Hello Rainer -
Here is the comment block from "Radius/Client.pm":
# In order to detect duplicate arrivals, we keep an array
# of arrivals ($self->{RecentIdentifiers})indexed by
# the IP address of the host that sent the request,
# the UDP port number (some hosts like Lucent TNT have multiple ID space
# on different port numbers), the Radius packet identifier (8 bits),
# concatenated with the packet type code.
# (The packet code is used because some NASs use different packet
# sequences for different request types)
# The value stored in each element of the array is the time
# we last received a packet with that identifier from this client.
# If the time interval is less than DupInterval, the packet is assumed to be
# duplicate, and is ignored
Does this answer your question?
regards
Hugh
On Tuesday, Sep 30, 2003, at 07:16 Australia/Melbourne, Rainer Huber wrote:
Hi!
I've seen that radiator detects duplicate records depending only on the identifier and the client IP:
"If more than 1 Radius request from this Client with the same Radius
Identifier are
received within DupInterval seconds, the 2nd and subsequent are ignored."
Shouldn't be the Identifier, the ClientIP and the SourcePort the keys for
duplicates?
The RFC 2865 says:
"Identifier: The Identifier field is one octet, and aids in matching
requests and replies. The RADIUS server can detect a duplicate request if it
has the same client source IP address and source UDP port and Identifier
within a short span of time."
Is it a mistake in the refmanual?
Regards, Rainer
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
