Tracking request / response packets
Alan DeKok
aland at deployingradius.com
Mon Jul 7 11:27:07 UTC 2025
On Jul 7, 2025, at 7:16 AM, tach yon <tachyon at live.co.uk> wrote:
> Wondering please, does FreeRADIUS use only the packet identifier number to match request / response packets together?
Yes. That is mandated by RFC 2865, with updates in RFC 5080:
https://datatracker.ietf.org/doc/html/rfc5080#section-2.2.2
> Or a combination of things - to further decrease the likelihood of mixing up two packets with matching identifier numbers?
The server can't use a "combination of things", because the client only uses the packet Code and ID.
> If the server is busy, 256 concurrent packets doesn't feel like a lot. I wondered if it might use a combo of packet code + identifier, or something like that, to help keep track of which client a request came from.
If the client needs to send more than 256 packets to a server, it is supposed to open more source ports. See https://datatracker.ietf.org/doc/html/rfc2865#section-2.5
Alan DeKok.
More information about the Freeradius-Users
mailing list