Proxy listens to TCP home server on UDP port

[Nikolai Kondrashov]

Hi everyone,

Red Hat QA has noticed that a FreeRADIUS v3.0.1 server set up to use TCP with a
home server still listens for replies on UDP. I couldn't find any requirements
for that in RFCs and I lack the necessary protocol knowledge to conclude if
this is a correct behavior. Could someone say if this is right or not?

Could this have been done to simplify handling of mixed-protocol server pools?

Some more details follow.

The default configuration was modified to use TCP everywhere. I.e. to
have default server listen for authentication and accounting on TCP, to have
inner-tunnel virtual server listen on TCP, and to have localhost home server
protocol specified as TCP. See attached patch for exact changes done.

After starting "radiusd -X" these are the last few lines printed:

     Listening on auth proto tcp address * port 1812 as server default
     Listening on acct proto tcp address * port 1813 as server default
     Listening on auth proto tcp address 127.0.0.1 port 18120 as server inner-tunnel
     Opening new proxy address * port 1814
     Listening on proxy address * port 1814

And "lsof" outputs these lines for radiusd:

     radiusd   2728  radiusd    3u  IPv4  21180      0t0  TCP *:1812 (LISTEN)
     radiusd   2728  radiusd    4u  IPv4  21181      0t0  TCP *:1813 (LISTEN)
     radiusd   2728  radiusd    5u  IPv4  21182      0t0  TCP 127.0.0.1:18120 (LISTEN)
     radiusd   2728  radiusd    6u  IPv4  21183      0t0  UDP *:1814

The original bug reported by QA: https://bugzilla.redhat.com/show_bug.cgi?id=1115137

Thank you.

Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tcp_conf.patch
Type: text/x-patch
Size: 1496 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140801/8d535806/attachment-0001.bin>