Home servers constantly zombied, and I can't figure out how to fix it
Alan DeKok
aland at deployingradius.com
Mon Jul 19 23:02:40 CEST 2010
Adam Bultman wrote:
> OK, so some more updates:
> 1. I'm getting pseudo-duplicate packets from my NAS
>
> 2. The pseudo-duplicate packets are subtly different in that some items
> are missing - in my case, Calling-Station-Id.
Your NAS looks to be pretty broken. If it doesn't do retransmits, it
doesn't really implement RADIUS.
My $0.02 is to go fix the NAS. Ask the manufacturer why it doesn't
implement RADIUS. Ask them to implement the RFC 5080 retransmission
algorithm. It's not hard.
> 3. The "other side" tends to "zombie" on me with packets that don't
> contain the Calling-Station-Id
i.e. packet which aren't being retransmitted.
> 4. I'm attempting to control my detail file reader to ignore packets
> that don't have a Calling-Station-Id attribute, but I'm failing.
# in detail file reader "virtual server"
accounting {
if (Calling-Station-Id) {
# update proxies, etc.
}
else {
ok # tell the server the packet was dealt with OK
}
}
> First, in my detail file reader, I want to make it so that if certain
> attributes are in the packet, that I send it on it's way to the other
> servers. If they aren't there, I want to simply ignore that packet, and
> make it go away.
You need the "else ok" bit. Otherwise, the detail file reader assumes
that the packet *wasn't* handled, and retransmits it.
Alan DeKok.
More information about the Freeradius-Users
mailing list