Robust Authentication Proxying

Ivan Kalik tnt at kalik.net
Fri Jul 10 19:56:09 CEST 2009


> What I really want is just, instead of the request being marked as
> failed when one of the home servers doesn't respond, for the proxy
> subsystem to just try sending the request to another configured home
> server.  If the proxy has tried sending a request to every non-zombie
> home server in the list and still hasn't gotten anything, then it can
> mark the request as failed.

That's not really on, as zombie server is still considered alive.

You can try this: instead of do_not_respond policy create a do_not_respond
module (patch). It would do the same as the policy plus remove the request
from the list once it fails. Then next NAS retransmit has a good chance of
going to a non-zombie home server.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list