Handling of duplicates in clients.conf
Alan DeKok
aland at deployingradius.com
Thu Mar 26 17:12:06 CET 2009
Garber, Neal wrote:
> I agree with you Alan that the server shouldn't just silently "work"
> with configuration errors. In the past, I've seen configuration errors
> preclude the server from starting. Is that still the case?
Yes.
> If so, then
> given the seriousness of the error, as described in your response below,
> perhaps the server should fail to start in this case as well.
Huh? It does.
>> No. Clients that are exact duplicates can be safely ignored.
> Clients
>> that are "similar" but not the same are conflicts. You may have
>> policies, logging, etc. that depend on the fields that are different.
>> Which one is chosen? One at random?
>>
>> Do you really want the server to work *accidentally*? And one day,
>> when something else changes, the server suddenly picks the *other*
>> client definition, and all of your policies, logs, etc. are different?
>
> I agree with you that conflicts are bad. I wasn't trying to suggest
> otherwise. However, the current approach (even in 2.1.4) displays 2
> error messages buried in the middle of hundreds of other startup
> messages.
Please show an example. Duplicates are WARNINGs. Errors cause the
server to not start.
Alan DeKok.
More information about the Freeradius-Users
mailing list