"Time-out" Problem with Huntgroups in conjunction with MYSQL Backend
thomas at buddybase.at
thomas at buddybase.at
Thu Jul 19 15:38:54 CEST 2007
Hello FR users,
I am running FreeRadius 1.1.3 together with MySQL 5.0.27
I use huntgroups to allow access to specific devices only to certain users
belonging to a certain group (I use huntgroups since "I" didnt find a way
to do it via MySQL)
I have the following issue:
When for a longer period (e.g. over night) no one logs into one of the
devices (so the radius server sits idle), it happens that the first time in
the morning someone tries to login he fails because FR rejects the Request
with "invalid user" - only after 3 or 4 tries the login-attempt is
successfull
The reason seems to be, that after such a "long" dormant period, when the
first RADIUS-request(s) arrive, FR has to re-connect to the MySQL DB to
query the user's group-membership
Since this re-connect takes "too long" the query returns "Not found" and
the user is rejected as "unknown"
Here is what you see in the radius.log file:
Tue Jul 17 08:05:16 2007 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #9
Tue Jul 17 08:05:16 2007 : Error: rlm_sql (sql): failed after re-connect
Tue Jul 17 08:05:16 2007 : Auth: No huntgroup access: [xxx] (from client
ATWRE22e7601 port 1 cli 10.0.0.31)
Tue Jul 17 08:05:16 2007 : Auth: Invalid user: [xxx] (from client
ATWRE22e7601 port 1 cli 10.0.0.31)
Tue Jul 17 08:05:25 2007 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #8
Tue Jul 17 08:05:25 2007 : Error: rlm_sql (sql): failed after re-connect
Tue Jul 17 08:05:25 2007 : Auth: No huntgroup access: [xxx] (from client
ATWRE22e7601 port 0)
Tue Jul 17 08:05:25 2007 : Auth: Invalid user: [xxx] (from client
ATWRE22e7601 port 0)
Tue Jul 17 08:05:38 2007 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #7
Tue Jul 17 08:05:38 2007 : Error: rlm_sql (sql): failed after re-connect
Tue Jul 17 08:05:38 2007 : Auth: No huntgroup access: [xxx] (from client
ATWRE22e7601 port 0)
Tue Jul 17 08:05:38 2007 : Auth: Invalid user: [xxx] (from client
ATWRE22e7601 port 0)
Tue Jul 17 08:06:00 2007 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #6
Tue Jul 17 08:06:00 2007 : Auth: Login OK: [xxx] (from client ATWRE22b7201
port 2 cli 10.0.0.31)
Hope the logfile is sufficient, otherwise I would have to let FR run in
debug-mode over night....
The funny thing is, that this problem doesn't occure when all entries in
the huntgroups file are "commented out"
So my question is, is there a config parameter to tell FR to "wait" a bit
longer in the preprocess module (I assume) for the MYSQL query to deliver
its answer?
thanks alot
regards
thomas pudil
More information about the Freeradius-Users
mailing list