Robust Authentication Proxying

Ivan Kalik tnt at
Fri Jul 10 14:28:03 CEST 2009

> Yeah,that's what I'm doing.  The problem is that the retries are not
> being sent to a different home server (or any home server).  They are
> being dropped as retransmits because internally, freeradius is
> tracking that no reply was sent to them earlier.  I have tried
> treaking cleanup_delay to 0 or 1 to flush these out sooner, but it
> does not work -- they do not appear to be tracked the same way as
> normal responses.  Here are the debug messages from radiusd -X:
> rad_recv: Access-Request packet from host port 47163,
> id=155, length=59
> Ignoring retransmit from client SERVERS port 47163 - ID: 155, no reply
> was configured

Yes, length of that is controlled by response_window. Server will ignore
retransmits while waiting for response. If you shorten response_window
home server will be marked as zombie faster.

Ivan Kalik
Kalik Informatika ISP

More information about the Freeradius-Users mailing list