Issue with EAP authentication on packet loss
jm+freeradiususer at roth.lu
jm+freeradiususer at roth.lu
Wed Apr 25 11:09:24 CEST 2018
On 4/25/2018 10:55 AM, Arran Cudbard-Bell wrote:
> What's happening are there are internal timers that cleanup the session information (keyed off the State attribute), so when that retransmission comes in the session has already been cleared out.
>
> In v3.0.x the state tree cleanup time is main_config.max_request_time * 10.
I don't believe this applies here. max_request_time * 10 would be 300
seconds.
The second attempt from the NAS comes in after 15 seconds. So there's
plenty of time.
As I have shown, debugging output clearly throws away the session
instantly during the first response (which is getting lost).
BTW this is happening every now and then only. I don't think that's
abnormal, but it's not cool when reauthentications are being used and
users are disconnected for a few minutes until the NAS retries the a
completely new authentication.
More information about the Freeradius-Users
mailing list