Duplicating Accounting Requests / accounting to multiple locations
Florian Lohoff
f at zz.de
Wed Dec 14 18:35:03 CET 2011
Hi,
On Wed, Dec 14, 2011 at 05:45:17PM +0100, Alan DeKok wrote:
> Florian Lohoff wrote:
> > A "duplicate" policy would be what i was looking for. Acknowledge the
> > packet to the sending NAS and sending requests to all final systems
> > and waiting for their acknowlegde.
>
> This can be done.
>
> > A limit in queue or storage capacity
> > would be acceptable e.g. max 1000 requests outstanding and front dropping
> > afterwards.
>
> That's difficult to do.
I see - i guess i have to write a radacct-duplicate-daemon myself.
> > I have found the "copy-acct-to-home-server" virtual site which makes me
> > wonder about the imposed delay by writing the accounting records to disk
> > and reading again for forwarding. Sounds like a strange solution - a bit
> > like UUCP store and forward copy ...
>
> Yes. It's the ONLY way to reliably replicate accounting packets. You
> need to handle the situation of the RADIUS server going down, or the
> home server being down for extended periods of time. Only logging to a
> file will handle that.
For most of my purposes i dont care about systems not available for a longer
period as backend systems take care on synchronisation.
In the past 15 years i have seen a lot of broken Radius implementations not
sending Stop/Start or Accounting On/Off so relying on state by Radius is some
kind of guesswork in my eyes.
When talking about reliability you talk about fsync after every packet before
acknowledge?
Store and Forward for Mails is okay - but doing that with some 2000 Packets
per seconds sounds wrong.
Flo
--
Florian Lohoff f at zz.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111214/39d2ae53/attachment.pgp>
More information about the Freeradius-Users
mailing list