Forwarding accounting Data to another radius Server for HA
Fajar A. Nugraha
list at fajar.net
Mon Sep 1 12:11:55 CEST 2014
On Mon, Sep 1, 2014 at 4:22 PM, Daren Hendricks <daren.hendricks at gmail.com>
wrote:
> Hi,
>
> Thank you,I have looked into using rlm_replicate but I do not seem to be
> coming right. Below is what's in proxy.conf
>
>
> home_server rad01 {
> type = acct
> ipaddr = 192.168.25.126
> port = 1813
> secret = testing123
> }
>
> home_server_pool otp0 {
> home_server = otp1
> home_server = rad01
> }
> home_server_pool acc1 {
> home_server = rad01
>
> }
> realm acc_realm {
> act_pool = acc1
> }
>
>
>
... and did you call "replicate" on your accounting section?
Did you set Replicate-To-Realm before calling "replicate"?
See
https://github.com/FreeRADIUS/freeradius-server/blob/v2.x.x/raddb/modules/replicate
--
Fajar
>
> On Tue, Aug 26, 2014 at 11:53 AM, Fajar A. Nugraha <list at fajar.net> wrote:
>
>> On Tue, Aug 26, 2014 at 3:28 PM, Daren Hendricks <
>> daren.hendricks at gmail.com> wrote:
>>
>>> Hi Everyone,
>>>
>>> We have 2 radius servers (v2.2.1) a primary and secondary. Currently
>>> both use same mysql database that lives on the primary server. For HA sake
>>> we would like to have the following setup. The primary server will
>>> read/write to it's radius DB and that will be replicated using mysql
>>> replication to the secondary server. The secondary server will then
>>> read/write to the replicated db and forward/proxy it's accounting data to
>>> the primary server.
>>> Does this sound like a feasible solution?
>>>
>>
>> No.
>>
>> You should either:
>> - replicate the packets at radius level, and have each radius write (both
>> packets that it received directly and the forward packets) to its own db. OR
>> - use active-active db replication (e.g. galera)
>>
>>
>>
>>> Also, what can we use to forward the accounting data to the primary
>>> server, would robust-proxy-accounting be something worth looking into?
>>>
>>>
>> Depends on your need. robust-proxy-accounting should work, but on some
>> setup it might end up filling the disk (e.g. when bad home server rejects
>> some packets).
>>
>> Personally I prefer rlm_replicate, which is very fast but might lose some
>> accounting packets due to it's send-and-forget menchanism (I'm fine with
>> that).
>>
>> --
>> Fajar
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140901/760f8478/attachment.html>
More information about the Freeradius-Users
mailing list