Stop alive requests in a dead realm

Alan DeKok aland at deployingradius.com
Wed Jun 3 12:23:01 CEST 2009


Santiago Balaguer García wrote:
> I am using freeradius 2.1.3 for my AAA servers. I have a little problem
> when a third-patner RADIUS is dead. My problem is my freeradius send the
> following status packect every
> 2-5 seconds.
>  
> Sending Access-Request of id 77 to 200.160.126.23 port 1812
>         User-Name := ""
>         User-Password := ""
>         Service-Type := Authenticate-Only
>         Message-Authenticator := 0x00000000000000000000000000000000
>         NAS-Identifier := "Status Check. Are you alive?"
> Waking up in 1.0 seconds.
> Cleaning up request 3 ID 151 with timestamp +723
> Waking up in 2.9 seconds.
> 
> I want to avoid this test because my partner tell me that I send too
> many trafic ('operator' is the realm name).
...
> realm operator {
>         type            = radius
>         authhost        = 200.160.126.23 :1812
>         accthost        = 200.160.126.23 :1813
>         secret          = my_secret

  You should use the new syntax to define home servers.

  Also, you may want to grab a recent copy of the source from
http://git.freeradius.org/pre/.  It fixes a bug where it would send
Status-Server messages, even if "status_check = none".

  Or, you can use the new syntax for home_servers to set "check_interval
= 120", which should cut down on the traffic a lot.

  And if you want a stable RADIUS system, you *should* enable
status-server checks.  It lets the proxy use the partners server as soon
as it's up, rather than trying it while it's still down.

  Alan DeKok.



More information about the Freeradius-Users mailing list