proxy failover
Michael Markstaller
mm at elabnet.de
Mon May 15 20:09:09 CEST 2006
Just did some tests to verify failover and I came across two issues:
- running FreeRADIUS 1.0.1
- one realm (used with DEFAULT Huntgroup,Proxy-To-Relam in users), entered with two home-servers
With config
proxy server {
synchronous = no
retry_delay = 10
retry_count = 3
dead_time = 600
default_fallback = no
post_proxy_authorize = no
}
The first failed server *never* gets marked as "dead"
using
retry_delay = 5
retry_count = 3
one authentication try fails, then the server is marked as dead and subsequent suceed within dead_time
The problem is, I need the larger timeout/retry-delay for lame upstream servers and I know the failover also worked with these settings some time ago, but this might have been with an earlier 0.9x release.
Is there a way now (I remember some dicussions years ago it wasn't) to make the failover to multiple proxies work without losing one authentication-try each dead_time ?
I checked the changelog but found no hints something was fixed or changed in later versions.. Might it be worth a try to use v1.1.1 ? (although I'd really love to keep my stable Debian-package)
Michael
More information about the Freeradius-Users
mailing list