Freeradius Proxy

[Alan DeKok]

On Jan 23, 2025, at 5:49 AM, Tharka Karunanayake <tharkak at nvision.lk> wrote:
> I have setup a freeradius proxy server and proxied my radius requests to two different freeradius servers. everything is working fine except for this error,
> 
> Thu Jan 23 16:01:08 2025 : Proxy: Marking home server 3.147.84.26 port 1813 as zombie (it has not responded in 30.000000 seconds).

  That's pretty clear.

> My two servers are keep getting zombie and alive. But all the requests getting back to my two servers. How to resolve this issue?

  No.  The replies aren't making it back.  The home server is either going down, or is being very very slow for 30+ seconds at a time.

> These are the things I have tried so far,
> 
> 1. add a custom radius reply to my accounting handling perl script
> $RAD_REPLY{'Acct-Status-Type'} = 'Interim-Update'; ------- did not work
> $RAD_REPLY{'Reply-Message'} = 'accounting received'; ---------did not work

  Adding attributes to a reply won't help, when the reply isn't being sent.

> 2. add a reply from sites-enabled/default
> 3. tried to reduce/remove attributes for proxy.conf for accounting related home_servers

  You can't fix a slow home server by poking the proxy.

  Look at the logs on the home server.  I guarantee you that the logs will be FULL of messages complaining about unresponsive child / blocked in module / etc.

  If you're running a Perl script on the home server ... why?  The server doesn't need to run Perl.  The *only* reason to use a Perl script is to interact with some weird external API, and the only available libraries which support that are in Perl.

  Alan DeKok.