Forwarding accounting Data to another radius Server for HA

Fajar A. Nugraha work at fajar.net
Mon Sep 1 15:43:23 CEST 2014


what does the debug mide say?

On Monday, September 1, 2014, Daren Hendricks <daren.hendricks at gmail.com>
wrote:

> Any other ideas? or what I'm missing?
>
>
> On Mon, Sep 1, 2014 at 2:34 PM, Daren Hendricks <daren.hendricks at gmail.com
> <javascript:_e(%7B%7D,'cvml','daren.hendricks at gmail.com');>> wrote:
>
>> Hi,
>>
>> Yes I have called 'replicate' in accounting section and it is after the
>> 'Replicate-To-Realm:= acc_realm' section.
>>
>> Regards,
>>
>>
>> On Mon, Sep 1, 2014 at 12:11 PM, Fajar A. Nugraha <list at fajar.net
>> <javascript:_e(%7B%7D,'cvml','list at fajar.net');>> wrote:
>>
>>> On Mon, Sep 1, 2014 at 4:22 PM, Daren Hendricks <
>>> daren.hendricks at gmail.com
>>> <javascript:_e(%7B%7D,'cvml','daren.hendricks at gmail.com');>> wrote:
>>>
>>>> Hi,
>>>>
>>>> Thank you,I have looked into using rlm_replicate but I do not seem to
>>>> be coming right. Below is what's in proxy.conf
>>>>
>>>>
>>>> home_server rad01 {
>>>>         type = acct
>>>>         ipaddr = 192.168.25.126
>>>>         port = 1813
>>>>         secret = testing123
>>>> }
>>>>
>>>> home_server_pool otp0 {
>>>>         home_server = otp1
>>>>         home_server = rad01
>>>> }
>>>> home_server_pool acc1 {
>>>>         home_server = rad01
>>>>
>>>> }
>>>> realm acc_realm {
>>>>         act_pool = acc1
>>>> }
>>>>
>>>>
>>>>
>>>
>>> ... and did you call "replicate" on your accounting section?
>>> Did you set Replicate-To-Realm before calling "replicate"?
>>>
>>> See
>>> https://github.com/FreeRADIUS/freeradius-server/blob/v2.x.x/raddb/modules/replicate
>>>
>>> --
>>> Fajar
>>>
>>>
>>>
>>>>
>>>> On Tue, Aug 26, 2014 at 11:53 AM, Fajar A. Nugraha <list at fajar.net
>>>> <javascript:_e(%7B%7D,'cvml','list at fajar.net');>> wrote:
>>>>
>>>>> On Tue, Aug 26, 2014 at 3:28 PM, Daren Hendricks <
>>>>> daren.hendricks at gmail.com
>>>>> <javascript:_e(%7B%7D,'cvml','daren.hendricks at gmail.com');>> wrote:
>>>>>
>>>>>> Hi Everyone,
>>>>>>
>>>>>> We have 2 radius servers (v2.2.1) a primary and secondary. Currently
>>>>>> both use same mysql database that lives on the primary server. For HA sake
>>>>>> we would like to have the following setup. The primary server will
>>>>>> read/write to it's radius DB and that will be replicated using mysql
>>>>>> replication to the secondary server. The secondary server will then
>>>>>> read/write to the replicated db and forward/proxy it's accounting data to
>>>>>> the primary server.
>>>>>> Does this sound like a feasible solution?
>>>>>>
>>>>>
>>>>> No.
>>>>>
>>>>> You should either:
>>>>> - replicate the packets at radius level, and have each radius write
>>>>> (both packets that it received directly and the forward packets) to its own
>>>>> db. OR
>>>>> - use active-active db replication (e.g. galera)
>>>>>
>>>>>
>>>>>
>>>>>> Also, what can we use to forward the accounting data to the primary
>>>>>> server, would robust-proxy-accounting be something worth looking into?
>>>>>>
>>>>>>
>>>>> Depends on your need. robust-proxy-accounting should work, but on some
>>>>> setup it might end up filling the disk (e.g. when bad home server rejects
>>>>> some packets).
>>>>>
>>>>> Personally I prefer rlm_replicate, which is very fast but might lose
>>>>> some accounting packets due to it's send-and-forget menchanism (I'm fine
>>>>> with that).
>>>>>
>>>>> --
>>>>> Fajar
>>>>>
>>>>> -
>>>>> List info/subscribe/unsubscribe? See
>>>>> http://www.freeradius.org/list/users.html
>>>>>
>>>>
>>>>
>>>> -
>>>> List info/subscribe/unsubscribe? See
>>>> http://www.freeradius.org/list/users.html
>>>>
>>>
>>>
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140901/a81ac2ec/attachment-0001.html>


More information about the Freeradius-Users mailing list