proxy keyed-balance setting
Scott McLane Gardner
sgardne at uark.edu
Wed Sep 7 20:16:14 CEST 2016
>> I'm attempting to proxy based on Calling-Station-Id using the pre-proxy config in sites-available/default and proxy.conf. I think I have it all configured correctly, but the proxy server always forwards to the first server in the home_server_pool regardless.
>Read the debug log. The Called-Station-Id is the same for all packets. Which means that the Load-Balance-Key is the same for all packets. Which means that all packets go to the same destination.
I'm actually using Calling-Station-Id, which is apparently the clients MAC address. If I run the server in debug mode and watch while more than one client connects, all clients regardless of MAC go to the first server.
>That's what Load-Balance-Key does. Different keys go to different destinations. The same key goes to the same destination.
>And the debug log shows that you're doing EAP. Which *requires* all packets for one authentication to go to the same home server. Which is why you set the Load-Balance-Key to Called-Station-Id, so that it can tell that all of the EAP packets are from the same user.
This is exactly what I wish to accomplish.
More information about the Freeradius-Users
mailing list