Robust Authentication Proxying
Ivan Kalik
tnt at kalik.net
Fri Jul 10 14:28:03 CEST 2009
> Yeah,that's what I'm doing. The problem is that the retries are not
> being sent to a different home server (or any home server). They are
> being dropped as retransmits because internally, freeradius is
> tracking that no reply was sent to them earlier. I have tried
> treaking cleanup_delay to 0 or 1 to flush these out sooner, but it
> does not work -- they do not appear to be tracked the same way as
> normal responses. Here are the debug messages from radiusd -X:
>
> rad_recv: Access-Request packet from host 127.0.0.1 port 47163,
> id=155, length=59
> Ignoring retransmit from client SERVERS port 47163 - ID: 155, no reply
> was configured
Yes, length of that is controlled by response_window. Server will ignore
retransmits while waiting for response. If you shorten response_window
home server will be marked as zombie faster.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list