Version 2.0 is a lot closer to reality...
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Tue Apr 10 15:05:55 CEST 2007
Alan DeKok wrote:
> Alan DeKok wrote:
>
>> I've just committed massive changes to the server core. The "diff" is
>> about 3k lines, and doesn't include deleted or added files.
>>
>
> More code changes today:
>
> Multiple requests are proxied to a home server. If the home server is
> marked dead while the NAS is retransmitting the packets, the current
> code (1.x) keeps sending the retransmissions to the dead home server.
>
> In the CVS head, it now discovers that the home server is dead, and
> picks a live one from the appropriate server_pool. When coupled with
> the support for checking if a dead home server has come back to life,
> the server should be MUCH more robust in the event of home server failure.
>
> i.e. With the current code, many proxied requests can get rejected,
> even if there is a home server for the realm that is live. With the new
> code, all possible efforts are made to minimize the number of requests
> that get rejected.
>
> No other server can do better than this.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
attr_filter: Matched entry jrs at line 74
modcall[pre-proxy]: module "attr_filter.pre-proxy" returns updated for
request 13
radius_xlat: '/usr/local/freeradius/var/log//20070410/pre-proxy-detail'
rlm_detail: /usr/local/freeradius/var/log//%Y%m%d/pre-proxy-detail
expands to /usr/local/freeradius/var/log//20070410/pre-proxy-detail
radius_xlat: 'Tue Apr 10 14:06:34 2007'
modcall[pre-proxy]: module "pre_proxy_log" returns ok for request 13
modcall: group pre-proxy returns updated for request 13
Sending Access-Request of id 122 to 194.83.56.249 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Proxying request 13 to realm jrs, home server 194.83.56.249 port 1812
Sending Access-Request of id 122 to 194.83.56.249 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Going to the next request
Cleaning up request 9 ID 125 with timestamp +60
Cleaning up request 10 ID 126 with timestamp +61
Cleaning up request 11 ID 127 with timestamp +62
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 81.6.252.244 port 3341,
id=129, length=72
Sending duplicate proxied request to home server 194.83.56.249 port 1812
- ID: 122
Sending Access-Request of id 122 to 194.83.56.249 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Waking up in 1 seconds...
Cleaning up request 12 ID 128 with timestamp +63
Waking up in 15 seconds...
rad_recv: Access-Request packet from host 81.6.252.244 port 3341,
id=129, length=72
Sending duplicate proxied request to home server 194.83.56.249 port 1812
- ID: 122
Sending Access-Request of id 122 to 194.83.56.249 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Waking up in 13 seconds...
rad_recv: Access-Request packet from host 81.6.252.244 port 3341,
id=129, length=72
Sending duplicate proxied request to home server 194.83.56.249 port 1812
- ID: 122
Sending Access-Request of id 122 to 194.83.56.249 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Waking up in 10 seconds...
rad_recv: Access-Request packet from host 81.6.252.244 port 3341,
id=129, length=72
FAILURE: Home server 194.83.56.249 port 1812 is dead.
RETRY: Proxying request 13 to different home server 194.82.174.185 port 1812
Sending Access-Request of id 8 to 194.82.174.185 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Waking up in 7 seconds...
rad_recv: Access-Request packet from host 81.6.252.244 port 3341,
id=129, length=72
RETRY: Proxying request 13 to different home server 194.82.174.185 port 1812
Sending Access-Request of id 179 to 194.82.174.185 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 81.6.252.244 port 3341,
id=129, length=72
radiusd(24731) malloc: *** Deallocation of a pointer not malloced:
0x5d4e80; This could be a double free(), or free() called with the
middle of an allocated block; Try setting environment variable
MallocHelp to see tools to help debug
RETRY: Proxying request 13 to different home server 194.82.174.185 port 1812
Sending Access-Request of id 89 to 194.82.174.185 port 1812
Service-Type := Authenticate-Only
User-Name = "ac221 at brighton.ac.uk"
NAS-IP-Address = 139.184.8.1
Proxy-State = 0x313239
Waking up in 1 seconds...
Rejecting request 13 due to lack of any response from home server
194.82.174.185 port 1812
Sending Access-Reject of id 129 to 81.6.252.244 port 3341
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = "134"
Service-Type = Framed-User
Waking up in 4 seconds...
Cleaning up request 13 ID 129 with timestamp +65
radiusd(24731) malloc: *** Deallocation of a pointer not malloced:
0x5d4e80; This could be a double free(), or free() called with the
middle of an allocated block; Try setting environment variable
MallocHelp to see tools to help debug
Waking up in 24 seconds...
Didn't do that before :S
---
Arran
More information about the Freeradius-Users
mailing list