Marking proxy servers as zombie - odd behaviour

John Horne john.horne at plymouth.ac.uk
Thu Jun 17 15:29:56 CEST 2010


On Thu, 2010-06-17 at 14:09 +0100, Alan Buxey wrote:
> Hi,
> > On Thu, Jun 17, 2010 at 11:26:37AM +0100, John Horne wrote:
> > > So what is being seen is that backend server 141.163.66.101 has sent an
> > > accept accept packet (to the local proxy server 195.250) and the log
> > > shows a user as having authenticated. About 10 seconds later, the server
> > > is marked as zombie, but tcpdump shows that a packet (access reject - we
> > > have status-server set up with an invalid userid, so the reject is
> > > correct) is received from that server.
> > 
> > Can you paste the exact home_server settings you used? That might shed
> > some light...
> 
> expected response time?
>
A few seconds at most.

>  what are your timers?  5 seconds?
>
We are currently letting them default.

Running 'radiusd -XC' shows:

===========================================
home_server IAS {
        ipaddr = ias.plymouth.ac.uk IP address [141.163.66.101]
        port = 1812
        type = "auth"
        secret = xxxxxxxxx
        response_window = 30
        max_outstanding = 65536
        zombie_period = 40
        status_check = "request"
        ping_interval = 30
        check_interval = 30
        num_answers_to_alive = 3
        num_pings_to_alive = 3
        revive_interval = 300
        status_check_timeout = 4
        username = xxxxxxx
        password = xxxxxxx
        irt = 2
        mrt = 16
        mrc = 5
        mrd = 30
 }
===========================================

>  whats the cleanup_delay for example?
> 
max_request_time = 30
cleanup_delay = 5
max_requests = 262144




John.

-- 
John Horne, University of Plymouth, UK
Tel: +44 (0)1752 587287    Fax: +44 (0)1752 587001




More information about the Freeradius-Users mailing list