(RADIATOR) Secure reliable Radius? Now available for beta testing.

Dave Kitabjian dave at netcarrier.com
Fri Feb 11 08:40:50 CST 2005



> -----Original Message-----
> From: Ray Van Dolson [mailto:rayvd at corp.digitalpath.net]
> Sent: Wednesday, February 09, 2005 2:08 PM
> To: Mike McCauley
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) Secure reliable Radius? Now available for beta
> testing.
> 
> So probably the best scenario for this would to have a Radiator server
in
> each
> of our remote "locations" running in normal UDP mode since the NAS's
> obviously
> don't support your protocol.  Then the Radiator server would proxy the
> requests onward to the central one via TCP ... correct?

[dhk] If you do it that way, you've introduced a single point of
failure, which is the "central one". If you're going to do that, you
might as well just get rid of the "satellite" Radiators and go straight
from the NASes to the "central one". That will also speed things up a
little.

A better design would be to distribute or replicate your user database
to each satellite from a central source. Then if the central source (or
the links to the central source) go down, authentication is still live.

Dave

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list