Add dynamic_timeout

To separate timeout of connected clients from dynamic clients.

Dynamic client definitions often want long(ish) lifetimes to avoid
repeated verifications of the same client.

diff --git a/raddb/sites-available/default b/raddb/sites-available/default
index 7b2b4103a31ede564ec8943b48154b99571b17df..c892deec07254b325f9690724fa67f56a46866a5 100644 (file)
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
@@ -358,12 +358,18 @@ server default {
 
                        #
                        #  idle_timeout:: Time after which idle
-                       #  connections or dynamic clients are deleted.
+                       #  connections are deleted.
                        #
                        #  Useful range of values: 5 to 600
                        #
                        idle_timeout = 60.0
 
+                       #
+                       #  dynamic_timeout:: Time after which idle
+                       #  dynamic clients are deleted.
+                       #
+                       dynamic_timeout = 600.0
+
                        #
                        #  nak_lifetime:: Time for which blocked
                        #  clients are placed into a NAK cache.

diff --git a/raddb/sites-available/dynamic-clients b/raddb/sites-available/dynamic-clients
index fae45ba9ad28b42e2dc87fed01f93aeeac81a26e..bf7699788930b94a9ec09513a1aebbf2887e5ee4 100644 (file)
--- a/raddb/sites-available/dynamic-clients
+++ b/raddb/sites-available/dynamic-clients
@@ -90,14 +90,18 @@ server dynamic_clients {
                        max_connections = 256
 
                        #
-                       #  Free a dynamic client, or close a
-                       #  connection if it does not receive
+                       #  Close a connection if it does not receive
                        #  a packet within this time.
                        #
                        #  Useful range of values: 5 to 600
                        #
                        idle_timeout = 60.0
 
+                       #
+                       #  Time after which idle dynamic clients are deleted.
+                       #
+                       dynamic_timeout = 600.0
+
                        #
                        #  nak_lifetime:: Time for which blocked
                        #  clients are placed into a NAK cache.

diff --git a/raddb/sites-available/tacacs b/raddb/sites-available/tacacs
index aee48fd7b81cb19c26fe666389eeb1d436aabde5..6e98f98dae916441802a5e416877a3cc56f11d74 100644 (file)
--- a/raddb/sites-available/tacacs
+++ b/raddb/sites-available/tacacs
@@ -187,6 +187,12 @@ server tacacs {
                        #  Useful range of values: 5 to 600
                        #
                        idle_timeout = 60.0
+
+                       #
+                       #  dynamic_timeout:: Time after which idle
+                       #  dynamic clients are deleted.
+                       #
+                       dynamic_timeout = 600.0
                }
        }
 

diff --git a/src/lib/io/master.c b/src/lib/io/master.c
index 167849437b807ddb67cb46e340f872765c7e256f..509aadb801fba0e09361b5e76850775eeb461ce4 100644 (file)
--- a/src/lib/io/master.c
+++ b/src/lib/io/master.c
@@ -2076,9 +2076,6 @@ static void client_expiry_timer(fr_timer_list_t *tl, fr_time_t now, void *uctx)
                switch (client->state) {
                case PR_CLIENT_CONNECTED:
                        fr_assert(connection != NULL);
-                       FALL_THROUGH;
-
-               case PR_CLIENT_DYNAMIC:
                        delay = inst->idle_timeout;
                        if (fr_time_delta_ispos(client->radclient->limit.idle_timeout) &&
                            (fr_time_delta_lt(client->radclient->limit.idle_timeout, inst->idle_timeout))) {
@@ -2086,6 +2083,10 @@ static void client_expiry_timer(fr_timer_list_t *tl, fr_time_t now, void *uctx)
                        }
                        break;
 
+               case PR_CLIENT_DYNAMIC:
+                       delay = inst->dynamic_timeout;
+                       break;
+
                case PR_CLIENT_NAK:
                        delay = inst->nak_lifetime;
                        break;
@@ -2226,7 +2227,7 @@ idle_timeout:
                 *      idle timeut.
                 */
                client->ready_to_delete = true;
-               delay = inst->idle_timeout;
+               delay = client->state == PR_CLIENT_DYNAMIC ? inst->dynamic_timeout : inst->idle_timeout;
                goto reset_timer;
        }
 

diff --git a/src/lib/io/master.h b/src/lib/io/master.h
index 56e8783f9369aa953e07152e581cf57a361a0fb7..4057e7e86fd89ce144caedcd08e7eef4a6ed8cc8 100644 (file)
--- a/src/lib/io/master.h
+++ b/src/lib/io/master.h
@@ -80,7 +80,8 @@ typedef struct {
        uint32_t                        max_pending_packets;            //!< maximum number of pending packets
 
        fr_time_delta_t                 cleanup_delay;                  //!< for Access-Request packets
-       fr_time_delta_t                 idle_timeout;                   //!< for dynamic clients
+       fr_time_delta_t                 idle_timeout;                   //!< for connected clients
+       fr_time_delta_t                 dynamic_timeout;                //!< for dynamic clients
        fr_time_delta_t                 nak_lifetime;                   //!< lifetime of NAKed clients
        fr_time_delta_t                 check_interval;                 //!< polling for closed sockets
 

diff --git a/src/listen/dhcpv4/proto_dhcpv4.c b/src/listen/dhcpv4/proto_dhcpv4.c
index fe0aef2ba3c221f0d649ad1a26aee0f84834e4c4..2cd741e68c48e1218fb64fb903e6f1d0038a39b6 100644 (file)
--- a/src/listen/dhcpv4/proto_dhcpv4.c
+++ b/src/listen/dhcpv4/proto_dhcpv4.c
@@ -54,6 +54,7 @@ static const conf_parser_t priority_config[] = {
 static conf_parser_t const limit_config[] = {
        { FR_CONF_OFFSET("cleanup_delay", proto_dhcpv4_t, io.cleanup_delay), .dflt = "5.0" } ,
        { FR_CONF_OFFSET("idle_timeout", proto_dhcpv4_t, io.idle_timeout), .dflt = "30.0" } ,
+       { FR_CONF_OFFSET("dynamic_timeout", proto_dhcpv4_t, io.dynamic_timeout), .dflt = "600.0" } ,
        { FR_CONF_OFFSET("nak_lifetime", proto_dhcpv4_t, io.nak_lifetime), .dflt = "30.0" } ,
 
