fr3 socket max_connections
Polish
pavel.polacek at ujep.cz
Thu Nov 21 16:59:12 CET 2013
Hello,
On Wed, 20 Nov 2013, Alan DeKok wrote:
> Polish wrote:
>> I set up radsec (tls site) in FR3. On start works well, but after
>> a while (20-30 minutes) I see following in logs:
>> Info: Ignoring new connection due to client max_connections (16)
>
> Do you have idle timeouts and connection lifetimes set?
Yes
>
>> and FR3 rejects new incoming tls radsec connections.
>>
>> Ok, I set up client max_connetions = 0 and now after while I get:
>> Info: Ignoring new connection due to socket max_connections
>>
>> Often I see in logs reconnection:
>> Info: ... closing socket auth from client (195.113.18
>> 7.22, 56256) -> (*, 2083, virtual-server=default)
>> Info: ... adding new socket auth from client (195.113
>> .187.22, 53889) -> (*, 2083, virtual-server=default)
>>
>> I watch at netstat -t and get max 3 connections to port 2083:
>> one in ESTABLISHED state and two in TIME_WAIT state.
>>
>> Client is radiator.
>>
>> What should I set up?
>
> Please try the v3.0.x branch from github.com. I've pushed some fixes
> which should help.
>
> Alan DeKok.
>
You are rigth, git version works well.
Is possible suppress following logs records? I mean that all debuging
options are turned off. :
(0) Thu Nov 21 16:38:23 2013 : Debug: Requiring client certificate
(0) Thu Nov 21 16:38:23 2013 : Debug: Initiate
(0) Thu Nov 21 16:38:23 2013 : Debug: (other): before/accept
initialization
(0) Thu Nov 21 16:38:23 2013 : Debug: TLS_accept: before/accept
initialization
(0) Thu Nov 21 16:38:23 2013 : Debug: TLS_accept: SSLv3 read client
hello A
(0) Thu Nov 21 16:38:23 2013 : Debug: TLS_accept: SSLv3 write server
hello A
(0) Thu Nov 21 16:38:23 2013 : Debug: TLS_accept: SSLv3 write
certificate A
(0) Thu Nov 21 16:38:23 2013 : Debug: TLS_accept: SSLv3 write key
exchange A
(0) Thu Nov 21 16:38:23 2013 : Debug: TLS_accept: SSLv3 write
certificate request A
Thank you Pavel Polacek
More information about the Freeradius-Users
mailing list