(RADIATOR) Tacacs TCP Connection Limit

Mike McCauley mikem at open.com.au
Sat Apr 29 17:06:44 CDT 2006 

Hello Garry,

This problem has been previously reported, and should be fixed in the latest 
patch set.

Cheers.

On Saturday 29 April 2006 20:24, Garry Thomas wrote:
> Hi,
> 	Is it possible to somehow limit the number of TCP connections a client/NAS
> can have to a Radiator server when running TACACS? I have the situation
> whereby a (usually misconfigured) NAS creates thousands of connections to
> the Radiator server (to TCP port 49), and basically makes the Radiator
> server unusable by any other NAS. I get the following in the radius log
> file....
>
>
> Fri Apr 28 17:57:02 2006: ERR: Could not accept on Tacacs listen socket:
> Too many open files
>
>
> And only a restart of radiator fixes the problem... I believe the server
> hits a limit set in /proc/sys/fs/file-nr (1890 on my server), but I could
> be wrong on this. I don't believe the solution is up this limit, as the
> server will quickly hit any limit I set.... I basically just need to set a
> per NAS TCP connect limit, or something like that.
>
> Thanks
> Garry
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list