Stop alive requests in a dead realm
Alan DeKok
aland at deployingradius.com
Wed Jun 3 12:23:01 CEST 2009
Santiago Balaguer García wrote:
> I am using freeradius 2.1.3 for my AAA servers. I have a little problem
> when a third-patner RADIUS is dead. My problem is my freeradius send the
> following status packect every
> 2-5 seconds.
>
> Sending Access-Request of id 77 to 200.160.126.23 port 1812
> User-Name := ""
> User-Password := ""
> Service-Type := Authenticate-Only
> Message-Authenticator := 0x00000000000000000000000000000000
> NAS-Identifier := "Status Check. Are you alive?"
> Waking up in 1.0 seconds.
> Cleaning up request 3 ID 151 with timestamp +723
> Waking up in 2.9 seconds.
>
> I want to avoid this test because my partner tell me that I send too
> many trafic ('operator' is the realm name).
...
> realm operator {
> type = radius
> authhost = 200.160.126.23 :1812
> accthost = 200.160.126.23 :1813
> secret = my_secret
You should use the new syntax to define home servers.
Also, you may want to grab a recent copy of the source from
http://git.freeradius.org/pre/. It fixes a bug where it would send
Status-Server messages, even if "status_check = none".
Or, you can use the new syntax for home_servers to set "check_interval
= 120", which should cut down on the traffic a lot.
And if you want a stable RADIUS system, you *should* enable
status-server checks. It lets the proxy use the partners server as soon
as it's up, rather than trying it while it's still down.
Alan DeKok.
More information about the Freeradius-Users
mailing list