
> > authentication session ?
>   It's allowed by the specifications.
>   And again... why not ask this question *first*?  Why spend all kinds of
> time asking useless and irrelevant questions?  That is not productive.
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/devel.html

More information about the Freeradius-Devel mailing list