[7279] in Kerberos
Re: Replay Found and Retransmitted????
daemon@ATHENA.MIT.EDU (Jonathan Kamens)
Wed May 15 03:00:46 1996
To: kerberos@MIT.EDU
Date: 15 May 1996 06:48:37 GMT
From: jik@annex-1-slip-jik.cam.ov.com (Jonathan Kamens)
In article <4nbal2$ovm@temasek.teleview.com.sg>, ccc@temasek.teleview.com.sg (Chua Chek Chay) writes:
|> But since yesterday, the authentication process goes like this:
|>
|> Enter username> testuser <---- hang here
|>
|> The session is terminated by the terminal server after a minute.
This means that for some reason the terminal server is never getting
the response from the KDC.
|> A check on the kerberos log on the master kerberos server shows the
|> following log message:
|>
|> May 14 21:41:44 temasek krb5kdc[527]: DISPATCH: replay found and
|> re-transmitted
And this means that the KDC is getting multiple identical requests from
the terminal server and responding to all of them identically.
So, it seems that for some reason, requests are getting from the
terminal server to the KDC and it's responding, but its responses
aren't getting back to the terminal server. There are numerous
possible explanations for this. Perhaps something is confused at the
network layer. When this occurs, and you log into the Kerberos server,
can you successfully send packets to the terminal server (e.g., by
pinging it, or telnetting to it or by utilizing some UDP service on it,
the latter being the best test since Kerberos is a UDP protocol)?
Or perhaps something is messed up in the terminal server's
configuration so that it doesn't know what its IP address is, so the
responses are getting intercepted by another host claiming to have the
same address or something like that.
Alternatively, perhaps the terminal server's software is messed up in a
way that makes it occasionally stop listening properly for response
from the KDC.
There are probably other possibilities. Perhaps I've given you enough
of an insight for you to track down what's going wrong. If you figure
it out, please post and let us know; it seems like an interesting
problem.
