Difference between Received conflicting packet and Ignoring duplicate packet
norbert.kunth at now-it.de
norbert.kunth at now-it.de
Thu Nov 3 13:56:06 UTC 2022
Hi Freeradius-Users,
we recently updated from 2.1.1 to 3.0.25 (we use still 3.0.25 because it
is build in our SLES distribution).
Freeradius uses LDAP to check users. If many users login at a time we see
some error messages.
To track this down we installed an internal test system that can send a
lot of requests to the radius server (with radtest).
We do see some problems, but the messages (and the behavior) are not the
same.
If we fire 60 requests in a short time from the test system to the
servers, the server loggs:
Thu Nov 3 13:35:11 2022 : Error: (159) Ignoring duplicate packet from
client test port 46673 - ID: 65 due to unfinished request in component
<core> module <queue>
This seems not very bad: every user is still accepted via LDAP
But in real the message is different:
Thu Nov 3 00:59:25 2022 : Error: Received conflicting packet from client
nas port 40634 - ID: 90 due to unfinished request in module ldap. Giving
up on old request.
Thu Nov 3 00:59:25 2022 : WARNING: (338542) WARNING: Module rlm_ldap
became unblocked
Thu Nov 3 00:59:25 2022 : Auth: (338542) Invalid user: [user024] (from
client nas port 0)
We think, we have a timing issue with our LDAP. But why is the log message
so different?
Best regards
Norbert
--
More information about the Freeradius-Users
mailing list