Failed oracle db connection kills the freeradius service

R3DNano r3dnano at gmail.com
Tue Jul 9 13:08:58 CEST 2019 

Hi, Alan and everyone on the m.l.
I really appreciate this reply and after some time, I still can't figure
out how to work around this issue.

While, I of course won't/can't blame it on freeradius, I'd like to ask if
any of you guys deal in any way with sql server failures in any way, of
course, externally.

Maybe there's some kind of script/solution to automagically detect the sql
server failure and modify the server logic on the go?


I really can't think of a way and perhaps what I'm asking is impossible.
Just wanting to check up with you guys before completely discarding the
option.

Cheers!

On Thu, Apr 4, 2019 at 10:17 PM Alan DeKok <aland at deployingradius.com>
wrote:

> On Apr 4, 2019, at 4:01 PM, R3DNano <r3dnano at gmail.com> wrote:
> > Downtime could happen sometimes and I understand I can just comment out a
> > module when the SQL server goes down, but sometimes it could be out of
> our
> > control, a database can fail for hours
>
>   Then it isn't a database you need, is it?
>
> > and I thought there might be a way
> > freeradius can just "deal" with failed mysql connections by rejecting if
> > the source is unavailable.... I don't mean that freeradius "should" deal
> > with it, by any means, just to have the option of rejecting if the auth
> > source is unreachable.
>
>   The issue is how does FreeRADIUS know that the database is down
> *permanently*?  i.e. any failure lasting more than a second or two is
> permanent.
>
>   FreeRADIUS retries connections because you told it to use the DB, and
> it's really important that it uses the DB.  FreeRADIUS doesn't just give up
> for *hours* if the database is down.
>
>   Look, what you want isn't trivial.  *You* may know what you want
> FreeRADIUS to do.  But FreeRADIUS can't read your mind.  It has to
> implement decisions, in C, using only information it knows.  That means
> it's not trivial.
>
> > Does this mean the same behavior can be expected if I'm authenticating
> > against LDAP and the LDAP server goes temporarily down?
>
>   Yes.  Both LDAP and SQL have "pool" configurations.  So they both
> operate largely the same way.
>
>   Don't take your databases down.  And if you do take them down, expect
> FreeRADIUS to fail, too.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list