[RADIATOR] Duplicate request issues
Heikki Vatiainen
hvn at open.com.au
Wed Nov 26 04:19:02 CST 2014
On 25.11.2014 12.03, Patrik Forsberg wrote:
> OK I see.. yes there are probably things slowing down radiator.. we have two queries to mysql databases and one towards pam(using Kerberos) and I'm guessing all this makes the whole process pretty slow.. especially when they are under load.
>
> I guess there are no way to make the externals wait longer for a response ?
The RetryTimeout parameter in AuthBy RADIUS controls this. If you add a
second, it may help. Note that there are two kinds of duplicates: ones
that are ignored and ones that cause resending of the reply. The log
message 'retransmit reply' or 'ignored' depending on if the reply was
already sent or not. The idea here is to ignore the duplicate request if
the original request is still being processed.
If the reply is retransmitted, then the original reply may have gotten
lost or the requests in the incoming socket queue are processed too slow
which might be your case. If the queue is not emptied quickly enough,
the external may think think the request it sent (or the corresponding
reply) may have been lost.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list