Duplicate Radius Accounting
Alan DeKok
aland at deployingradius.com
Mon Aug 6 15:19:52 CEST 2012
Christopher Manigan wrote:
> In my logs I see many entries like the following:
>
> Info: WARNING: Child is hung for request 51651 in component <core> module <queue>.3
> Error: Dropping request (2049 is too many): from client myhost.mysite port 32869 - ID: 239
Something is blocking the server. This is usually a slow database.
> In the last ~10 hours, the status server reports the following for accounting:
>
> Responses 0
> Duplicate 954442
> Malformed 115045
> Invalid 564029
That is *terrible*. Zero responses? It indicates a catastrophic
failure in the system.
And *malformed* packets? Something is sending NON RADIUS packets to
the RADIUS port. Go fix that.
And "invalid" packets? Something is sending non-accounting packets to
the accounting port.
> Dropped 0
> Unknown 0
>
> Radius will hang and start to time out and eventually die. It looks like the duplicate count gets extremely high very quickly. Could it be the NAS that are pointing to it? Or could it be my radius configs somehow causing this? I am not really sure how to prove it out or troubleshoot. I can increase the max requests but I don't think that is the right solution.
Your RADIUS system is horribly slow, and isn't finishing any requests.
Go fix that. The default configuration *works*.
And your NAS is broken. Something is very, very, wrong in your
network. Find out what it is. Ensure that only RADIUS accounting
packets go to the RADIUS accounting port.
Alan DeKok.
More information about the Freeradius-Users
mailing list