(RADIATOR) Requests to dead host are reapated forever when using RADSEC
Jan Tomasek
jan at tomasek.cz
Tue Dec 13 06:03:51 CST 2005
Hello,
this subject was already used in RADSEC list but thread was hijacked for
other stuff. So, I repeat problem again here because it still remains.
I've two hosts radsec1.cesnet.cz (hadling cesnet.cz realm) and
semik3.cesnet.cz (handling tomasek.cz realm). They are connected by
DNSROAM and RADSEC. Config:
<Handler Realm=/^.+$/>
<AuthBy DNSROAM>
Address localhost
Port 2083
Transport tcp
Protocol radsec
ConnectOnDemand
UseTLS
TLS_CAPath /etc/ssl/certs
TLS_CertificateFile
/etc/ssl/certs/radsecClient_radsec1.cesnet.cz.crt.pem
TLS_CertificateType PEM
TLS_PrivateKeyFile
/etc/ssl/private/radsecClient_radsec1.cesnet.cz.key.pem
#TLS_CRLCheck
#TLS_ExpectedPeerName .+
#RewriteTargetRealm s/^.+\.([^\.]+)$/$1.test.eduroam.org/
<Route>
Realm DEFAULT
Address etlr-test.eduroam.org
Port 2083
Transport tcp
Protocol radsec
</Route>
</AuthBy>
</Handler>
If I turn off server semik3.cesnet.cz and sent request for
authentication of semik at tomasek.cz to radsec1.cesnet.cz, it starts
attempt conectiong to semik3 for ever (or at least for very long time).
It helps to restart radsec1 but... still I think this is not ok? Am I
missing some direction in config is is this bug?
Log:
Tue Dec 13 12:48:02 2005: DEBUG: AuthBy DNSROAM result: IGNORE,
Tue Dec 13 12:48:02 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:02 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 12:48:04 2005: INFO: AuthRADSEC: No reply from
semik3.cesnet.cz:2083 for semik at tomasek.cz (120)
Tue Dec 13 12:48:07 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:07 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:07 2005: INFO: AuthRADSEC: No reply from
semik3.cesnet.cz:2083 for semik at tomasek.cz (120)
Tue Dec 13 12:48:07 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:07 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 12:48:12 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:12 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:12 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:12 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 12:48:17 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:17 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:17 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:17 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 12:48:22 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:22 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:22 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:22 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 12:48:27 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:27 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:27 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:27 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 12:48:32 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:32 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:48:32 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:48:32 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
nad now after 10minutes it still tryies connect:
Tue Dec 13 12:59:57 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 12:59:57 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 12:59:57 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 12:59:57 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 13:00:02 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:02 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:02 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 13:00:02 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 13:00:07 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:07 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:07 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 13:00:07 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 13:00:12 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:12 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:12 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 13:00:12 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 13:00:17 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:17 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:17 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 13:00:17 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Tue Dec 13 13:00:22 2005: DEBUG: Stream attempting tcp connection to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:22 2005: DEBUG: Stream connection in progress to
semik3.cesnet.cz:2083
Tue Dec 13 13:00:22 2005: DEBUG: Stream connection to
semik3.cesnet.cz:2083 failed: Connection refused
Tue Dec 13 13:00:22 2005: DEBUG: Stream disconnected from
semik3.cesnet.cz:2083
Best regards
--
--------------------------------------------------------------
Jan Tomasek aka Semik work: CESNET, z.s.p.o.
http://www.tomasek.cz/ Zikova 4, 160 00 Praha 6
Czech Republic
phone(work): +420 2 2435 5279 http://www.cesnet.cz/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051213/49873971/attachment.bin>
More information about the radiator
mailing list