Initial access requests getting dropped, successive requests succeed
a.cudbardb at freeradius.org
Fri Mar 31 17:35:14 CEST 2017
> On Mar 31, 2017, at 10:27 AM, Alan DeKok <aland at deployingradius.com> wrote:
> On Mar 31, 2017, at 10:01 AM, Jeremy Stretch via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>> As an isolated test, I have a Juniper switch configured to authenticate to
>> one of the FreeRADIUS servers, which in turn authenticates against one
>> backend LDAP server. When I try to log into the switch, tcpdump on the
>> RADIUS server confirms that it receives an Access-Request packet. I've
>> stopped the normal daemon and am running `freeradius -X` on the server, but
>> it prints only a single line in response to the Access-Request:
>> Ready to process requests.
>> It prints this same line each time a request is dropped.
> That means that the OS told FR there was a packet, but when it tried to read the packet, there was no RADIUS packet.
> If it was from an unknown client, it would print that. If it was a malformed packet, it would print that. So something else is going on.
It might be RPF causing the issue. I vaguely remember this being a symptom of that, but I could be incorrect.
Simple to check...
FreeRADIUS Core Developer
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Freeradius-Users