FreeRADIUS + LVS problem
Nicolas Baradakis
nbk at sitadelle.com
Mon Feb 19 11:24:59 CET 2007
Alan DeKok wrote:
> Nicolas Baradakis wrote:
> > Keepalived will monitor the FreeRADIUS proxies. The health check is
> > configured with a "MISC_CHECK" stanza in keepalived.conf. You have
> > to run "radclient" and test whether the server returns Access-Accept,
> > that's all.
>
> This is what Status-Server should be used for.
>
> http://www.ietf.org/internet-drafts/draft-dekok-radius-status-server-00.txt
I see one advantage to use Access-Request "pings": I can test both the
RADIUS server and the MySQL backend with a single check.
A FreeRADIUS proxy uses real users to ping the RADIUS servers, and
that's troublesome for the reasons outlined in your draft. Keepalived
deals with the problem differently: you can setup a special account to
run the monitor checks. Therefore you don't really care whether the
statistics of the user keepalived at realm.net are wrong.
--
Nicolas Baradakis
More information about the Freeradius-Users
mailing list