Best practices for redundant servers

Aaron Paetznick aaronp at
Mon Nov 6 18:38:22 CET 2006

Thanks, this was helpful.  I would rather not use LVS.  I would prefer 
to use the built-in functionality of the NAS to fall back from a primary 
to secondary or tertiary auth/accounting servers.

This whole setup would be far simpler and more robust if I could just do 
master-master replication with the MySQL servers.  Oh well.

I was not aware of radsqlrelay.  I think this gets me closer to what I 
need than anything else.  I can't guarantee which server the NAS will 
choose to log to at any given time. Therefore, I may need to use 
radsqlrelay on each server to keep the others in sync.  Does this seem 
like a sensible plan?


Nicolas Baradakis wrote:
> Aaron Paetznick wrote:
>> I've been struggling with this problem for a couple of weeks, and I 
>> thought I'd pass it along to the mailing list.  Basically I'm trying to 
>> answer the following question.  Given multiple identical dedicated 
>> servers each running Linux and MySQL, how can I configure FreeRADIUS for 
>> maximum stability, reliability, and performance?  The question, it 
>> seems, is not as easy as is sounds.
> I've already setup FreeRADIUS on multiple redundant servers, but never
> had the time to write a HOWTO. The main guideline is:
> 1. Use LVS in a "direct routing" setup to dispatch the RADIUS requests.
> 2. Use MySQL replication for the authorize database, so each FreeRADIUS
>    server connects to a local, read only database.
> 3. Use radsqlrelay for the accounting database, so the accounting data
>    is written to a central database without slowing down the RADIUS
>    servers. radsqlrelay is to be found in the FreeRADIUS source tarball,
>    you could read the "rlm_sql_log" and "radsqlrelay" manpages for more
>    details.

More information about the Freeradius-Users mailing list