RADIUS server using APM to authenticate users

Hi Stanislas,

1.) I prefer to check if at least 20 bytes are received instead of starting to parsing the outer protocol encapsulation and then count the resulting fields, but its a personal preference.

2.) I'm glad you found out that the UDP-layer needs some attention too, to make the Radius Server RFC compliant and also stable enough for OTP operations. I recommend to use the algorythm mentioned in RFC 5080 to maintain the caches...

In addition to that...

1.) Learn the small but important difference between a signed and unsigned integer.

2.) Test your iRule with the UDP payloads below and watch your TMM entering an endless

[for]

set PAYLOAD "\x01\xff\x00\x18\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01\x02\x01\xfe"
set PAYLOAD "\x01\xff\x00\x16\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01\x00"

3.) Make sure to spent me a beer during the next MVP summit for pointing out some coding flaws... 😉

4.) And spent me another beer to get a free copy of my iRule based Radius Server stack... 😉

Cheers, Kai