Logging ntlm authentication
Alan DeKok
aland at deployingradius.com
Tue Sep 7 22:26:25 CEST 2010
John Horne wrote:
> We have been running 3 servers with 2.1.10 (taken from git a while ago)
The proxy change went in August 4.
> for some time with no problems. They act as a proxy, receiving requests
> from wireless lan controllers and (mostly) proxying them on to MS IAS.
> Is there any particular change that you wanted feedback on?
What happens when a home server is marked zombie / dead. Previously,
if *one* request didn't get a response, the home server was marked
"zombie". If the proxy then received a response, the home server was
marked "alive".
i.e. if a proxy was sending packets for realm A && B to a home server,
and the home server was responding only for realm A and not B... then
the home server could be marked zombie / alive / zombie / alive in quick
sequence.
It now keeps track of recent replies. If the home server is
responding for realm A, then it will always be marked "alive", even if
it's not responding for realm B.
The home server is marked as "zombie" only when it receives *no*
replies for a period of time.
I hope that explanation makes sense...
Alan DeKok.
More information about the Freeradius-Users
mailing list