Arran Cudbard-Bell wrote:
> Really? But they're going to different destination ports, and therefore
> different interfaces?
The "unique" key is:
(src ip/port, dst ip/port, RADIUS code / id)
If there's no existing match, it's a new packet, and it can be processed.
If there is an existing match, then:
if (old vector == new vector)
packet is DUP
if cached reply
send it again
else if proxied
re-transmit proxied packet
else
ignore dup
else
packet is new
if old packet is done
process new
else
WTF?
Nothing could be simpler. :)
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
