(RADIATOR) Duplicate request detection?

Jan Tomasek jan at tomasek.cz
Wed Apr 26 07:47:18 CDT 2006


Hi,

I'm having troubles with duplicate request detection. I'm using
eapol_test to test if RADIUS is working. If i do 10tests in as fast as
posible way I get:

1: semik: access-accept; 0
1: sova: access-accept; 3
2: semik: access-accept; 4
2: sova: access-accept; 4
3: semik: access-accept; 3
3: sova: access-accept; 3
4: semik: access-accept; 3
4: sova: access-accept; 3
5: semik: access-accept; 3
5: sova: access-accept; 4

so only test "1: semik" was done in less than one second. Others are
getting delayed by 3 or 4 seconds. Reason is in strace 4 output:

*** Received from 195.113.134.138 port 33149 ....
Code:       Access-Request
Identifier: 0
Authentic:  <180>p<235>a<235><12><143><237><181><170><215>20s<135><152>
Attributes:
        User-Name = "sova at orgA.etest.cesnet.cz"
        NAS-IP-Address = 127.0.0.1
        Calling-Station-Id = "70-6F-6C-69-73-68"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-IEEE-802-11
        Connect-Info = "rad_eap_test + eapol_test"
        EAP-Message = <2><0><0><31><1>sova at orgA.etest.cesnet.cz
        Message-Authenticator = <185><12><160>Q...

Wed Apr 26 13:38:07 2006: INFO: Duplicate request id 0 received from
195.113.134.138(33149): ignored

My question is what to add to Access-Request to not triger Duplicate
requests? If I'm observing what are sending our Cisco AP:

*** Received from 195.113.205.152 port 1645 ....
Code:       Access-Request
Identifier: 49
Authentic:  <209><182><239><197>=<223><155><146><3>9<204>c\<178>y<142>
Attributes:
        User-Name = "semik at cesnet.cz"
        Framed-MTU = 1400
        Called-Station-Id = "0013.8043.9bf0"
        Calling-Station-Id = "0012.f016.c5c4"
        Service-Type = Login-User
        Message-Authenticator = o<184>ae...
        EAP-Message = <2>....
        NAS-Port-Type = Wireless-IEEE-802-11
        NAS-Port = 3712
        NAS-IP-Address = 195.113.205.152

I can see that my test packets are missing NAS-Port and that they always
begins with Identifier = 0. Cisco number is growing...

Any sugestions?

-- 
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list