Copying accounting packets to additional servers

paul.moser at bt.com paul.moser at bt.com
Thu Jun 10 19:16:31 CEST 2021


In addition to proxying accounting packets to a remote server we need to send a copy of those packets to other servers.

Only the result of the proxying needs to determine if an acknowledgement response is sent back to the client, however we do need to ensure the copies are received by the other servers.

In a pre or post proxy section I could write the packets to a file using the detail module and then have a virtual server listening to that file and sending the packets on to the other server. This would mean writing every packet to disk, and in some cases I need to send a copy to multiple places which would means writing the packet multiple times to disk - a lot of disk IO I would rather avoid if possible.

I've also looked at the replicate module, which whilst it will indicate if it failed because there is no live server to send to will otherwise ignore any response and so you don't know if it has been received.

I think I've seen mentioned in the past that v4 will include stuff that will make all this simpler but in the mean time do I have any other options?

I'm thinking maybe I could use the replicate module to loop the traffic I want copied back through the same FreeRadius instance with a virtual server listening on another port dedicated to that traffic and then use the normal proxying mechanisms with a Post-Proxy-Type Fail-Accounting section, fallback server etc to do robust proxying. It's a bit more config than just using the detail module aproach above and obviously means the FreeRadius instance is handling more packets but I feel I've got a better grasp on how the FreeRadius instance will perform with more packets based on what it is currently doing than I do if I suddenly add a lot of extra disk IO.

Thoughts?


Thanks,

Paul


More information about the Freeradius-Users mailing list