proxy keyed-balance setting

Scott McLane Gardner sgardne at
Wed Sep 7 20:16:14 CEST 2016

>> I'm attempting to proxy based on Calling-Station-Id using the pre-proxy config in sites-available/default and proxy.conf. I think I have it all configured correctly, but the proxy server always forwards to the first server in the home_server_pool regardless.

  >Read the debug log.  The Called-Station-Id is the same for all packets.  Which means that the Load-Balance-Key is the same for all packets.  Which means that all packets go to the same destination.

I'm actually using Calling-Station-Id, which is apparently the clients MAC address. If I run the server in debug mode and watch while more than one client connects, all clients regardless of MAC go to the first server.

  >That's what Load-Balance-Key does.  Different keys go to different destinations.  The same key goes to the same destination.
 >And the debug log shows that you're doing EAP.  Which *requires* all packets for one authentication to go to the same home server.  Which is why you set the Load-Balance-Key to Called-Station-Id, so that it can tell that all of the EAP packets are from the same user.

This is exactly what I wish to accomplish.

More information about the Freeradius-Users mailing list