Ignoring duplicate packet from client
Igor Smitran
sigor at blic.net
Sat Nov 2 22:59:06 UTC 2024
On 7.9.2024. 20:24, Alan DeKok wrote:
> The SQL database is slow. Fix the database.
>
> No amount of poking FreeRADIUS will fix the database.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? Seehttp://www.freeradius.org/list/users.html
While Alan rightly noted that the issue is likely due to a slow
database, there’s also a chance that the NAS may be sending duplicate
packets. I saw this firsthand at my previous job, where we had a Cisco
ASR 9K series that sent three authorization packets in rapid
succession—each less than a millisecond apart and with the same hash.
This was clearly a bug in Cisco IOS, but the result was a log entry
saying 'Error: Discarding duplicate request from client...'.
If possible, try running |tcpdump| to capture traffic during these
errors. This should help reveal if the same issue is occurring in your
setup. The most precise method would be to capture all packets on the
switch connected to the NAS or on the firewall if the RADIUS server and
NAS communicate through one.
Good luck!
More information about the Freeradius-Users
mailing list