Simple 2 Server High Availability

Phil Mayers p.mayers at
Tue Aug 5 18:00:45 CEST 2014

On 05/08/14 16:42, Arran Cudbard-Bell wrote:
> On 5 Aug 2014, at 11:33, James Bensley <jwbensley at> wrote:
>> Hi All,
>> As a follow up to this I am thinking I shall use MariaDB if anyone has
>> any thoughts on that.
> What are you actually putting in the database?

This. If you're just reading username/password, you don't need multi-master.

If you're doing accounting, you *might* want that. But you could just 
relay the accounting to a central server and wait for it to replicate 
back out, or use radsqlrelay. Depends on your needs.

If you're doing IP assignment it's a bit trickier, but there are 
solutions if your radius requests are reasonably sticky over long-ish 
timescales (minutes).

We do the following:

  1. SQL DB "users" - master server, read-only replica on radius servers 
via Postgres "Slony"

  2. SQL DB "accounting" - master server only, radsqlrelay from radius 
servers; no local copy on radius servers.

  3. SQL DB "ipassign" - local to each radius server, sqlippool queries 
modified to put update servername/timestamp column on rows, python 
script syncs most-recent IP assignment bi-directionally once a minute.

I think a multi-master approach sounds fragile.

We also use Postgresql rather than MySQL/MariaDB.

More information about the Freeradius-Users mailing list