FreeRADIUS Default Answer

Posted by jinanwow on Server Fault See other posts from Server Fault or by jinanwow
Published on 2010-07-08T15:36:29Z Indexed on 2011/01/14 8:54 UTC
Read the original article Hit count: 335

Filed under:
|
|

We are using FreeRADIUS with a MySQL database, authenticating users. We ran into an issue where are MySQL database was slow causing the max number of threads to be reached. The issue with this is, when the server couldn't answer the requests as there were no threads avaiable, it sent the response of Access-Reject to the clients.

Our devices cache client connections and periodically checks with the server to see if they should still be allowed or to remove them. The equipment is designed that if there is no response from the server and a client is connected it will remain connected. The issue is, when the radius server is at its max threads, its default answer is to send access-reject (verified via packet capture), however we would like to change the default behavior to just ignore the request (keeping the clients connected).

We have fixed the MySQL database issue for now, but I would like to change the default from Access-Reject, to just ignore the client altogeather. I have done research, but not able to find an answer to the question.

Thanks in Advance.

© Server Fault or respective owner

Related posts about linux

Related posts about radius