Alan DeKok wrote: > Alan DeKok wrote: > >> I've just committed massive changes to the server core. The "diff" is >> about 3k lines, and doesn't include deleted or added files. >> > > More code changes today: > > Multiple requests are proxied to a home server. If the home server is > marked dead while the NAS is retransmitting the packets, the current > code (1.x) keeps sending the retransmissions to the dead home server. > > In the CVS head, it now discovers that the home server is dead, and > picks a live one from the appropriate server_pool. When coupled with > the support for checking if a dead home server has come back to life, > the server should be MUCH more robust in the event of home server failure. > > i.e. With the current code, many proxied requests can get rejected, > even if there is a home server for the realm that is live. With the new > code, all possible efforts are made to minimize the number of requests > that get rejected. > > No other server can do better than this. > > Alan DeKok. > -- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > attr_filter: Matched entry jrs at line 74 modcall[pre-proxy]: module "attr_filter.pre-proxy" returns updated for request 13 radius_xlat: '/usr/local/freeradius/var/log//20070410/pre-proxy-detail' rlm_detail: /usr/local/freeradius/var/log//%Y%m%d/pre-proxy-detail expands to /usr/local/freeradius/var/log//20070410/pre-proxy-detail radius_xlat: 'Tue Apr 10 14:06:34 2007' modcall[pre-proxy]: module "pre_proxy_log" returns ok for request 13 modcall: group pre-proxy returns updated for request 13 Sending Access-Request of id 122 to 194.83.56.249 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Proxying request 13 to realm jrs, home server 194.83.56.249 port 1812 Sending Access-Request of id 122 to 194.83.56.249 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Going to the next request Cleaning up request 9 ID 125 with timestamp +60 Cleaning up request 10 ID 126 with timestamp +61 Cleaning up request 11 ID 127 with timestamp +62 Waking up in 1 seconds... rad_recv: Access-Request packet from host 81.6.252.244 port 3341, id=129, length=72 Sending duplicate proxied request to home server 194.83.56.249 port 1812 - ID: 122 Sending Access-Request of id 122 to 194.83.56.249 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Waking up in 1 seconds... Cleaning up request 12 ID 128 with timestamp +63 Waking up in 15 seconds... rad_recv: Access-Request packet from host 81.6.252.244 port 3341, id=129, length=72 Sending duplicate proxied request to home server 194.83.56.249 port 1812 - ID: 122 Sending Access-Request of id 122 to 194.83.56.249 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Waking up in 13 seconds... rad_recv: Access-Request packet from host 81.6.252.244 port 3341, id=129, length=72 Sending duplicate proxied request to home server 194.83.56.249 port 1812 - ID: 122 Sending Access-Request of id 122 to 194.83.56.249 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Waking up in 10 seconds... rad_recv: Access-Request packet from host 81.6.252.244 port 3341, id=129, length=72 FAILURE: Home server 194.83.56.249 port 1812 is dead. RETRY: Proxying request 13 to different home server 194.82.174.185 port 1812 Sending Access-Request of id 8 to 194.82.174.185 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Waking up in 7 seconds... rad_recv: Access-Request packet from host 81.6.252.244 port 3341, id=129, length=72 RETRY: Proxying request 13 to different home server 194.82.174.185 port 1812 Sending Access-Request of id 179 to 194.82.174.185 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Waking up in 4 seconds... rad_recv: Access-Request packet from host 81.6.252.244 port 3341, id=129, length=72 radiusd(24731) malloc: *** Deallocation of a pointer not malloced: 0x5d4e80; This could be a double free(), or free() called with the middle of an allocated block; Try setting environment variable MallocHelp to see tools to help debug RETRY: Proxying request 13 to different home server 194.82.174.185 port 1812 Sending Access-Request of id 89 to 194.82.174.185 port 1812 Service-Type := Authenticate-Only User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 139.184.8.1 Proxy-State = 0x313239 Waking up in 1 seconds... Rejecting request 13 due to lack of any response from home server 194.82.174.185 port 1812 Sending Access-Reject of id 129 to 81.6.252.244 port 3341 Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = "134" Service-Type = Framed-User Waking up in 4 seconds... Cleaning up request 13 ID 129 with timestamp +65 radiusd(24731) malloc: *** Deallocation of a pointer not malloced: 0x5d4e80; This could be a double free(), or free() called with the middle of an allocated block; Try setting environment variable MallocHelp to see tools to help debug Waking up in 24 seconds...
Didn't do that before :S --- Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
