Problem with proxying accounting packets on FR 2.1.3

Wed Sep 23 11:40:58 CEST 2009

Hi all,

I hope I can explain this clearly and concisely :)

I have 2 freeradius servers:

Primary:   freeradius 1.1.6 (I know, its old, busy trying to get issues 
resolved so that I can update...)
Secondary: freeradius 2.1.3

I have radrelay proxying accounting packets from the primary to the 
secondary which appears to be working fine.

I am trying to get the secondary to proxy accounting requests to the 
primary as well, but there seems to be some trouble.
It *appears* that the secondary is receiving proxy updates from the 
primary, applying them, and then proxying them back to the primary.

I eventually noticed that the secondary is not adding the 
Client-IP-Address to incoming requests (I found the posts in the archive 
mentioning that this is normal and is no longer done in FR2). So I 
suspect the primary is sending the update to the secondary, the 
secondary is applying it and sending it back instead of stopping there.

My question is: How do I get the secondary to realize it must not send 
the proxied request back again.

I include my secondary config in case ive munged it somewhere. Any 
pointers would be very much appreciated!

Freeradius 2.1.3

radiusd.conf
------------

proxy_requests  = yes
$INCLUDE proxy.conf

proxy.conf
----------

proxy server {
        default_fallback = no
}

home_server copy-acct-to-home-server {
        type = acct
        ipaddr = ip_of_primary_server
        port = 1813
        secret = shared_secret
        response_window = 20
        zombie_period = 40
        revive_interval = 120
}

home_server_pool my_acct_failover {
        home_server = copy-acct-to-home-server
}

realm DEFAULT {
        acct_pool       = my_acct_failover
        nostrip
}

sites-enabled/default
---------------------

authorize {
        preprocess
        files
        exec-radauth # custom authorization...
}

authenticate {
}

preacct {
        preprocess
        acct_unique
}

accounting {
        detail
        detail-radrelay
        sql
}

pre-proxy {
}

post-proxy {
}

sites-enabled/copy-acct-to-home-server
--------------------------------------

server copy-acct-to-home-server {
        listen {
                type = detail
                filename = ${radacctdir}/detail-combined
                load_factor = 10
        }

        preacct {
                suffix
        }

        accounting {
                   ok
        }

I have tried include all relevant info but please advise if anything 
further is required.

Many many thanks as always
Patric