JRS - Proxying v2
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Sat Apr 7 01:03:00 CEST 2007
> Longer, but more configurable.
>
> As of Thursday's CVS, one of the "type" options for a server_pool is
> "type = client_balance", which maps N clients to one home server. It's
> not as good as real load balancing, but much less work than tracking
> individual EAP sessions.
> ...
>
Very nice feature :)
Though using todays CVS (head revision for radiusd, checked out about 3
hours) , I still get Unknown type "client_balance".
Also it doesn't let me put multiple servers in a server pool, and dies
on runtime with
/usr/local/freeradius-cvs060407/etc/raddb/radiusd.conf[147]: Ignoring
duplicate home server jrs1_auth.
> I hope not. An accounting pool needs to reference accounting servers,
> not authentication servers. Maybe I missed one sanity check. If so,
> I'll fix that.
>
Oh typo on my part, though yes might be good to check all the servers in
the server pool are of the same type,
and that accounting pools are not used for acct_pool declarations in
realms and likewise for auth.
> You'll have to specify a username && password, too.
Yes, just realised that :)
> Many of these new configuration options can be left at the defaults.
>
Yes.
>> Very long, but I can see the advantages :
>> Yes.
>>
>> If many home servers are intended to be identical, it may be worth
>> referencing the configuration from one to another, maybe via some kind
>> of template. That would make it just as flexible, but less typing.
Revised JRS 2
janet_servers {
server0 = roaming0.ja.net
server1 = roaming1.ja.net
server2 = roaming2.ja.net
secret = theirkey
}
##############
# Server Pools
#
realm jrs {
auth_pool = jrs_auth_cb
acct_pool = jrs_acct_cb
nostrip
}
##############
# Server Pools
#
server_pool jrs_auth_cb {
home_server = jrs0_auth
#home_server = jrs1_auth
#home_server = jrs2_auth
type = fail-over
#type = client_balance
}
server_pool jrs_acct_cb {
home_server = jrs0_acct
#home_server = jrs1_acct
#home_server = jrs2_acct
type = fail-over
#type = client_balance
}
##############
# Home Servers
home_server jrs0_auth {
hostname = ${janet_servers.server0}
$INCLUDE ${confdir}/jrs.auth.conf
}
home_server jrs0_acct {
hostname = ${janet_servers.server0}
$INCLUDE ${confdir}/jrs.acct.conf
}
home_server jrs1_auth {
hostname = ${janet_servers.server1}
$INCLUDE ${confdir}/jrs.auth.conf
}
home_server jrs1_acct {
hostname = ${janet_servers.server1}
$INCLUDE ${confdir}/jrs.acct.conf
}
home_server jrs2_auth {
hostname = ${janet_servers.server2}
$INCLUDE ${confdir}/jrs.auth.conf
}
home_server jrs2_acct {
hostname = ${janet_servers.server2}
$INCLUDE ${confdir}/jrs.acct.conf
}
More information about the Freeradius-Users
mailing list