[RADIATOR] Duplicate request issues
patrik.forsberg at ip-only.se
Tue Nov 25 04:03:35 CST 2014
OK I see.. yes there are probably things slowing down radiator.. we have two queries to mysql databases and one towards pam(using Kerberos) and I'm guessing all this makes the whole process pretty slow.. especially when they are under load.
I guess there are no way to make the externals wait longer for a response ?
I'll try to catch this in a trace4 with logmicroseconds.
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: den 24 november 2014 23:10
> To: Patrik Forsberg
> Cc: radiator at open.com.au
> Subject: Re: [RADIATOR] Duplicate request issues
> Hello Patrick -
> This sounds to me like the internal servers are not processing requests
> quickly enough and don’t respond to the external servers before the
> external servers time out and resend.
> When the resent request arrives at the internal server(s) they are indeed
> marked as duplicates because the previous request is still in process.
> We often see this sort of problem with slow responses from authentication
> resources like SQL and/or LDAP databases.
> A trace 4 debug with LogMicroseconds will show you exactly where the time
> is being spent waiting.
> Of course it may not be the external servers that are timing out - it may be
> the upstream devices and/or proxies that are resending.
> In any case, trace 4 debug with LogMicroseconds will show what Radiator is
> doing (or not doing), and the corresponding Wireshark trace will show you
> what packets are actually on the wire.
> > On 25 Nov 2014, at 02:39, Patrik Forsberg <patrik.forsberg at ip-only.se>
> > Hello,
> > I have a problem where we have two external and two internal radius
> servers. The external radius servers proxy almost all requests on to the
> internal radius servers but the internal servers seem to think that the
> requests are duplicates ?
> > I've done all I can think of to disable the duplicate filtration but I seem to be
> unable to stop the behavior.
> > I've tried setting DupInterval 0, NoIgnoreDuplicates Access-
> Request,Accounting-Request and UseContentsForDuplicateDetection, all of
> them by themselves and in various combinations, but neither seem to
> remedy the problem ?
> > When the external radius servers get to many requests on them the
> internal starts ignoring the requests due to duplicates ?
> > Are there some other directive I can put in Clients, or other parts of the
> configuration, to stop this from happening ?
> > Best Regards,
> > Patrik Forsberg
> > _______________________________________________
> > radiator mailing list
> > radiator at open.com.au
> > http://www.open.com.au/mailman/listinfo/radiator
> Hugh Irvine
> hugh at open.com.au
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER, SIM, etc.
> Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator