Reemission bug in multi-threaded mode + FreeRADIUS 2.0 roadmap questions

Kostas Kalevras kkalev at noc.ntua.gr
Wed Nov 15 11:16:49 CET 2006 

Alan DeKok wrote:

>Chaigneau Nicolas <chaigneaun at yahoo.fr> wrote:
>  
>
>>Setting up the serveur in synchronous mode is much simpler, although
>>I think we would lose a few features that we need.
>>    
>>
>
>  No.
>
>  
>
>>Detecting a proxy server is dead and failover to a backup server is
>>important to us. In the current 1.1.3 version, failover is possible
>>only in asynchronous mode. Will failover still be possible in the
>>next release of FreeRADIUS ?
>>    
>>
>
>  Yes.
>
>  
>
>>Also, we need to detect that a given proxied request did not receive
>>any response, in order to send back a specific response to the NAS
>>(Reject or Accept). Would it be possible in synchronous mode ?
>>    
>>
>
>  Not right now.  As always, patches are welcome.
>
>  
>
>>Will the possibility to choose between synchronous and asynchronous
>>remain in the CVS head, or do you plan to completely remove
>>asynchronous mode ?
>>    
>>
>
>  The asynchronous code has already been removed in the CVS head.
>
>  
>
>>One more point about synchronous mode : currently, timeout and
>>retries parameters are global to FreeRADIUS in the "proxy server"
>>configuration section.
>>    
>>
>
>  Those configurations have been removed in the CVS head.
>
>  
>
>>If the retransmission mode is synchronous, wouldn't these parameters
>>have to be defined per NAS, for instance in the clients.conf file ?
>>    
>>
>
>  No.  The settings are on the *NAS*, not in the clients.conf file on
>the server.  If you want to change the settings log into the NAS.
>  
>
Let me illustrate our situation and let's see if the same can be 
achieved in synchronous mode. We operate a proxy radius for a DSL 
service in Greece.
For each realm (around 5 realms) we maintain a primary and a backup 
radius server. What we don't want to happen is for the *NAS* to mark the 
*proxy* radius dead because one home proxy is not responding. That's 
where asynchronous mode comes useful. We set retry_delay * retry_times * 
number of home servers < retry_delay * retry_times on the NAS so that we 
can mark home servers and realms dead *before* the NAS marks the whole 
proxy radius service dead (which we want to avoid except if the proxy 
service itself is not available). How can we achieve a similar setup in 
synchronous mode?


>  Alan DeKok.
>--
>  http://deployingradius.com       - The web site of the book
>  http://deployingradius.com/blog/ - The blog
>- 
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
>  
>

More information about the Freeradius-Devel mailing list