FreeRADIUS + LVS problem
nbk at sitadelle.com
Sun Feb 18 13:43:59 CET 2007
Alan DeKok wrote:
> Sam Schultz wrote:
> > I was thinking there may be some way to coerce FR into thinking
> > the load balancer is another radius server sending over proxied
> > requests, or something like that.
> The simplest way to do that is (perhaps not surprisingly) to run
> FreeRADIUS as a proxy, doing RADIUS-aware load balancing. Since that
> machine won't be doing authentication (DB's are slow), there's no reason
> it can't handle proxying 5k RADIUS requests/s.
I agree with Alan: if you want the features of a RADIUS proxy, just
setup FreeRADIUS as a proxy. I note alike the LVS servers, you can
have several RADIUS proxies in a pool and use Keepalived for failover.
Keepalived will monitor the FreeRADIUS proxies. The health check is
configured with a "MISC_CHECK" stanza in keepalived.conf. You have
to run "radclient" and test whether the server returns Access-Accept,
More information about the Freeradius-Users