(RADIATOR) insert errors
Hugh Irvine
hugh at open.com.au
Thu Oct 18 19:15:55 CDT 2001
Salut Jerome -
Merci pour ca!
I have copied Mike on this mail and he will consider the patch for inclusion
in the next release.
A+
Hugues
On Thursday 18 October 2001 20:00, Jerome Fleury wrote:
> --On Tuesday, October 16, 2001 09:57:17 AM +0200 Jesús M Díaz
>
> <jesus.diaz at telia-iberia.com> wrote:
> > Hello,
> >
> > i had the same problem too, but whit the pair 'nas-identifier/nas-port'.
> > i could solve it changing the AddQuery sentence at 'session sql' clause
> > from 'insert into ...' to 'replace into ...'.
> >
> > the problem, as i could see, is when due an error or any other reason,
> > Radiator keeps a session entry but that sessions is not real yet.
> >
> > regards
>
> I don't really know if your problem is related to mine, but in our
> configuration (big ISP, about 80 requests/s) we had a lot of duplicates. To
> avoid this we patched Radiator to handle "real" duplicates.
>
> For that, we match packets not only on packet ID, but on NAS IP and UDP
> port Number (because some hosts like Lucent TNT have multiple ID space on
> different port numbers). The patch is working perfectly.
> Maybe this patch could be integrated into official release ?
>
> Here it is for Radiator 2.18.4:
>
> ----------------------8X cut here 8X--------------------------
> *** Radius/Client.pm.old Wed Oct 3 15:28:46 2001
> --- Radius/Client.pm Wed Oct 3 15:27:55 2001
> ***************
> *** 6,21 ****
> # Name the host name the Client was created with
> # Host Packed host address of the client
> #
> # In order to detect duplicate arrivals, we keep an array
> ! # of arrivals ($self->{RecentIdentifiers})indexed by the Radius packet
> ! # identifier (8 bits), concatenated with the packet type code.
> # (The packet code is used because some NASs use different packet
> # sequences for different request types)
> # The value stored in each element of the array is the time
> ! # we last received
> ! # a packet with that identifier from this client.
> ! # If the time interval is
> ! # less than DupInterval, the packet is assumed to be
> # duplicate, and is ignored
> #
> # Author: Mike McCauley (mikem at open.com.au)
> --- 6,23 ----
> # Name the host name the Client was created with
> # Host Packed host address of the client
> #
> + # Patch by b.grange at libertysurf.fr (the old code did not use the IP
> address):
> # In order to detect duplicate arrivals, we keep an array
> ! # of arrivals ($self->{RecentIdentifiers})indexed by
> ! # the IP address of the host that sent the request,
> ! # the UDP port number (some hosts like Lucent TNT have multiple ID space
> ! # on different port numbers), the Radius packet identifier (8 bits),
> ! # concatenated with the packet type code.
> # (The packet code is used because some NASs use different packet
> # sequences for different request types)
> # The value stored in each element of the array is the time
> ! # we last received a packet with that identifier from this client.
> ! # If the time interval is less than DupInterval, the packet is assumed to
> be
> # duplicate, and is ignored
> #
> # Author: Mike McCauley (mikem at open.com.au)
> ***************
> *** 307,313 ****
> # accounting where the Acct-Delay-Time has changed, because
> # the identifier will also have changed. Gag.
> if (!$self->{NoIgnoreDuplicates}{$code}
> ! && $self->{RecentIdentifiers}->{$nas_id . $code}[$p->identifier]
>
> > ($p->{RecvTime} - $self->{DupInterval}))
>
> {
> if (!$is_reboot)
> --- 309,315 ----
> # accounting where the Acct-Delay-Time has changed, because
> # the identifier will also have changed. Gag.
> if (!$self->{NoIgnoreDuplicates}{$code}
> ! && $self->{RecentIdentifiers}->{$p->{RecvFrom} . $code}[$p->identifier]
>
> > ($p->{RecvTime} - $self->{DupInterval}))
>
> {
> if (!$is_reboot)
> ***************
> *** 314,320 ****
> {
> # Its a duplicate, log it and ignore it
> my $id = $p->identifier;
> ! &main::log($main::LOG_INFO, "Duplicate request id $id received from
> $nas_id: ignored");
> $self->{Statistics}{radiusServDupAccessRequests}++,
> $main::statistics{radiusAuthServTotalDupAccessRequests}++
> if $code eq 'Access-Request';
> --- 316,326 ----
> {
> # Its a duplicate, log it and ignore it
> my $id = $p->identifier;
> ! my ($udpPort, $udpAddr) = Socket::unpack_sockaddr_in($p->{RecvFrom}
> ! );
> ! my ($udpAddrPrint) = Socket::inet_ntoa($udpAddr);
> !
> ! &main::log($main::LOG_INFO, "Duplicate request id $id received from
> $udpAddrPrint($udpPort): ignored");
> $self->{Statistics}{radiusServDupAccessRequests}++,
> $main::statistics{radiusAuthServTotalDupAccessRequests}++
> if $code eq 'Access-Request';
> ***************
> *** 327,333 ****
> else
> {
> # its not a dup, save the id for later dup checking
> ! $self->{RecentIdentifiers}->{$nas_id . $code}[$p->identifier]
> = $p->{RecvTime};
>
> # Call the PreHandlerHook, if there is one
> --- 333,339 ----
> else
> {
> # its not a dup, save the id for later dup checking
> ! $self->{RecentIdentifiers}->{$p->{RecvFrom} . $code}[$p->identifier]
> = $p->{RecvTime};
>
> # Call the PreHandlerHook, if there is one
> ----------------------8X cut here 8X--------------------------
> --
> Jerome Fleury Freesbee/LibertySurf/WC
> Network Team Tel/Fax: +33 1 45082314
----------------------------------------
Content-Type: application/pgp-signature; charset="iso-8859-1";
name="Attachment: 1"
Content-Transfer-Encoding: 7bit
Content-Description:
----------------------------------------
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list