freeradius 1.1.4 stops answering (why?)

Roberto S. G. roberto.santos at unileon.es
Fri May 25 11:29:07 CEST 2007 

hi,

I'm experiencing strange problems with a compiled freeradius 1.1.4 that
I have on a Reh Hat... I've used there other previous freeradius
versions without problem, but this one seems to maintain service for
just a couple of days, after which it stops authenticating. I had not
noticed this before, 'cause it was almost idle until now.
There's no strange error, even in "-X" mode.
Maybe it has something to be with connections to the ldap server...
freeradius makes connections to local stunnel ports, which then connects
to an Active Directory via ldaps (it has always run smoothly), but the
last configured freeradius ldap is a plain remote ldap connection just
in case stunnel stops running...
¿Maybe new FR versions has changes in the way it manages connections?.
The "Timed out while waiting for server to respond" error doesn't seem
to me correct, since a restart makes it dissapear, and I'd already risen
default values in radiusd.conf {ldap}:
                timeout = 60
                timelimit = 3
                net_timeout = 5
I just see in radius.log that there aren't more OK's (or KO's)...
I do not understand also the "Logout entry for NAS wireless-leon port 1
has wrong IDs" message... (I make no accounting).
[    I've tried also v1.1.6, but it's even worse: there're *much* more
"Logout entry for..." and "Error: rlm_ldap: ldap_search() failed: Timed
out..." and "Error: Discarding duplicate request..." logs, and others
related to NAS that didn't appear before; all with exactly the same conf
(which I compared line by line with 1.1.6 default one, without finding
new or deprecated attributes...), so I downgrade to 1.1.4 again...    ]
Any comment will be appreciated.
bye

extract from radius.log, for v1.1.4:

Wed May 23 13:16:05 2007 : Error: rlm_radutmp: Logout entry for NAS
wireless-leon port 1 has wrong ID
Wed May 23 13:16:31 2007 : Error: rlm_radutmp: Logout entry for NAS
wireless-leon port 1 has wrong ID
Wed May 23 13:20:34 2007 : Error: rlm_radutmp: Logout entry for NAS
wireless-leon port 1 has wrong ID
Wed May 23 14:07:36 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 170 due to unfinished request 141087
...
Wed May 23 14:08:08 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 172 due to unfinished request 141089
Wed May 23 14:08:34 2007 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.
Wed May 23 14:08:46 2007 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.
Wed May 23 14:08:58 2007 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.
Wed May 23 17:20:39 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 114 due to unfinished request 141090
...
Wed May 23 17:21:04 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 115 due to unfinished request 141091
Wed May 23 17:21:13 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 116 due to unfinished request 141092
Wed May 23 17:21:15 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 116 due to unfinished request 141092
Wed May 23 17:21:17 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 116 due to unfinished request 141092
Wed May 23 17:21:19 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 116 due to unfinished request 141092
Wed May 23 17:21:21 2007 : Error: Discarding duplicate request from
client wireless-leon:1025 - ID: 116 due to unfinished request 141092
Wed May 23 17:21:36 2007 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.
Wed May 23 17:21:54 2007 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.
Wed May 23 17:22:11 2007 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.

More information about the Freeradius-Users mailing list