free radius health check
Mark Lybarger
mlybarger at gmail.com
Fri May 20 14:14:47 UTC 2022
These are great tips! So, freeradius can do udp on normal ports and tcp on
another port? I'll start to play with it.
On Fri, May 20, 2022, 9:59 AM Alan DeKok <aland at deployingradius.com> wrote:
> On May 20, 2022, at 7:56 AM, Mark Lybarger <mlybarger at gmail.com> wrote:
> > i'm looking to have a health check for my freeradius servers. they're
> > doing udp on 1812/1813, but my aws nlb only handles health check via tcp
> > (http). is there a way to expose an http port in addition to the udp
> ports
> > for freeradius? or any clever ways to handle this?
>
> I'd second Monit. The RADIUS implementation there was contributed by
> myself, so I know it works. :) We use it all of the time in production.
>
> According to this page, you can use TCP:
>
>
> https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html
>
> So you should be able to configure the source IP of the load balancer as
> a RADIUS client, and then listen on port 80:
>
> listen {
> type = status
> proto = tcp
> ipaddr = *
> port = 80
>
> clients = aws_nlb
> }
>
> You'll also need to edit clients.conf, and add:
>
> clients aws_nlb {
> client aws_nlb {
> ipaddr = ip.of.the.aws.nlb
> proto = tcp
> secret = "nothing"
> }
> }
>
> The load balancer is not going to actually send any RADIUS packets. It
> will just connect, and then disconnect. But the above configuration should
> allow it to work.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list