        { FR_CONF_OFFSET("max_connections", proto_dhcpv4_t, io.max_connections), .dflt = "1024" } ,

diff --git a/src/listen/dhcpv6/proto_dhcpv6.c b/src/listen/dhcpv6/proto_dhcpv6.c
index 31386109e9182a980d3ccaeee201dde202efaf1e..b536b24e09b8ee7e72de813d6ff2bc7879f0b6a2 100644 (file)
--- a/src/listen/dhcpv6/proto_dhcpv6.c
+++ b/src/listen/dhcpv6/proto_dhcpv6.c
@@ -55,6 +55,7 @@ static const conf_parser_t priority_config[] = {
 static conf_parser_t const limit_config[] = {
        { FR_CONF_OFFSET("cleanup_delay", proto_dhcpv6_t, io.cleanup_delay), .dflt = "5.0" } ,
        { FR_CONF_OFFSET("idle_timeout", proto_dhcpv6_t, io.idle_timeout), .dflt = "30.0" } ,
+       { FR_CONF_OFFSET("dynamic_timeout", proto_dhcpv6_t, io.dynamic_timeout), .dflt = "600.0" } ,
        { FR_CONF_OFFSET("nak_lifetime", proto_dhcpv6_t, io.nak_lifetime), .dflt = "30.0" } ,
 
        { FR_CONF_OFFSET("max_connections", proto_dhcpv6_t, io.max_connections), .dflt = "1024" } ,

diff --git a/src/listen/radius/proto_radius.c b/src/listen/radius/proto_radius.c
index 84000736d2f938c97f63662f9b122c33e4fe9d4b..46aa9ada19e1852c7c929762a2f93f0d1a58d302 100644 (file)
--- a/src/listen/radius/proto_radius.c
+++ b/src/listen/radius/proto_radius.c
@@ -37,6 +37,7 @@ static int transport_parse(TALLOC_CTX *ctx, void *out, void *parent, CONF_ITEM *
 static conf_parser_t const limit_config[] = {
        { FR_CONF_OFFSET("cleanup_delay", proto_radius_t, io.cleanup_delay), .dflt = "5.0" } ,
        { FR_CONF_OFFSET("idle_timeout", proto_radius_t, io.idle_timeout), .dflt = "30.0" } ,
+       { FR_CONF_OFFSET("dynamic_timeout", proto_radius_t, io.dynamic_timeout), .dflt = "600.0" } ,
        { FR_CONF_OFFSET("nak_lifetime", proto_radius_t, io.nak_lifetime), .dflt = "30.0" } ,
 
        { FR_CONF_OFFSET("max_connections", proto_radius_t, io.max_connections), .dflt = "1024" } ,

diff --git a/src/listen/tacacs/proto_tacacs.c b/src/listen/tacacs/proto_tacacs.c
index bc6b43d7afdd6a0368de074be8d3bd8dcdafacc9..a9a1e73c9a1cb648e0a9b82bb3f4c0ce2edf45a7 100644 (file)
--- a/src/listen/tacacs/proto_tacacs.c
+++ b/src/listen/tacacs/proto_tacacs.c
@@ -38,6 +38,7 @@ static int type_parse(TALLOC_CTX *ctx, void *out, void *parent, CONF_ITEM *ci, U
 
 static conf_parser_t const limit_config[] = {
        { FR_CONF_OFFSET("idle_timeout", proto_tacacs_t, io.idle_timeout), .dflt = "30.0" } ,
+       { FR_CONF_OFFSET("dynamic_timeout", proto_tacacs_t, io.dynamic_timeout), .dflt = "600.0" } ,
 
        { FR_CONF_OFFSET("max_connections", proto_tacacs_t, io.max_connections), .dflt = "1024" } ,
 

diff --git a/src/listen/vmps/proto_vmps.c b/src/listen/vmps/proto_vmps.c
index f0be9c0232cbb49d7b96d5ecb12e3d13805453e3..5c5d2b02f177d6a4888588d5232f234ad5d2bff2 100644 (file)
--- a/src/listen/vmps/proto_vmps.c
+++ b/src/listen/vmps/proto_vmps.c
@@ -44,6 +44,7 @@ static const conf_parser_t priority_config[] = {
 
 static conf_parser_t const limit_config[] = {
        { FR_CONF_OFFSET("idle_timeout", proto_vmps_t, io.idle_timeout), .dflt = "30.0" } ,
+       { FR_CONF_OFFSET("dynamic_timeout", proto_vmps_t, io.dynamic_timeout), .dflt = "600.0" } ,
        { FR_CONF_OFFSET("nak_lifetime", proto_vmps_t, io.nak_lifetime), .dflt = "30.0" } ,
 
        { FR_CONF_OFFSET("max_connections", proto_vmps_t, io.max_connections), .dflt = "1024" } ,