Fw: Discard duplicate requests if received within a specified period

Alan DeKok aland at deployingradius.com
Fri May 2 17:27:28 CEST 2008

rsg wrote:
> However, I'm actually talking about retransmissions. Please Refer to
> Accounting-Request IDs 142,134 and 236. They are retransmissions due
> to delay in response.

  Accounting packets are not re-transmitted.  The contents change, so
they get allocated a new Id.

> Auth process fails at the client end. Simply speaking, the client does
> not get the Framed-IP-Address.
> This occurs, when the (NAS <=> AAA) response delay exceeds ~5 seconds.

  Fix your NAS.  5 seconds SHOULD be an acceptable timeout for the NAS.

  If the NAS is on the same LAN as the RADIUS server, 5 seconds is *way*
too long for the RADIUS server to respond.

> So according to RFC 5080: Is this an example of  "Note that changing
> the Request ID for a retransmission may have undesirable side
> effects."   ?


> How could one tackle with this issue?
> As Ivan described could "NAS retransmit timer" be increased to handle
> delayed responses?

  Yes.  See your NAS documentation.

  Alan DeKok.

More information about the Freeradius-Users mailing list