Loadbalancing and failover using different servers

Alan DeKok aland at deployingradius.com
Fri Jan 14 16:00:20 CET 2011

Juan Perez wrote:
> Let's suppose that I have two servers running the latest and
> shiniest version of FreeRadius and for some reason there is a bug in
> FreeRadius that causes the server to crash when a specially crafted
> RADIUS packet is received.

  Hmm... that's hard to do:  http://freeradius.org/security.html

  Notice anything about 2.x on that page?

> Let's suppose that there is also an attacker
> (a disglunted employee maybe?), who knows about this bug and decides to
> attack my FreeRadius servers, so he starts sending these
> specially crafted packets to each server and since the two servers have
> the same bug, both of them would die upon receiving these packets.

  Even if that did happen, you would probably notice.

> If I have two servers from different vendors, I could thus hopefully
> guarantee that at least the horrible server would continue working while
> an attack targeted at FreeRadius is going on. The horrible server
> doesn't need to be necessarily a Cisco ACS, any other horrible server
> would do it (Microsoft IAS, Steel-Belted, etc).
> So, does it make sense now or is the idea too stupid to be even considered?

  Or, you could believe that maintaining the same configuration in two
completely independent products is a huge PITA, and not worth the effort
of "maybe" avoiding an attack.

  The FreeRADIUS source code is regularly scanned with Coverity, LLVM,
and a few others.  Nothing has come up in the last 3 years, for 2.x.

  Alan DeKok.

More information about the Freeradius-Users mailing list