Freeradius 2.1-1: failure modes

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Mon Mar 9 17:11:31 CET 2009


Hi,

> Right now FreeRadius returns reject to NAS
> rlm_sql (sql): Failed to connect DB handle #8
> rlm_sql (sql): reconnect failed, database down?
> rlm_sql_getvpdata: database query error
> [sql] SQL query error; rejecting user
> rlm_sql (sql): Released sql socket id: 8
> ++[sql] returns fail
> Sending Access-Reject
> Say I do not want to return reject in this case and I want the switch to
> understand that radius is down and retry another radius server (a
> backup/failover).
> Because if I return reject the NAS device treats this as radius is UP and
> running.

if radiusd cannot use the SQL, then its a fail...and a reject. if you
dont want this to happen, and radiusd is running, why would you think
the NAS should try another radiusd server to get to another DB?  if the
radius daemon is up, then it should try the other DB instead! this
is a much better way - just add the other DB to the SQL config - there
are plenty of resouces (and mailing list archives) that show how you
can add another sql instance..and use that if the primary fails

alternatively, if the DB is down, have a monitor task that can check
this (eg a timed PERL process) and if the DB is down, kill the
radius daemon. thats just as bad as what you are suggesting..but
is 'clean' from the NAS end (particularly its its got status packet
ability)

alan



More information about the Freeradius-Users mailing list