# initial_rtx_time:: If there is no response within this time,
# the module will retransmit the packet.
#
- # Value should be `1..120`.
+ # Value should be `1..5`.
#
initial_rtx_time = 2
#
# max_rtx_time:: The maximum time between retransmissions.
#
- # Value should be `5..120`
+ # Value should be `5..30`
#
max_rtx_time = 16
# max_rtx_count:: How many times the module will send the packet
# before giving up.
#
- # Value should be `1..10` _(0 == retransmit forever)_
+ # Value should be `1..20` _(0 == retransmit forever)_
#
max_rtx_count = 2
# max_rtx_duration:: The total length of time the module will
# try to retransmit the packet.
#
- # Value should be `5..240`
+ # Value should be `5..60`
#
- max_rtx_duration = 5
+ max_rtx_duration = 30
}
#
# max_rtx_count = 0
#
Accounting-Request {
- #
- # initial_rtx_time:: If there is no response within this time,
- # the module will retransmit the packet.
- #
- # Value should be `1..3`.
- #
initial_rtx_time = 2
-
- #
- # max_rtx_time:: The maximum time between retransmissions.
- #
- # Value should be `5..30`
- #
max_rtx_time = 16
-
- #
- # max_rtx_count:: How many times the module will send the packet
- # before giving up.
- #
- # Value should be `1..10` _(0 == retransmit forever)_
- #
max_rtx_count = 5
-
- #
- # max_rtx_duration:: The total length of time the module will
- # try to retransmit the packet.
- #
- # Value should be `5..30`
- #
max_rtx_duration = 30
}
FR_INTEGER_BOUND_CHECK("Access-Request.max_rtx_count", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrc, >=, 1);
FR_TIME_DELTA_BOUND_CHECK("Access-Request.max_rtx_duration", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrd, >=, fr_time_delta_from_sec(5));
- /*
- * initial and max rtx times are significantly
- * higher for authentication packets, because
- * in some cases we're proxying to another RADIUS
- * which is performing MFA on our behalf and waiting
- * for user input.
- *
- * We can afford to wait this long because the
- * module is fully async, and the requests will
- * sleep until they're work up.
- */
- FR_TIME_DELTA_BOUND_CHECK("Access-Request.initial_rtx_time", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].irt, <=, fr_time_delta_from_sec(120));
- FR_TIME_DELTA_BOUND_CHECK("Access-Request.max_rtx_time", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrt, <=, fr_time_delta_from_sec(120));
+ FR_TIME_DELTA_BOUND_CHECK("Access-Request.initial_rtx_time", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].irt, <=, fr_time_delta_from_sec(3));
+ FR_TIME_DELTA_BOUND_CHECK("Access-Request.max_rtx_time", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrt, <=, fr_time_delta_from_sec(30));
FR_INTEGER_BOUND_CHECK("Access-Request.max_rtx_count", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrc, <=, 10);
- FR_TIME_DELTA_BOUND_CHECK("Access-Request.max_rtx_duration", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrd, <=, fr_time_delta_from_sec(240));
+ FR_TIME_DELTA_BOUND_CHECK("Access-Request.max_rtx_duration", inst->retry[FR_RADIUS_CODE_ACCESS_REQUEST].mrd, <=, fr_time_delta_from_sec(30));
}
/*
projects / thirdparty / freeradius-server.git / commitdiff
