Chilli Instance shows Timeout after sometime of handling Traffic ( General + DNS Queries nslookup )

[amitetw]

Hi Team,

Facing an issue where the chilli instance shows up Timeout status when put on load or sometime even without load too.

1. This is our setup:

a. Running 2 chilli instances for catering traffic of multiple vlans. b. chilli status check from chilli_query list c. Chilli version 1.4 d. OS- Debian 8

root@t12tu2:/home/user# chilli_query list

2. Issue is like:

Querying socket /var/run/chilli.bond0.100.sock 44-80-EB-B7-54-EA 10.12.22.10 dnat 5a7f16bf00000001 0 - 0/0 0/600 0/0 0/0 0 0 0/0 0/0 http://connectivitycheck.gstatic.com/generate_204 vlan=(null)

Querying socket /var/run/chilli.bond0.120.sock Timeout

3. Below traffic/Load was given when this condition was reached:

iperf download traffic of a big file --> iperf3 -R -c awsip DNS query --> watch nslookup orf.at

4. Config for Vlan 100

THIS FILE IS AUTOMATICALLY GENERATED

cmdsocket /var/run/chilli.bond0.100.sock unixipc chilli.bond0.100.ipc pidfile /var/run/chilli.bond0.100.pid net 10.52.20.0/255.255.254.0 uamlisten 10.52.20.1 uamport 3990 dhcpif bond0.100 uamallowed "10.52.20.1,t52tu1" uamanydns lease "600" uid "0" gid "0" dhcpstart "10" tundev "tun0" domain "xlan" dns1 "10.52.20.1" dns2 "10.52.20.1" uamhomepage http://10.52.20.1:3990/www/coova.html wwwdir /var/coova/www wwwbin /etc/chilli/wwwsh uamuiport 4990 conup "/etc/chilli/conup" condown "/etc/chilli/condown" localusers /etc/chilli/bond0.100/localusers locationname "CF1" radiuslocationname "CF1" radiuslocationid "isocc=,cc=,ac=,network=Coova,"

5. Config for Vlan 120

THIS FILE IS AUTOMATICALLY GENERATED

cmdsocket /var/run/chilli.bond0.120.sock unixipc chilli.bond0.120.ipc pidfile /var/run/chilli.bond0.120.pid net 10.52.24.0/255.255.254.0 uamlisten 10.52.24.1 uamport 3990 dhcpif bond0.120 uamallowed "10.52.24.1,t52tu1" uamanydns lease "600" uid "0" gid "0" dhcpstart "10" tundev "tun1" domain "xlan" dns1 "10.52.24.1" dns2 "10.52.24.1" uamhomepage http://10.52.24.1:3990/www/coova.html wwwdir /var/coova/www_120 wwwbin /etc/chilli/wwwsh uamuiport 4990 conup "/etc/chilli/conup_120" condown "/etc/chilli/condown_120" localusers /etc/chilli/bond0.120/localusers locationname "CF1" radiuslocationname "CF1" radiuslocationid "isocc=,cc=,ac=,network=Coova,"

For about 30min all was working, although sometimes the page loading was delayed, afterwards the chilli process crashed, client was disconnected and chilli_query list returned “Timeout”.

Kindly suggest if a codefix or parameter fix is needed to handle this or maybe if this is a known situation.

Also would like to know suggestions on below points:

1. is it possible to run chilli without tun/tap interface.
2. Once authentication is ok, is it possible to restore the already running sessions on chilli reboot so that they dont have to pass the authentication again.
3. How to tune the network related tcp/udp buffers associated to chilli.

Thanks, Amit Dubey

[nzamps]

The uamport and uamuiport options need unique values - increment the vlan120 one to have 3991 and 4991 respectively.

Also, I don't see all of your radius settings - radiuslisten, radiusserver1 etc ?

[amitetw]

Hi Brian,

Thanks for inputs.

Point Noted for Ports. Will check.

For the Radiuslisten ( Not Set ) and Radiusserver1 ( Which is set to Localhost ), we are not authenticating the user Just letting a byepass based on term agreement on portal page.

We dont have a AAA server defined. For accounting, FreeRadius is being used which is locally installed and working fine.

Is it necessary to define Radiuslisten and Radiusserver1 ?

[nzamps]

No, you don't need to configure Radiuslisten if using localhost for Radiusserver1.

[amitetw]

Hi Brian, I am able to get the sessions restored using the seskeepalive but when the sessions are back, th internet doesn't work on those devices. On removing the chilli entry and connecting again, they are able to do so again.

any other thing to check ? The statusfile is also saved.