Re: Child is hung for request … message
On 07.03.2013 11:32, Alex Sharaz wrote: Hi, I've just downloaded,compiled and installed the latest version of 2.2 (2.2.1?) from git.freeradius.org. Installed it on an internal server and things seemed to work o.k. I then upgraded another server that deals with our external ( eduroam) connectivity and within a few mins am seeing The server is basically proxying off auth requests to remote RADIUS servers. Is the above just telling me that the other end is taking a while to reply or is there some underlying issue? Without a debug output it's hard to tell. Please send freeradius -X output. Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Child is hung for request … message
Though you might say that. Running FR in debug mode now A On 7 Mar 2013, at 11:18, Olivier Beytrison oliv...@heliosnet.org wrote: On 07.03.2013 11:32, Alex Sharaz wrote: Hi, I've just downloaded,compiled and installed the latest version of 2.2 (2.2.1?) from git.freeradius.org. Installed it on an internal server and things seemed to work o.k. I then upgraded another server that deals with our external ( eduroam) connectivity and within a few mins am seeing The server is basically proxying off auth requests to remote RADIUS servers. Is the above just telling me that the other end is taking a while to reply or is there some underlying issue? Without a debug output it's hard to tell. Please send freeradius -X output. Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Child is hung for request … message
Hi, The server is basically proxying off auth requests to remote RADIUS servers. Is the above just telling me that the other end is taking a while to reply or is there some underlying issue? what is your retry time set to on the NAS kit? If your kit is expecting a reply in eg 3 seconds...well, a remply from a remote site may take longer. are you using status-server ? I would advise status-server usage in the first instance to ensure that your RADIUS server knows the remote RADIUS is okay and not the issue. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Child is hung for request … message
On 7 Mar 2013, at 11:36, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
The server is basically proxying off auth requests to remote RADIUS servers.
Is the above just telling me that the other end is taking a while to reply
or is there some underlying issue?
what is your retry time set to on the NAS kit? If your kit is expecting
a reply in eg 3 seconds...well, a remply from a remote site may take longer.
are you using status-server ? I would advise status-server usage
in the first instance to ensure that your RADIUS server knows the
remote RADIUS is okay and not the issue.
Yup I'm using status server.
in local-config/nrps.conf I've now got
server_pool eduroam {
home_server = eduroam1
home_server = eduroam2
home_server = eduroam0
type = client-port-balance
}
and
home_server eduroam0 {
ipaddr = ${eduroam_config.server0}
#ipv6addr = ${eduroam_config.server0}
secret = ${eduroam_config.secret0}
port = 1812
type = auth+acct
require_message_authenticator = yes
nostrip
response_window = 5
zombie_period = 40
revive_interval = 60
status_check= status-server
check_interval = 30
num_answers_to_alive= 3
……...
}
Rgds
Alex
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Child is hung for request … message
Hi, response_window = 5 thats a little low. the default provided with FreeRADIUS is 20 IIRC - and you need to ensure that theres correlation with the NAS alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Child is hung for request … message
On 7 Mar 2013, at 12:15, a.l.m.bu...@lboro.ac.uk wrote: Hi, response_window = 5 thats a little low. the default provided with FreeRADIUS is 20 IIRC - and you need to ensure that theres correlation with the NAS o.k can't remember where I got that value, suspect it was from a google of an email Thanks A alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Child is hung for request … message
On 7 Mar 2013, at 06:21, Alex Sharaz alex.sha...@york.ac.uk wrote: Though you might say that. Running FR in debug mode now A If you can't reproduce it with -X, try with the -fxxl stdout incantation, -X will also force the server into single threaded mode, and this might be a locking issue. -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
