(RADIATOR) RE: Redundancy for RADIUS

Surajh Surjoo [ MTN - Innovation Centre ] Surajh.Surjoo at mtn.co.za
Tue Apr 22 04:03:14 CDT 2003


thanks

Surajh Surjoo
Systems Engineer - Data
Mobile: 0832129829
Mobile Fax: 083 8 2129829
Office Fax: 011 3018811
Office Tel: 011 3016000
surajh.surjoo at mtn.co.za

"Imagination is more important than Knowledge" - Albert Einstein


-----Original Message-----
From: Paul O'Shea [mailto:paul at level9.net]
Sent: Sunday, 20 April 2003 9:07 AM
To: Surajh Surjoo [ MTN - Innovation Centre ]; Hugh Irvine
Cc: Radiator Mailing List (E-mail)
Subject: Re: (RADIATOR) RE: Redundancy for RADIUS


Hi Surajh,

I believe you can provide redundancy with MySQL however as the company I
provided advice to have an Oracle enterprise license we provided the
following solution:-

2 x Nortel Alteon 184s for RADIUS loadbalancing - As far as I am aware this
is the only dedicated network hardware device that can effectively provide
loadbalancing for RADIUS packets.

6 x Sun E420R spread across two physical sites (they appear on the same
network as we installed a redundant gigabit cross connect between the two
sites) - also utilising OSS tools, restartwrappers and separate Auth & Acct
processes.

2 x Sun E420R running both Oracle and VCS for redundancy.

1 x NFS redundant SAN (provided by NetApp) - again spread across multiple
sites and backed up to a DR location.

This solution assumes that the underlying network infrastructure
(switch's/router's/cabling/Internet provider/security/fire suppression/power
supply etc....) is both redundant and resilient.

The resulting solution can provide 1200 auths/sec.

Also unless you have existing hardware (as we did) I would recommend
utilising a x 86 Linux platform (RedHat?) as performance (per £) is
significantly higher - (for RedHat platform Intel/RedHat provide a
hyperthreading patch to allow dual-pipelining although you would be well
advised to test thoroughly as there are issues... plus make sure you have
latest kernel patch - and please note that although I have seen HT give
c.20% perf improvement on other apps I have never tested it with Radiator)

hth

Paul





----- Original Message -----
From: "Surajh Surjoo [ MTN - Innovation Centre ]" <Surajh.Surjoo at mtn.co.za>
To: "Hugh Irvine" <hugh at open.com.au>
Cc: "Radiator Mailing List (E-mail)" <radiator at open.com.au>;
"Radiator-Support (E-mail)" <radiator-support at open.com.au>
Sent: Wednesday, April 16, 2003 9:30 AM
Subject: (RADIATOR) RE: Redundancy for RADIUS


yes.  GPRS has now become a carrier for many other services as MMS and WAP
and thus needs to be given carrier grade service.
However, we thought of the an Oracle DB, but to use two of them is very
expensive.

Surajh Surjoo
Systems Engineer - Data
Mobile: 0832129829
Mobile Fax: 083 8 2129829
Office Fax: 011 3018811
Office Tel: 011 3016000
surajh.surjoo at mtn.co.za

"Imagination is more important than Knowledge" - Albert Einstein


-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au]
Sent: Wednesday, 16 April 2003 10:17 AM
To: Surajh Surjoo [ MTN - Innovation Centre ]
Cc: Radiator Mailing List (E-mail); Radiator-Support (E-mail)
Subject: Re: Redundancy for RADIUS



Hello Surajh -

This is a difficult problem with no single good answer.

How do people on the list provide redundancy?

My personal view is that a single "high-availability" database server
is best, but then you are back in the situation of having a single
point of failure.

regards

Hugh


On Wednesday, Apr 16, 2003, at 17:59 Australia/Melbourne, Surajh Surjoo
[ MTN - Innovation Centre ] wrote:

> Hi all
>
> We are using Radiator with two Ericsson CGSNs for GPRS.
> We allocate IPs from two different ranges using RADIUS and the two
> CGSN are geograhically separated.
> The MySQL DB is configured on the same server as the Radiator radius
> server.
> Problem we have is if one server goes down then no access to GPRS is
> available to that CGSN.
> How can we improve this situation so that when one server goes down
> then the CGSN will use the other server?
> Bear in mind that the IP pools would be different and the routing
> through FW will not allow them through that server.
> What about having one DB supporting both radius servers with all the
> IP pools and using the NAS identifier to then allocate IP?
> Would this work? What about the DB redundancy then?
>
> Has anyone implemented such a scenario? We have some ideas, but would
> like your views. They might be better and easier ;-)
>
> regards
> Surajh Surjoo
> Systems Engineer - Data
> Mobile: 0832129829
> Mobile Fax: 083 8 2129829
> Office Fax: 011 3018811
> Office Tel: 011 3016000
> surajh.surjoo at mtn.co.za
>
> "Imagination is more important than Knowledge" - Albert Einstein
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list