Retransmission of RADIUS Access-Request messages

Jouni Malinen j at w1.fi
Wed May 2 23:24:39 EDT 2007


On Wed, May 02, 2007 at 04:42:45PM +0900, Saber Zrelli wrote:

> I am using hostapd as a standalone RADIUS server. 
> In my (emulated) environment the downstream RADIUS -> NAS has a certain
> (non 0) packet loss rate.
> 
> I have noticed the following :
> 
> When a RADIUS Access-Response message is lost, the NAS will retransmit
> the RADIUS Access-Request message. However hostapd will reject the
> retransmitted Access-Request message assuming that the message was
> duplicated.

Thanks for the report. I was able to reproduce this issue for the
RADIUS->NAS direction.

> I would like to know whether the re-transmission of RADIUS
> Access-Response messages is supported by RADIUS API of hosapd.

The RADIUS server implementation in the current hostapd version does not
have duplicate processing (radius_server.c has a TODO comment on this in
radius_server_request() function). Because of this, the re-transmitted
frame is passed to EAP server again and that is discarding duplicates.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list