Proxy listens to TCP home server on UDP port
Nikolai Kondrashov
Nikolai.Kondrashov at redhat.com
Fri Aug 1 17:16:50 CEST 2014
Hi everyone,
Red Hat QA has noticed that a FreeRADIUS v3.0.1 server set up to use TCP with a
home server still listens for replies on UDP. I couldn't find any requirements
for that in RFCs and I lack the necessary protocol knowledge to conclude if
this is a correct behavior. Could someone say if this is right or not?
Could this have been done to simplify handling of mixed-protocol server pools?
Some more details follow.
The default configuration was modified to use TCP everywhere. I.e. to
have default server listen for authentication and accounting on TCP, to have
inner-tunnel virtual server listen on TCP, and to have localhost home server
protocol specified as TCP. See attached patch for exact changes done.
After starting "radiusd -X" these are the last few lines printed:
Listening on auth proto tcp address * port 1812 as server default
Listening on acct proto tcp address * port 1813 as server default
Listening on auth proto tcp address 127.0.0.1 port 18120 as server inner-tunnel
Opening new proxy address * port 1814
Listening on proxy address * port 1814
And "lsof" outputs these lines for radiusd:
radiusd 2728 radiusd 3u IPv4 21180 0t0 TCP *:1812 (LISTEN)
radiusd 2728 radiusd 4u IPv4 21181 0t0 TCP *:1813 (LISTEN)
radiusd 2728 radiusd 5u IPv4 21182 0t0 TCP 127.0.0.1:18120 (LISTEN)
radiusd 2728 radiusd 6u IPv4 21183 0t0 UDP *:1814
The original bug reported by QA: https://bugzilla.redhat.com/show_bug.cgi?id=1115137
Thank you.
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tcp_conf.patch
Type: text/x-patch
Size: 1496 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140801/8d535806/attachment-0001.bin>
More information about the Freeradius-Users
mailing list