Hi, > If you're a sucker for punishment, you can read > the code in > src/main/request_list.c, and src/main/radiusd.c > Otherwise, the answer is: > > Request ID, request code, source IP, source port
:) thanks! I'll take your word for it :) > If we see two messages with the same above 4 > parameters, and their > authentication vectors are different, then they're > different requests. thanks for the reply. I know the next question is not directly related to FreeRadius, but your opinion here will really help me!! Since FreeRadius looks at the four parameters mentioned above while, as you mentioned in your other mail the Merit server uses a different approach I understand that the policy that a server employs for duplicate requests is different! What would be the best way for a NAS to use the Identifier so that it works with 'most' Radius servers? This NAS has to also interwork with some older Radius installations and I am not sure how they handle retransmission! Is it OK to : 1. use the identifier sequentially (0-255 and wrap) 2. for every identifier record the timestamp at which its last response came back. 3. while sending sending a request only use identifiers which are atleast 'x' seconds old. 'x' can be the cleanup time of the Radius server! wont this guarantee that no request with the same identifier (other than real retransmissions) is sent to the server within any 'x' second timeframe? I guess the tradeoff is a capacity hit, but is there any other standard method? The RFC only mentions using a different identifier in each new request. Thanks a lot. Regards, Puneet __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
