[radsecproxy] Re: Adding support for dynamic authorisation messages (CoA/Disconnect)

Hi Harshit, Apologies for the delay. On 01.04.21, 09:19, "Harshit Jain" <hjain(a)arista.com> wrote: Hi Fabian, One thing that came to mind is with there being a client config regardless of where we get the CoA request, we will end up listening for requests from that client on a new socket even if we only want to receive CoA requests over the same TLS connection from the server. I am not sure if this is really an issue but I wanted to hear your thoughts on this. I don’t see this as an issue. There is anyway only one socket in the listening state (per port), not for every defined client. That’s the same as for regular clients: you can define as many as you want, there will only be config objects. New sockets with associated threads are only started when there is an actual incoming connection. Small detail: UDP clients really only have one single thread reading all incoming UDP packets. This will mean also closing the thread writing replies to this client (tlsserverwr for example) along with the cleanup and creating that thread again with the new client passed as an argument. Do we want to do this for every connection reset? Yes. This is what already happens for regular incoming TLS connections. Regards, Fabian -- SWITCH Fabian Mauchle, Network Engineer Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland Phone +41 44 268 15 30, direct +41 44 268 15 39