Qinxue Chen <[EMAIL PROTECTED]> wrote:
> I used two kinds of RADIUS servers. With Merit 3.6B, the server accept a lot
> more traffic from the NAS servers. There is no single complain. With
> freeradius (snapshot 08/20/01), we got a lot "Dropping conflicting
> authentication packets" messages but for only very limited test
> traffic.
Then either the server is taking forever to process a request, or
the NAS is sending new packets too soon.
Run the server in debugging mode and see.
> I set "hostname_lookup" no. You mean the NAS servers keep using the
> same sequence numbers or IDs for authentication packets, even though
> the requests may come from different users?
The NAS probably uses the same source port for all RADIUS requests.
It uses one of 256 ID's. So after 256 authentications, you're pretty
much guaranteed to re-use an ID.
> Then the way to get around it is not to check the ID?
No. The RFC's say that the server MUST check the ID.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
