Using libkqueue, how stable it is with freeradius 3.x?
Alan DeKok
aland at deployingradius.com
Thu Jun 15 18:17:26 UTC 2023
On Jun 15, 2023, at 12:44 PM, work vlpl <thework.vlpl at gmail.com> wrote:
> This is the old setup so I don't know all the details or maybe the reasons are not valid anymore. But the idea was next, since it was not possible to have clients with the same ip address but different shared secrets it was decided to create a virtual server with a different port and shared secret for each client.
It might be worth fixing the network so that each client has a unique IP address. That is generally the best way to do it.
i.e. if no one else runs into the 1024 socket limit, it's because no one else is doing what you're doing. Which means there's likely a better way to get the same result.
> On normal servers, it is ok I do not hit the limit. But I have a pool of normal servers that I want to put behind a load balancer, and it was seems reasonable to use a load balancer or proxy server to handle the load for more than 1 pool or normal server.
>
> So let's assume that I have 2 pools of servers with 256 virtual servers (ports or sockets) in each. This means on the load balancer I need to listen to 512 ports which hit the current limit.
I don't know why you need a "pool" of servers. Is this for authentication and accounting? Nothing goes wrong if you configure both of them to use the same port. The documentation describes how to do this.
> Yes, I understand that this is not supported approach, but the setup that I have is old, and it will be a huge deal to redo it from the beginning, so I just asking what to expect from the version that uses libkqueue.
If it works, great. If not, it's a bug in libkqueue. It's likely fixed by using the latest version of libkqueue.
If it doesn't work, then we're not going to spend time tracking down the issue. v3 + libkqueue is not supported.
Alan DeKok.
More information about the Freeradius-Users
mailing list