Yes, but we just have got the problem, so, the source of the problem may be in other place... I've look through the sniffer file and found, this strange sequence: ... 31:05 access-request (port 65025, id 229) (Authenticator1) 31:10 access-accept (port 65025, id 229) 31:10 access-request (port 65025, id 229) (Authenticator2) 31:14 access-request (port 65025, id 229) (Authenticator2) 31:20 access-request (port 65025, id 229) (Authenticator2) 31:26 access-accept (port 65025, id 229) 31:26 access-request (port 65025, id 229) (Authenticator3) ... I'm not sure, but it seems to me, that some of this requests in radius.log file were marked as duplicated ("Discarding duplicate request from client..."), and some - as a conflicting. ("Received conflicting packet from client...") ... Jul 12 14:31:10 radius1 radiusd[8647]: Discarding duplicate request from client fl2 port 65025 - ID: 229 due to unfinished request 6545 Jul 12 14:31:16 radius1 radiusd[8647]: Discarding duplicate request from client fl2 port 65025 - ID: 229 due to unfinished request 6545 Jul 12 14:31:21 radius1 radiusd[8647]: Received conflicting packet from client fl2 port 65025 - ID: 229 due to unfinished request 6545. Giving up on old request. Jul 12 14:31:22 radius1 radiusd[8647]: Dropping request (2049 is too many): from client fl1 port 65025 - ID: 229 Jul 12 14:31:25 radius1 radiusd[8647]: Discarding duplicate request from client fl2 port 65025 - ID: 229 due to unfinished request 8342 Jul 12 14:31:26 radius1 radiusd[8647]: Dropping request (2049 is too many): from client fl1 port 65025 - ID: 229 ... and so on... Citējot *Fajar A. Nugraha <l...@fajar.net> [1]*: > On Wed, Jul 13, 2011 at 1:54 PM, Konstantin Chekushin > <ko...@inbox.lv> wrote: > > Hi all! I've found, that our NAS-server sometimes (when it > restarts and > > there are many auth. packets comes to the radius-server) > re-uses port and ID > > in a < 1 second period. (information from tcpdump) That > causes " conflicting > > packet from client". I think, that the NAS works wrong (it > must wait a > > little bit more, then 1 sec. to re-use the port+ID), that's > why I wont to > > find some documentation about it for a bug-report. > > Thanks a lot. > > Are you sure the NAS reuse port number? Isn't it a duplicate > packet? > > -- > Fajar > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html
Links: ------ [1] mailto:l...@fajar.net
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html