Duplicate Transaction Detection

Ingress Duplicate Transaction Detection

A RADIUS Server is able detect that a received Request is a duplicate of a previously received Request message if the Request messages have the same source IP address, Source port number and RADIUS header Identifier field values. Retransmitted Requests sent to the same (Destination IP Address, Destination Port Number) must use the same source IP address, source port number, RADIUS header Identifier and Authenticator field values.

Egress Duplicate Transaction Detection

When DRL forwards a Request message to RCL, an egress transaction record is maintained by RCL, storing the source IP address, source port number, RADIUS Header Identifier and Authenticator in the transaction record indexed by the DRL selected RADIUS client connection. If a Response is not received in a timely manner and DRL reroutes the same Request to the same RADIUS client connection, RCL utilizes previously stored information from this egress transaction record so that the retransmitted Request message has the same information such as source IP address and source port. If DRL fails to receive a response, and reroutes the Request message to a different peer (different RADIUS client connection), a new egress transaction record is created.

Note:

For information on DRL configuration information for rerouting, refer to the Diameter User's Guide. RCL maintains egress transaction records for the same duration as DRL's Pending Answer Timeout (PAT), until a valid Response is received or this duration expires.