RADIUS, anycast, and high availability
Jason Healy
jhealy at logn.net
Thu Jun 26 18:35:26 CEST 2014
On Jun 26, 2014, at 8:53 AM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> A lot depends on how stable the routing is, and how many next-hops are present, as well as how your routers hash between multiple next-hops e.g. ip or ip + port.
Yeah, I’m just starting to look into this. We’re on Juniper gear (sorry Arran!) and I think it tries to maintain a stable path for the same IPs. In the worst case, we could just set them up with a route preference so everything goes to the primary until failure (rather than trying to load-balance). Our site isn’t big enough to have a load problem so this is mostly for availability.
> Basically - if you're going to do this, ensure traffic to the anycast IP only reaches one server from every point during stable operation. During a routing change - which is presumably a failure event - packets will flow differently, but that doesn't matter because it's a failover event anyway.
Exactly. So long as the happy path is stable we can deal with a little weirdness around failures, as they would cause hiccups with regular NAS failover anyway.
I’ll add it to my to-do list, then, and see if we can get it running.
Thanks for the advice!
Jason
--
Jason Healy | jhealy at logn.net | http://www.logn.net/
More information about the Freeradius-Users
mailing list