Marking proxy servers as zombie - odd behaviour
John Horne
john.horne at plymouth.ac.uk
Thu Jun 17 15:29:56 CEST 2010
On Thu, 2010-06-17 at 14:09 +0100, Alan Buxey wrote:
> Hi,
> > On Thu, Jun 17, 2010 at 11:26:37AM +0100, John Horne wrote:
> > > So what is being seen is that backend server 141.163.66.101 has sent an
> > > accept accept packet (to the local proxy server 195.250) and the log
> > > shows a user as having authenticated. About 10 seconds later, the server
> > > is marked as zombie, but tcpdump shows that a packet (access reject - we
> > > have status-server set up with an invalid userid, so the reject is
> > > correct) is received from that server.
> >
> > Can you paste the exact home_server settings you used? That might shed
> > some light...
>
> expected response time?
>
A few seconds at most.
> what are your timers? 5 seconds?
>
We are currently letting them default.
Running 'radiusd -XC' shows:
===========================================
home_server IAS {
ipaddr = ias.plymouth.ac.uk IP address [141.163.66.101]
port = 1812
type = "auth"
secret = xxxxxxxxx
response_window = 30
max_outstanding = 65536
zombie_period = 40
status_check = "request"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
username = xxxxxxx
password = xxxxxxx
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
===========================================
> whats the cleanup_delay for example?
>
max_request_time = 30
cleanup_delay = 5
max_requests = 262144
John.
--
John Horne, University of Plymouth, UK
Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001
More information about the Freeradius-Users
mailing list