Proxy and copy-acct-to-home-server
Alan DeKok
aland at deployingradius.com
Sun Mar 7 09:38:22 CET 2010
Etienne Pretorius wrote:
> Lets say I have 3 FreeRadius servers (A,B,C) and I would like to sync
> the accounting packet between them.
>
> On server A, I created copy-acct-to-home-server for B and C;
> On server B, I created copy-acct-to-home-server for A and C;
> On server C, I created copy-acct-to-home-server for A and B;
...
> I desire that A only sends copies to B and C - while B and C do not send
> those packets back to A or to each other respectively.
> Like wise with the other two servers ( ie when one of the servers I
> administer proxies a packet, the receiver should not proxy it any
> further ).
Yes, that makes sense.
> How would I define this? Would I need one home_server_pool with both
> home_servers defined, but defined with what "type="?
Read the documentation on "type" for home_server_pools. There is
nothing that fits what you want.
> Mind if I use multiple pools then I need both in each of my realm
> statements... is that even allowed.
No.
What you need is a simple rule:
if NOT from (other two servers)
copy to other two servers
e.g.
if ((Packet-Src-IP-Address != A) && (Packet-Src-IP-Address != B)) {
copy-acct-to-home-server-A
copy-acct-to-home-server-B
}
Alan DeKok.
More information about the Freeradius-Users
mailing list