Salut Jerome -
Merci pour ca! I have copied Mike on this mail and he will consider the patch for inclusion in the next release. A+ Hugues On Thursday 18 October 2001 20:00, Jerome Fleury wrote: > --On Tuesday, October 16, 2001 09:57:17 AM +0200 Jesús M Díaz > > <[EMAIL PROTECTED]> wrote: > > Hello, > > > > i had the same problem too, but whit the pair 'nas-identifier/nas-port'. > > i could solve it changing the AddQuery sentence at 'session sql' clause > > from 'insert into ...' to 'replace into ...'. > > > > the problem, as i could see, is when due an error or any other reason, > > Radiator keeps a session entry but that sessions is not real yet. > > > > regards > > I don't really know if your problem is related to mine, but in our > configuration (big ISP, about 80 requests/s) we had a lot of duplicates. To > avoid this we patched Radiator to handle "real" duplicates. > > For that, we match packets not only on packet ID, but on NAS IP and UDP > port Number (because some hosts like Lucent TNT have multiple ID space on > different port numbers). The patch is working perfectly. > Maybe this patch could be integrated into official release ? > > Here it is for Radiator 2.18.4: > > ----------------------8X cut here 8X-------------------------- > *** Radius/Client.pm.old Wed Oct 3 15:28:46 2001 > --- Radius/Client.pm Wed Oct 3 15:27:55 2001 > *************** > *** 6,21 **** > # Name the host name the Client was created with > # Host Packed host address of the client > # > # In order to detect duplicate arrivals, we keep an array > ! # of arrivals ($self->{RecentIdentifiers})indexed by the Radius packet > ! # identifier (8 bits), concatenated with the packet type code. > # (The packet code is used because some NASs use different packet > # sequences for different request types) > # The value stored in each element of the array is the time > ! # we last received > ! # a packet with that identifier from this client. > ! # If the time interval is > ! # less than DupInterval, the packet is assumed to be > # duplicate, and is ignored > # > # Author: Mike McCauley ([EMAIL PROTECTED]) > --- 6,23 ---- > # Name the host name the Client was created with > # Host Packed host address of the client > # > + # Patch by [EMAIL PROTECTED] (the old code did not use the IP > address): > # In order to detect duplicate arrivals, we keep an array > ! # of arrivals ($self->{RecentIdentifiers})indexed by > ! # the IP address of the host that sent the request, > ! # the UDP port number (some hosts like Lucent TNT have multiple ID space > ! # on different port numbers), the Radius packet identifier (8 bits), > ! # concatenated with the packet type code. > # (The packet code is used because some NASs use different packet > # sequences for different request types) > # The value stored in each element of the array is the time > ! # we last received a packet with that identifier from this client. > ! # If the time interval is less than DupInterval, the packet is assumed to > be > # duplicate, and is ignored > # > # Author: Mike McCauley ([EMAIL PROTECTED]) > *************** > *** 307,313 **** > # accounting where the Acct-Delay-Time has changed, because > # the identifier will also have changed. Gag. > if (!$self->{NoIgnoreDuplicates}{$code} > ! && $self->{RecentIdentifiers}->{$nas_id . $code}[$p->identifier] > > > ($p->{RecvTime} - $self->{DupInterval})) > > { > if (!$is_reboot) > --- 309,315 ---- > # accounting where the Acct-Delay-Time has changed, because > # the identifier will also have changed. Gag. > if (!$self->{NoIgnoreDuplicates}{$code} > ! && $self->{RecentIdentifiers}->{$p->{RecvFrom} . $code}[$p->identifier] > > > ($p->{RecvTime} - $self->{DupInterval})) > > { > if (!$is_reboot) > *************** > *** 314,320 **** > { > # Its a duplicate, log it and ignore it > my $id = $p->identifier; > ! &main::log($main::LOG_INFO, "Duplicate request id $id received from > $nas_id: ignored"); > $self->{Statistics}{radiusServDupAccessRequests}++, > $main::statistics{radiusAuthServTotalDupAccessRequests}++ > if $code eq 'Access-Request'; > --- 316,326 ---- > { > # Its a duplicate, log it and ignore it > my $id = $p->identifier; > ! my ($udpPort, $udpAddr) = Socket::unpack_sockaddr_in($p->{RecvFrom} > ! ); > ! my ($udpAddrPrint) = Socket::inet_ntoa($udpAddr); > ! > ! &main::log($main::LOG_INFO, "Duplicate request id $id received from > $udpAddrPrint($udpPort): ignored"); > $self->{Statistics}{radiusServDupAccessRequests}++, > $main::statistics{radiusAuthServTotalDupAccessRequests}++ > if $code eq 'Access-Request'; > *************** > *** 327,333 **** > else > { > # its not a dup, save the id for later dup checking > ! $self->{RecentIdentifiers}->{$nas_id . $code}[$p->identifier] > = $p->{RecvTime}; > > # Call the PreHandlerHook, if there is one > --- 333,339 ---- > else > { > # its not a dup, save the id for later dup checking > ! $self->{RecentIdentifiers}->{$p->{RecvFrom} . $code}[$p->identifier] > = $p->{RecvTime}; > > # Call the PreHandlerHook, if there is one > ----------------------8X cut here 8X-------------------------- > -- > Jerome Fleury Freesbee/LibertySurf/WC > Network Team Tel/Fax: +33 1 45082314 ---------------------------------------- Content-Type: application/pgp-signature; charset="iso-8859-1"; name="Attachment: 1" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.