fr3 socket max_connections

Alan DeKok aland at deployingradius.com
Fri Nov 22 15:59:30 CET 2013


Polish wrote:
> 1) debug messages in logs without -x option
> "/etc/init.d/freeradius start" on debian wheezy
> 
> in logs I see:
> 0) Fri Nov 22 10:20:09 2013 : Debug:     TLS_accept: before/accept
> initialization
> (0) Fri Nov 22 10:20:09 2013 : Debug:     TLS_accept: SSLv3 read client
> hello A

  There's nothing special about those debug messages, or about the
request which initiates TLS.  It should be producing messages *only*
when the debug flag is non-zero.

> 19 rows for every tls connection, so in default (idle_timeout) every 30
> seconds.

  That's a different issue.  You have idle_timeout set to 30s, so
FreeRADIUS closes the socket.  However, the client is configured to keep
the socket open.  So it immediately re-opens the socket.

  One short-term work-around is to set idle_timeout to zero.  Or,
configure the client to not immediately re-open the connection.

> 2) invoking "/etc/init.d/freeradius restart" always fail if site tls is
> enabled

  I just pushed a fix for that.

  Alan DeKok.


More information about the Freeradius-Users mailing list