Hi all.
I manage the RADIUS system.
It consists of redhat9, freeradius0.9.1 and MS-SQL|mySQL.
The system are organized redundantly. Account information is doubled
by radrelay.
I stopped temporarily the redundant server of them for maintenance
on the other day. Account packets during it was stored in detail-combined
file on the living server exactly.
However, after the maintenance finished and the redundant server
was restarted, I have noticed a lot of packets which are not in the
detail-combined file relayed. It continued till the next day. And
there was no sign of converging.
The packet sample at that time are shown below.
Sat Oct 4 00:00:06 2003
Acct-Delay-Time = 103537
NAS-IP-Address = 10.0.240.243
Client-IP-Address = 10.0.240.243
Acct-Unique-Session-Id = "9568c0490b1942fa"
Timestamp = 1065193206
Sat Oct 4 00:00:09 2003
Acct-Delay-Time = 103540
NAS-IP-Address = 10.0.240.243
Client-IP-Address = 10.0.240.243
Acct-Unique-Session-Id = "9568c0490b1942fa"
Timestamp = 1065193209
Sat Oct 4 00:00:12 2003
Acct-Delay-Time = 103543
NAS-IP-Address = 10.0.240.243
Client-IP-Address = 10.0.240.243
Acct-Unique-Session-Id = "9568c0490b1942fa"
Timestamp = 1065193212
Since freeradius0.9.*, radrelay detects the delay of relay and
create the packet which corrects account time. That like above
samples.
rlm_sql considers that it is invalid because User-Name and
NAS-IP-Address are not contained in, so radiusd and radrelay
relay again. The infinite loop is formed.
This problem should be solved by adding the function of account time
correction to rlm_sql.
I am doing the emergency measure. I change rlm_sql.c(line 718) like
"return RLM_MODULE_OK".
Fortunately "detail-combined" became empty.
--K.Omori
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
