proxy keyed-balance setting

Alan DeKok aland at deployingradius.com
Wed Sep 7 19:28:03 CEST 2016


On Sep 7, 2016, at 11:56 AM, Scott McLane Gardner <sgardne at uark.edu> wrote:
> 
> I'm attempting to proxy based on Calling-Station-Id using the pre-proxy config in sites-available/default and proxy.conf. I think I have it all configured correctly, but the proxy server always forwards to the first server in the home_server_pool regardless.

  Read the debug log.  The Called-Station-Id is the same for all packets.  Which means that the Load-Balance-Key is the same for all packets.  Which means that all packets go to the same destination.

  That's what Load-Balance-Key does.  Different keys go to different destinations.  The same key goes to the same destination.

> Will the proxy server do the server calculation (server = (hash % num_servers_in_pool)) for every request, or only if a threshold of requests per second are coming in or something like that? Here is my relevant config:

  The documentation for Load-Balance-Key describes what it does.  It behaves as described.

  And the debug log shows that you're doing EAP.  Which *requires* all packets for one authentication to go to the same home server.  Which is why you set the Load-Balance-Key to Called-Station-Id, so that it can tell that all of the EAP packets are from the same user.

  Alan DeKok.




More information about the Freeradius-Users mailing list