Proxy - Home Server Management

Mucci Andrea Andrea.Mucci at hpecds.com
Wed Mar 2 14:37:31 UTC 2022


Hi all,
first of all I'm using version 3.0.25.
I would like to have a clarification on the logic of Proxy.

We have a configuration like this:
Home Server:
home_server  "RAD-ROUTEDW3-1" {
        type = "auth+acct"
        ipaddr = "IpAddress1"
        port = 1812
        secret = "********"
        response_window = 6
        response_timeouts = 10
        zombie_period = 30
        status_check = "request"
        username = "radtest"
        password = "***"
        check_interval = 6
        check_timeout = 6
        num_answers_to_alive = 5
}

home_server  "RAD-ROUTEDW3-2" {
        type = "auth+acct"
        ipaddr = "IpAddress2"
        port = 1812
        secret = "*********"
        response_window = 6
        response_timeouts = 10
        zombie_period = 30
        status_check = "request"
        username = "radtest"
        password = "***"
        check_interval = 6
        check_timeout = 6
        num_answers_to_alive = 5
}

Home Server Pool:
home_server_pool "[AR] roamer.routedw3" {
        type = "fail-over"
        home_server = "RAD-ROUTEDW3-1"
        home_server = "RAD-ROUTEDW3-2"
}

Realm
realm "~(?i)roamer.routedw3$" {
        pool = "[AR] roamer.routedw3"
}

We have seen that the change of state from live to dead is independent between the auth port and the acct port.
If Home Server "RAD-ROUTEDW3-1" is unreachable, I will have to wait ten Access-Requests before sending an Access-Request to "RAD-ROUTEDW3-2".
Now the Accounting-Request packet with Acct-Status-Type = 1 is not sent to the "RAD-ROUTEDW3-2"(The live Home Server), but again to the "RAD-ROUTEDW3-1" which however is unreachable.
So I'll have to wait another ten Accounting-Request before sending the request to the live Home Server.

Maybe it was better to handle the change of state live, zombie, dead by Home Server and not by port.
Is there a way to force the sending of the Accounting-Request to the same Home Server to which the Access-Request was sent?

Best Regards
Andrea


More information about the Freeradius-Users mailing list