load balancing and if statements
Brian De Wolf
bldewolf at csupomona.edu
Wed Mar 28 00:38:11 CEST 2012
On Mon, 26 Mar 2012 11:46:22 -0700
Scott McLane Gardner <sgardne at uark.edu> wrote:
> If I can't use if statements in a load balance block, can anyone
> suggest another way to go about accomplishing what I want to do here?
After reading this thread and realizing it affects my implementation
(though with mysql), I started poking at this to work out a solution.
The real problem with trying to build this in unlang is that there
doesn't seem to be a way to differentiate between a failed Sql-Group
check and a negative result. Instead, I have to cheese it out with
an XLAT no-op to see if the SQL server is responding. If I'm missing
something useful here, please let me know. I'd love some feedback from
the gurus. Anyway, the config bits:
policy {
# ...
mysql-1-disabled {
if("%{mysql-1:SELECT 'test'}" != "test") {
fail
}
if(mysql-1-Sql-Group == "disabled") {
reject
}
else {
ok
}
}
mysql-2-disabled {
if("%{mysql-2:SELECT 'test'}" != "test") {
fail
}
if(mysql-2-Sql-Group == "disabled") {
reject
}
else {
ok
}
}
}
instantiate {
# ...
redundant-load-balance sql-disabled {
mysql-1-disabled
mysql-2-disabled
}
}
Once this is in, "sql-disabled" can be placed in an authorize{} block.
I really wish there was a better way to do this...
More information about the Freeradius-Users
mailing list