Hi all
I have been using freeradius for a while using 'users' files to hold users
information. I now have 60,000+ users and this takes too much memory.
I am attempting to use rlm_dbm with source taken via cvs to get the latest
code. I do not quite understand how fastusers works and it might be a better
solution, if anyone has any comments on that I would appreciate it.
Setting up rlm_dbm looks very straight forward, I have in radiusd.conf:
-----
modules {
.... existing entries
dbm {
usersfile = ${confdir}/users.db
}
}
authorize {
preprocess
suffix
files
dbm
}
-----
I have used rlm_dbm_parser to generate my dbm file (only one entry while
testing) and used rlm_dbm_cat to test the dbm file.
If I comment out dbm from authorize { .. } I can authenticate from the users
file as I have been previously. As soon as I uncomment dbm from authorize {
.. } I get this in my radius.log when using radtest or actually dialing in.
Fri Jul 19 12:57:20 2002 : Info: Starting - reading configuration files ...
Fri Jul 19 12:57:21 2002 : Info: Listening on IP address *, ports 1822/udp
and 1823/udp, with proxy on 1824/udp.
Fri Jul 19 12:57:21 2002 : Info: Ready to process requests.
Fri Jul 19 12:57:30 2002 : Error: Dropping packet from client localhost:1560
- ID: 142 due to dead request 0
Fri Jul 19 12:57:36 2002 : Error: Dropping packet from client localhost:1560
- ID: 142 due to dead request 2
Fri Jul 19 12:57:39 2002 : Error: Dropping packet from client localhost:1560
- ID: 142 due to dead request 2
I have tried playing around with my input structure for rlm_dbm_parser as
that is one thing I am still not sure I am doing right. However those error
messages really don't appear to be associated with the dbm even though they
only occur when i put dbm configuration into radiusd.conf
I grep'd the source code for "due to dead request" and there is a chunk of
code in radiusd.conf
-----
/*
* At this point, there isn't a live
* thread handling the old request. The
* old request isn't finished, AND
* there's no reply for it.
*
* Therefore, we MUST be waiting for a reply
* from the proxy.
*
* If not, then we have no clue what to
* do, so we drop the new request, and
* hope that the NAS doesn't bug us about
* it.
*/
if (!curreq->proxy) {
radlog(L_ERR, "Dropping packet from client "
"%s:%d - ID: %d due to dead request
%d",
client_name(request->packet->src_ipaddr),
request->packet->src_port,
request->packet->id,
curreq->number);
request_free(&request);
return NULL;
}
-----
This is where i get lost and I do not see what this has to do with my dbm
configuration. I am not a c coder so flicking over code and getting the
general jist of it is as far as I go.
I am using a fairly old OS, Redhat 5.1, so maybe I have some old libraries
that can also put a knife in the works. To get freeradius running i have to
disable threads and snmp. The radius.conf file is nearly default except
simple things like nospaces,lowercase, commented out unix whever i found it
and added dbm.
Any ideas would be appreciated, if all else fails I will switch to SQL....but
databases can crash, files dont.
Cheers :)
--
Martin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
