Re[2]: High Avaibility
Толик Шавловский
tolik_shavlovsky at mail.ru
Thu Mar 1 14:52:29 CET 2012
Hi,
if your NAS does not support 2 radius servers you can use load balancer (ex fortinet).
01 марта 2012, 15:37 от Phil Mayers <p.mayers at imperial.ac.uk>:
> On 01/03/12 10:16, Anto wrote:
> > Hello
> >
> > In the coming days I will set up a freeradius server for access
> > control and accounting. I've been looking for information on
> > freeradius and high availability, since my idea is to have two servers
> > in case one fails, continue to operate with the other, but I just
> > found information. So I turn to the list, in case I can recommend
> > someone with experience on stage.
> >
> > I do not know if it is feasible to have a server as master and one
> > slave, when the main falls, the other up the interface. If there is
> > some kind of balancer radius and use both servers, etc..
>
> This is a very vague question. You're going to get a lot of either
> too-vague or too-specific answers.
>
> A few things you need to specify:
>
> 1. When you say "high availability" what are you hoping to achieve?
> 2. How long can you tolerate when an unscheduled outage for? 1 second
> or 60?
> 3. Do your RADIUS servers talk to external data sources (SQL, LDAP)?
> 4. Do you care about load-balancing, or just high-availability?
>
> I'll make a few comments:
>
> Most NASes support 2 (or more) RADIUS servers, and will fail over when
> they detect an outage. For resilience, you just need to build two RADIUS
> servers on different IPs, and specify these in your NAS.
>
> You don't need a load-balancer or other complications, and they will
> just make things less reliable.
>
> Making "redundant" RADIUS servers is easy; you just build two machines,
> and run FreeRADIUS on each with the same config. The "hard" bit is
> replicating any data sources between them (LDAP, SQL) and handling
> "writes" such as accounting packets into SQL, SQL session counters, and
> so on.
>
> You need to be more specific about what you're doing and what you want
> to achieve.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list