[RADIATOR] Duplicate request issues
hugh at open.com.au
Mon Nov 24 16:10:00 CST 2014
Hello Patrick -
This sounds to me like the internal servers are not processing requests quickly enough and don’t respond to the external servers before the external servers time out and resend.
When the resent request arrives at the internal server(s) they are indeed marked as duplicates because the previous request is still in process.
We often see this sort of problem with slow responses from authentication resources like SQL and/or LDAP databases.
A trace 4 debug with LogMicroseconds will show you exactly where the time is being spent waiting.
Of course it may not be the external servers that are timing out - it may be the upstream devices and/or proxies that are resending.
In any case, trace 4 debug with LogMicroseconds will show what Radiator is doing (or not doing), and the corresponding Wireshark trace will show you what packets are actually on the wire.
> On 25 Nov 2014, at 02:39, Patrik Forsberg <patrik.forsberg at ip-only.se> wrote:
> I have a problem where we have two external and two internal radius servers. The external radius servers proxy almost all requests on to the internal radius servers but the internal servers seem to think that the requests are duplicates ?
> I've done all I can think of to disable the duplicate filtration but I seem to be unable to stop the behavior.
> I've tried setting DupInterval 0, NoIgnoreDuplicates Access-Request,Accounting-Request and UseContentsForDuplicateDetection, all of them by themselves and in various combinations, but neither seem to remedy the problem ?
> When the external radius servers get to many requests on them the internal starts ignoring the requests due to duplicates ?
> Are there some other directive I can put in Clients, or other parts of the configuration, to stop this from happening ?
> Best Regards,
> Patrik Forsberg
> radiator mailing list
> radiator at open.com.au
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc.
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator