fr3 socket max_connections
Alan DeKok
aland at deployingradius.com
Fri Nov 22 15:59:30 CET 2013
Polish wrote:
> 1) debug messages in logs without -x option
> "/etc/init.d/freeradius start" on debian wheezy
>
> in logs I see:
> 0) Fri Nov 22 10:20:09 2013 : Debug: TLS_accept: before/accept
> initialization
> (0) Fri Nov 22 10:20:09 2013 : Debug: TLS_accept: SSLv3 read client
> hello A
There's nothing special about those debug messages, or about the
request which initiates TLS. It should be producing messages *only*
when the debug flag is non-zero.
> 19 rows for every tls connection, so in default (idle_timeout) every 30
> seconds.
That's a different issue. You have idle_timeout set to 30s, so
FreeRADIUS closes the socket. However, the client is configured to keep
the socket open. So it immediately re-opens the socket.
One short-term work-around is to set idle_timeout to zero. Or,
configure the client to not immediately re-open the connection.
> 2) invoking "/etc/init.d/freeradius restart" always fail if site tls is
> enabled
I just pushed a fix for that.
Alan DeKok.
More information about the Freeradius-Users
mailing list