(RADIATOR) Multiple ldap servers in config: failover

Mike McCauley mikem at open.com.au
Wed Jun 20 09:42:14 CDT 2001


On Jun 20,  3:06am, Hugh Irvine wrote:
> Subject: RE: (RADIATOR) Multiple ldap servers in config: failover
>
> Hello Claude -
>
> What version of Radiator are you using? What version of Perl? What
> version of perl-ldap? Can you also send me a trace 4 debug from
> startup, including the startup messages and some example queries and
> showing what happens when connectivity goes away?
>
> I have also copied Mike on this mail for his thoughts.

There were some LDAP timeout issues that were fixed in 2.18.1, specifically for
search requests that hang for a long time (as opposed to binding)

Cheers.

>
> thanks
>
> Hugh
>
>
> At 3:16 PM +0200 6/19/01, Claude Iyi Dogan wrote:
> >On Mon, 18 Jun 2001, Ingvar Berg (EIP) wrote:
> >
> >>  Hi Claude,
> >>
> >>  The Timeout and FailureBackoffTime attributes, and the use of
> >>ContinueWhileIgnore, control the failover behaviour.
> >
> >Here a snipset of my config:
> >
> >#
> ># HANDLERS
> >#
> >
> ># ADSL handler
> ><Handler Client-Identifier=ldap-dsl>
> >     AcctLogFileName         %L/adsl/%c/%f-%g-%i
> >
> >     <AuthBy GROUP>
> >         AuthByPolicy        ContinueWhileIgnore
> >         <AuthBy LDAP2>
> >             Timeout             5
> >             FailureBackoffTime  600
> >             Host                nnn.nnn.nnn.100
> >             Port                389
> >             [...]
> >         </AuthBy>
> >         <AuthBy LDAP2>
> >             Timeout             5
> >             FailureBackoffTime  600
> >             Host                nnn.nnn.nnn.101
> >             Port                389
> >             [...]
> >         </AuthBy>
> >         <AuthBy LDAP2>
> >             Timeout             5
> >             FailureBackoffTime  600
> >             Host                nnn.nnn.nnn.102
> >             Port                389
> >             [...]
> >         </AuthBy>
> >     </AuthBy>
> ></Handler>
> >
> ><Handler Client-Identifier=ldap-dialup>
> >[... similar stuff ...]
> ></Handler>
> >
> >I've (re-)started radiusd, it loads the config correctly.
> >It binds to the first ldap server (nnn.nnn.nnn.100) and correctly
> >authenticates users.
> >
> >If I then firewall the ldap server from the radius server, radiusd waits
> >forever the ldap server to come back.
> >
> >I would like radiusd to use the next ldap server.
> >
> >Any suggestion?
> >
> >--
> >Claude
> >
> >>
> >>  /Ingvar
> >>
> >
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
>
> --
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
>-- End of excerpt from Hugh Irvine



-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list