Hi, all,
Sometimes when there are too many requests from a NAS, like right after
rebooting it and thus breaking current sessions, etc., freeradius 2.1.3
under FreeBSD begins loggin many many lines like this after the NAS
re-sends unanswered packets:
Error: Received conflicting packet from client 10.10.70.94 port 1646 -
ID: 220 due to unfinished request 511166. Giving up on old request.
I looked in src/main/event.c and found this code:
default:
gettimeofday(&when, NULL);
when.tv_sec -= 1;
/*
* If the cached request was received
* within the last second, then we
* discard the NEW request instead of the
* old one. This will happen ONLY when
* the client is severely broken, and is
* sending conflicting packets very
* quickly.
*/
if (timercmp(&when, &request->received, <)) {
radlog(L_ERR, "Discarding conflicting
packet from "
"client %s port %d - ID: %d due
to recent request %d.",
client->shortname,
packet->src_port, packet->id,
request->number);
return 0;
}
received_conflicting_request(request, client);
^^^
request = NULL;
break;
Our authorization/accounting happens through rlm_perl and is written in
Perl. Perhaps it's not fast enough to process many many requests in
under 1 second (when.tv_sec), but aborting the current packet instead of
the new duplicate one can hardly be justified.
Please look at the line marked with ^^^ - it's where the error is logged
and the current request is aborted, unless it was caught earlier by
"Discarding conflicting packet", in which case the _new_ duplicate
request is aborted, which is more correct.
I propose that when.tv_sec be configurable in radiusd.conf, and not
hardcoded like that.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
