Hello Patrick -
This sounds to me like the internal servers are not processing requests quickly
enough and don’t respond to the external servers before the external servers
time out and resend.
When the resent request arrives at the internal server(s) they are indeed
marked as duplicates because the previous request is still in process.
We often see this sort of problem with slow responses from authentication
resources like SQL and/or LDAP databases.
A trace 4 debug with LogMicroseconds will show you exactly where the time is
being spent waiting.
Of course it may not be the external servers that are timing out - it may be
the upstream devices and/or proxies that are resending.
In any case, trace 4 debug with LogMicroseconds will show what Radiator is
doing (or not doing), and the corresponding Wireshark trace will show you what
packets are actually on the wire.
regards
Hugh
On 25 Nov 2014, at 02:39, Patrik Forsberg patrik.forsb...@ip-only.se wrote:
Hello,
I have a problem where we have two external and two internal radius servers.
The external radius servers proxy almost all requests on to the internal
radius servers but the internal servers seem to think that the requests are
duplicates ?
I've done all I can think of to disable the duplicate filtration but I seem
to be unable to stop the behavior.
I've tried setting DupInterval 0, NoIgnoreDuplicates
Access-Request,Accounting-Request and UseContentsForDuplicateDetection, all
of them by themselves and in various combinations, but neither seem to remedy
the problem ?
When the external radius servers get to many requests on them the internal
starts ignoring the requests due to duplicates ?
Are there some other directive I can put in Clients, or other parts of the
configuration, to stop this from happening ?
Best Regards,
Patrik Forsberg
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc.
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator