NAS re-uses the same port and ID

Konstantin Chekushin koch2 at inbox.lv
Wed Jul 13 11:14:22 CEST 2011 

 Yes, but we just have got the problem, so, the source of the problem
 may be in other place...
  I've look through the sniffer file and found, this strange sequence:
 ...
  31:05 access-request (port 65025, id 229) (Authenticator1)
  31:10 access-accept (port 65025, id 229)
  31:10 access-request (port 65025, id 229) (Authenticator2)
  31:14 access-request (port 65025, id 229) (Authenticator2)
  31:20 access-request (port 65025, id 229) (Authenticator2)
  31:26 access-accept (port 65025, id 229)
  31:26 access-request (port 65025, id 229) (Authenticator3)
  ...
  I'm not sure, but it seems to me, that some of this requests in 
 radius.log file were marked as duplicated ("Discarding duplicate
 request  from client..."), and some - as a conflicting. ("Received
 conflicting  packet from client...")
  ...
  Jul 12 14:31:10 radius1 radiusd[8647]: Discarding duplicate request
 from  client fl2 port 65025 - ID: 229 due to unfinished request 6545
  Jul 12 14:31:16 radius1 radiusd[8647]: Discarding duplicate request
 from  client fl2 port 65025 - ID: 229 due to unfinished request 6545
  Jul 12 14:31:21 radius1 radiusd[8647]: Received conflicting packet
 from  client fl2 port 65025 - ID: 229 due to unfinished request 6545.
  Giving  up on old request.
  Jul 12 14:31:22 radius1 radiusd[8647]: Dropping request (2049 is too
 many): from client fl1 port 65025 - ID: 229
  Jul 12 14:31:25 radius1 radiusd[8647]: Discarding duplicate request
 from  client fl2 port 65025 - ID: 229 due to unfinished request 8342
  Jul 12 14:31:26 radius1 radiusd[8647]: Dropping request (2049 is too
 many): from client fl1 port 65025 - ID: 229
  ...
 and so on...
  Citējot *Fajar A. Nugraha <list at fajar.net> [1]*:
> On Wed, Jul 13, 2011 at 1:54 PM, Konstantin Chekushin
> <koch2 at inbox.lv> wrote:
>  > Hi all! I've found, that  our NAS-server sometimes (when it
> restarts and
>  > there are many auth. packets comes to the radius-server)
> re-uses port and ID
>  > in a < 1 second period. (information from tcpdump) That
> causes " conflicting
>  > packet from client". I think, that the NAS works wrong (it
> must wait a
>  > little bit more, then 1 sec. to re-use the port+ID), that's
> why I wont to
>  > find some documentation about it for a bug-report.
>  > Thanks a lot.
> 
>  Are you sure the NAS reuse port number? Isn't it a duplicate
> packet?
> 
>  --
>  Fajar
> 
>  -
>  List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
 

Links:
------
[1] mailto:list at fajar.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110713/9f9039b4/attachment.html>

More information about the Freeradius-Users mailing list