(RADIATOR) radiators duplicate detection (ClientIP+Identifier+?SourcePort?)

Hugh Irvine hugh at open.com.au
Mon Sep 29 17:36:01 CDT 2003 

Hello Rainer -

Here is the comment block from "Radius/Client.pm":

# In order to detect duplicate arrivals, we keep an array
# of arrivals ($self->{RecentIdentifiers})indexed by
# the IP address of the host that sent the request,
# the UDP port number (some hosts like Lucent TNT have multiple ID space
# on different port numbers), the Radius packet identifier (8 bits),
# concatenated with the packet type code.
# (The packet code is used because some NASs use different packet
# sequences for different request types)
# The value stored in each element of the array is the time
# we last received a packet with that identifier from this client.
# If the time interval is less than DupInterval, the packet is assumed 
to be
# duplicate, and is ignored


Does this answer your question?

regards

Hugh


On Tuesday, Sep 30, 2003, at 07:16 Australia/Melbourne, Rainer Huber 
wrote:

> Hi!
>
> I've seen that radiator detects duplicate records depending only on the
> identifier and the client IP:
>
> "If more than 1 Radius request from this Client with the same Radius
> Identifier are
> received within DupInterval seconds, the 2nd and subsequent are 
> ignored."
>
> Shouldn't be the Identifier, the ClientIP and the SourcePort the keys 
> for
> duplicates?
>
> The RFC 2865 says:
>
> "Identifier: The Identifier field is one octet, and aids in matching
> requests and replies. The RADIUS server can detect a duplicate request 
> if it
> has the same client source IP address and source UDP port and 
> Identifier
> within a short span of time."
>
>
> Is it a mistake in the refmanual?
>
> Regards,
> Rainer
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list