Radius proxy
Alan DeKok
aland at deployingradius.com
Mon Dec 14 16:28:29 CET 2015
On Dec 14, 2015, at 10:21 AM, srithar jeevadurai <srijeevadurai1 at gmail.com> wrote:
> Radius proxy is one instance of radiusd binary and each home server (1-n)
> is one instance of radiusd binary. so totally n+1 radius binary will be
> running on same host if we go with proxy approach.
That works, but isn't necessarily the best approach.
> Proxy server while doing load balancing, does it follow below rule?
It follows the rules documented in proxy.conf. Please read it. Look for "fail-over" in the "home-server-pool" section.
> If a session's first request i.e. auth has been forwarded to a home server
> 1 then all subsequent request of same session will be forwarded to same
> home instance of home server or it will be forwarded using round robin
> style.
All retransmits will go to the same home server. Anything else is a *very* bad idea.
> If it is round robin and we are using a customized module to trace sessions
> then it would not work since session created with home server 1 and sub
> sequence request for the session may go to another home server.
Exactly.
Some load-balancers implement round robin. This is stupid and broken, and causes problems.
Alan DeKok.
More information about the Freeradius-Users
mailing list