proxy keyed-balance setting
aland at deployingradius.com
Wed Sep 7 19:28:03 CEST 2016
On Sep 7, 2016, at 11:56 AM, Scott McLane Gardner <sgardne at uark.edu> wrote:
> I'm attempting to proxy based on Calling-Station-Id using the pre-proxy config in sites-available/default and proxy.conf. I think I have it all configured correctly, but the proxy server always forwards to the first server in the home_server_pool regardless.
Read the debug log. The Called-Station-Id is the same for all packets. Which means that the Load-Balance-Key is the same for all packets. Which means that all packets go to the same destination.
That's what Load-Balance-Key does. Different keys go to different destinations. The same key goes to the same destination.
> Will the proxy server do the server calculation (server = (hash % num_servers_in_pool)) for every request, or only if a threshold of requests per second are coming in or something like that? Here is my relevant config:
The documentation for Load-Balance-Key describes what it does. It behaves as described.
And the debug log shows that you're doing EAP. Which *requires* all packets for one authentication to go to the same home server. Which is why you set the Load-Balance-Key to Called-Station-Id, so that it can tell that all of the EAP packets are from the same user.
More information about the Freeradius-Users