[RADIATOR] Proxy does not catch the Request

Heikki Vatiainen hvn at open.com.au
Fri Dec 13 13:22:27 UTC 2019 

On 13/12/2019 9.40, SinTeZ Wh1te wrote:

> We have a problem with some RADIUS packets.
> Radiator don't catch these packets. But other packets with same host, 
> same values - Radiator sees and forwarding to another host.
> It is not a routing/networking issue since i see on Radiator server 
> (using tcpdump) that the requests arrives correctly on 1821 port.
> But nothing gets logged (using Trace 4).
> 
> There are a lot of ignored packets, and i can't understand what wrong 
> with our configuration.

I would start by looking at log messages from radiusd start. If there 
are problems with configuration parameters and loading the 
configuration, this is where you can see them.

When radiusd is running, do you see any log messages that could 
correspond to the problems?

You should also check CPU utilisation with top or similar utility. Do 
you see radiusd processing using a lot of CPU?

When UDP messages are received from the network, the kernel needs to 
queue them for the processes. To see if there are queue overflows, use 
for example netstat:

% netstat --udp --statistics
...
Udp:
     340652 packets received
     0 packets to unknown port received.
     0 packet receive errors
     340682 packets sent
     0 receive buffer errors
     0 send buffer errors
...

If you see receive buffer errors and the number is increasing, it might 
be caused by more UDP mesages being received than radiusd can handle. 
The buffer in kernel is limited and messages are are discarded when the 
buffer space runs out. These buffers can be increased to handle sudden 
spikes but in the long run it will always overflow if the process 
emptying the buffer can't keep up with incoming rate.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.

More information about the radiator mailing list