[RADIATOR] connection timout

Claudio Lapidus clapidus at gmail.com
Wed Aug 12 19:29:21 CDT 2009


Yes Hugh. Actually I was more interested in the code for socket exhaustion
in 4.0.
Thank you guys!
cl.



On Wed, Aug 12, 2009 at 8:38 PM, Hugh Irvine <hugh at open.com.au> wrote:

>
> Hello Claudio -
>
> As Mike rightly points out there is also this in the latest Radiator 4.4
> patches.
>
> regards
>
> Hugh
>
>
> Begin forwarded message:
>
>  From: Mike McCauley <mikem at open.com.au>
>> Date: 13 August 2009 09:27:34 GMT+10:00
>> To: radiator at open.com.au
>> Subject: Re: [RADIATOR] connection timout
>>
>> Hi Hugh,
>>
>> I think he is asking about:
>>
>> <dt>2009-04-25 <b>ServerTACACSPLUS.pm</b></dt>
>> <dd>
>> Added support for IdleTimeout to Server TACACSPLUS. If a client stays
>> connected for
>> more than this number of seconds without sending any requests it will be
>> disconnected. Defaults to 180 seconds. Requested by Yevgeniy Averin.
>> </dd>
>>
>> in the latest patch set.
>>
>> Cheers.
>>
>> On Thursday 13 August 2009 09:16:40 am Hugh Irvine wrote:
>>
>>> Hello Claudio -
>>>
>>> From the History file for Radiator 4.0:
>>>
>>>
>>>        • Fixed possible socket exhaustion in Server TACACSPLUS under
>>> certain
>>> unusual circumstances.
>>>
>>>
>>> regards
>>>
>>> Hugh
>>>
>>> On 12 Aug 2009, at 23:08, Claudio Lapidus wrote:
>>>
>>>> Hello Hugh,
>>>>
>>>> Could you please point me to the exact location of this fix? We´ve
>>>> been recently experiencing some problems with max open files (albeit
>>>> related to Oracle client retries) and we´d like to see if there is
>>>> any relation with this one.
>>>>
>>>> thank you,
>>>> cl.
>>>>
>>>>
>>>>
>>>> On Tue, Aug 11, 2009 at 8:23 PM, Hugh Irvine <hugh at open.com.au> wrote:
>>>>
>>>> Hello Markus -
>>>>
>>>> What version of Radiator are you running? The most recent is Radiator
>>>> 4.4 (plus patches).
>>>>
>>>> There was a fix for this recently.
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>> On 12 Aug 2009, at 05:34, Markus Moeller wrote:
>>>>
>>>>> Is there a timeout value I can set to drop idle connection attempts
>>>>> for TACACS+ and Radius ?  We see sometimes a device going crazy and
>>>>> sending a lot of authentication requests and don't finish them and
>>>>> thereby blocking the server (e.g a form of DOS) since on Solaris the
>>>>> number of open files/sockets is often only 256. Increasing it to
>>>>> 1024 helps a bit but not completely.
>>>>>
>>>>> Thank you
>>>>> Markus
>>>>>
>>>>> _______________________________________________
>>>>> radiator mailing list
>>>>> radiator at open.com.au
>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>>
>>>>
>>>> NB:
>>>>
>>>> Have you read the reference manual ("doc/ref.html")?
>>>> Have you searched the mailing list archive
>>>> (www.open.com.au/archives/radiator)? Have you had a quick look on
>>>> Google
>>>> (www.google.com)?
>>>> Have you included a copy of your configuration file (no secrets),
>>>> together with a trace 4 debug showing what is happening?
>>>> Have you checked the RadiusExpert wiki:
>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>
>>>> --
>>>> Radiator: the most portable, flexible and configurable RADIUS server
>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>> Includes support for reliable RADIUS transport (RadSec),
>>>> and DIAMETER translation agent.
>>>> -
>>>> Nets: internetwork inventory and management - graphical, extensible,
>>>> flexible with hardware, software, platform and database independence.
>>>> -
>>>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>>>
>>>>
>>>> _______________________________________________
>>>> radiator mailing list
>>>> radiator at open.com.au
>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>
>>>
>>> NB:
>>>
>>> Have you read the reference manual ("doc/ref.html")?
>>> Have you searched the mailing list archive
>>> (www.open.com.au/archives/radiator)? Have you had a quick look on Google
>>> (www.google.com)?
>>> Have you included a copy of your configuration file (no secrets),
>>> together with a trace 4 debug showing what is happening?
>>> Have you checked the RadiusExpert wiki:
>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>
>>
>>
>>
>> --
>> Mike McCauley                               mikem at open.com.au
>> Open System Consultants Pty. Ltd
>> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
>> http://www.open.com.au
>> Phone +61 7 5598-7474                       Fax   +61 7 5598-7070
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, DIAMETER etc. Full source
>> on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>>
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (
> www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> Have you checked the RadiusExpert wiki:
> http://www.open.com.au/wiki/index.php/Main_Page
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20090812/884ac756/attachment-0001.html 


More information about the radiator mailing list