(RADIATOR) Multiple database failover

Hugh Irvine hugh at open.com.au
Fri Mar 8 17:20:15 CST 2002


Hello Elias -

This looks like a different error on the production machine. Does the SQL 
database operate correctly prior to the error you show below?

I would suggest you upgrade to Radiator 2.19 in any case, and let me know if 
that makes a difference (there have been some SQL modifications).

regards

Hugh


On Fri, 8 Mar 2002 19:11, Elias wrote:
> Hi Hugh,
>
> I'm trying to get Radiator (we're using 2.18.2) to authenticate against
> multiple databases in a failover mode. We have set up our SQL database and
> LDAP to sit on different networks. Normally Radiator would authenticate
> against the SQL and this works fine. We have 2 SQL databases for
> authentication and if the first one fails, Radiator will automatically
> switch to the second SQL database. This part works great.
>
> To add a second layer of redundancy, we have LDAP sitting on another
> network. When the whole network where the SQL sits fails, we want Radiator
> to switch automatically to LDAP. I've tested this setup using radpwtst on
> our development machines and it works. The problem is when I copy the exact
> config over to our production machines, it doesn't work. When the SQL
> network goes down, Radiator does not switch over to LDAP.
>
> Looking at the trace4 logs, I can see that everything is working ok in the
> development machine.
>
> Fri Mar  8 10:57:38 2002: ERR: Could not connect to SQL database with
> DBI->connect dbi:Oracle:host=xxx;sid=xxxx: timeout at Radius/SqlDb.pm line
> 120.
> Fri Mar  8 10:57:38 2002: ERR: Could not connect to any SQL database.
> Request is ignored. Backing off for 1 se
> conds
> Fri Mar  8 10:57:41 2002: ERR: Could not connect to SQL database with
> DBI->connect dbi:Oracle:host=yyy;sid=yyy: timeout at Radius/SqlDb.pm line
> 120.
> Fri Mar  8 10:57:41 2002: ERR: Could not connect to any SQL database.
> Request is ignored. Backing off for 1 se
> conds
> Fri Mar  8 10:57:44 2002: DEBUG: Handling with Radius::AuthLDAP2
> Fri Mar  8 10:57:44 2002: DEBUG: Connecting to xxxx
> Fri Mar  8 10:57:44 2002: DEBUG: Attempting to bind with cn=zzzzz
> Fri Mar  8 10:57:44 2002: DEBUG: Radius::AuthLDAP2 looks for match with zzz
> Fri Mar  8 10:57:44 2002: DEBUG: LDAP got result for uid=zzzz
>
> When testing in the production environment, I only get one line in the logs
> and Radiator just freezes and will not switch over to LDAP.
>
> Fri Mar  8 11:05:29 2002: ERR: Execute failed for 'select
> ENCRYPTEDPASSWORD, reply_attr from SUBSCRIBERS where LOGIN='DEFAULT' and
> STATUS=1': SQL Timeout
>
>
> --- Radiator config ---
>
> <AuthBy SQL>
>
>     Identifier SQL_auth
>     FailureBackoffTime      1
>
>     DBSource               xxx
>     DBUsername          xxx
>     DBAuth                  xxx
>     Timeout    3
>
>     DBSource               yyy
>     DBUsername          yyy
>     DBAuth                  yyy
>     Timeout    3
>
>     AuthSelect select .............
>     AuthColumnDef 0, .......
>
> </AuthBy>
>
>
> <AuthBy LDAP2>
>
>     Identifier LDAP_auth
>     Timeout  3
>
>     Host                    zzz
>     AuthDN              zzz
>     AuthPassword     zzz
>     BaseDN              .......
>
>     UsernameAttr    uid
>     PasswordAttr    userpassword
>
> </AuthBy>
>
>
> <Realm >
>         RejectHasReason
>         AuthByPolicy ContinueWhileIgnore
>         AuthBy SQL_auth
>         AuthBy LDAP_auth
> </Realm>
>
>
> - Elias -
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list