On Mon, 14 Feb 2005, Joe H wrote: > On Sat, 12 Feb 2005, energy wrote: > > > Sorry, I'm just a lurker on this list and certainly no expert. However, last > > time I saw someone mention this issue it had to do with log rotation. Check > > to make sure logs are not being rotated every hour. > > > > Anyway, just a thought. > > > The accounting logs are on a seperate server so those logs shouldn't > effect it. The radius.log file is rotated once a month and the ldap logs > are rotated hourly because they get so large so fast, but it's done on the > hour and the timeouts happen anytime. > > Thanks for the input. > > Joe H. > > > > On Friday 11 February 2005 13:25, Joe H wrote: > > > I work for an ISP with about 75,000 users. The user information is > > > stored in and ldap database which freeradius uses to authenticate > > > against. On a fairly regular basis I've been seeing radius timeouts for > > > no appearent reason. It doesn't seem to be a server load issue and > > > nothing is showing up in the logs. I've noticed that it seems to be > > > pretty consistant time wise. Some people have reported it happening every > > > hour or so and it seems to happen almost exactly an hour after it happened > > > the previous time. for instance, if it first happend at 10:38am, it would > > > most likely happen again at 11:38am. It's usually being noticed on email > > > clients as they check email on pretty regular basis. > > > > > > My question is, has anyone else noticed symptoms similar to these? I know > > > it seems pretty strange but I figured I'd check. I'm working on setting > > > up monitoring and possibly a little more verbose logging but thought > > > asking here might help point me in the right direction. System > > > information below. > > > > > > OS - freebsd 4.10 > > > freeradius - 1.0.1 > > > openldap - 2.2.19 > > > > > > load on the box is pretty low so that shouldn't be an issue. > > > > > > Joe H. > > >
First, do you think you could get lucky enough to capture one of those in debug mode? Perhaps if you encounter one you could fire up radius in debug mode about 59 minutes later? Also, can you do an ldapsearch from the command line with a resonable response time during one of those periods? If not, then what backend are you using for ldap? If you are using BDB what are your DB_CONFIG settings? Also, do you have checkpoint set in your slapd.conf file? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
