(RADIATOR) Multiple ldap servers in config: failover

Claude Iyi Dogan claude.iyi.dogan at be.easynet.net
Tue Jun 19 08:16:51 CDT 2001


On Mon, 18 Jun 2001, Ingvar Berg (EIP) wrote:

> Hi Claude,
> 
> The Timeout and FailureBackoffTime attributes, and the use of ContinueWhileIgnore, control the failover behaviour.

Here a snipset of my config:

#
# HANDLERS
#

# ADSL handler
<Handler Client-Identifier=ldap-dsl>
    AcctLogFileName         %L/adsl/%c/%f-%g-%i

    <AuthBy GROUP>
        AuthByPolicy        ContinueWhileIgnore
        <AuthBy LDAP2>
            Timeout             5
            FailureBackoffTime  600
            Host                nnn.nnn.nnn.100
            Port                389
            [...]
        </AuthBy>
        <AuthBy LDAP2>
            Timeout             5
            FailureBackoffTime  600
            Host                nnn.nnn.nnn.101
            Port                389
            [...]
        </AuthBy>
        <AuthBy LDAP2>
            Timeout             5
            FailureBackoffTime  600
            Host                nnn.nnn.nnn.102
            Port                389
            [...]
        </AuthBy>
    </AuthBy>
</Handler>

<Handler Client-Identifier=ldap-dialup>
[... similar stuff ...]
</Handler>

I've (re-)started radiusd, it loads the config correctly.
It binds to the first ldap server (nnn.nnn.nnn.100) and correctly
authenticates users.

If I then firewall the ldap server from the radius server, radiusd waits
forever the ldap server to come back.

I would like radiusd to use the next ldap server.

Any suggestion?

--
Claude

> 
> /Ingvar
> 

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list