(RADIATOR) LDAP failover?

Hugh Irvine hugh at open.com.au
Tue Jan 18 17:39:22 CST 2005


Hello Jim -

The RADIUS protocol specifies the use of a primary and a secondary 
server for redundancy and more reliable operation.

Most operators employ at least two radius servers in their AAA design.

regards

Hugh


On 19 Jan 2005, at 06:44, Jim Michael wrote:

> Thanks Dave-
>
> I can see the logic in that decision, but of course it costs twice as
> much! (for two radiators) <g>
>
> Jim
>
>>>> "Dave Kitabjian" <dave at netcarrier.com> 1/18/2005 1:40 PM >>>
> The architecture we've chosen is to use multiple Radiator boxes and a
> replicated copy of the LDAP database running locally on each box.
>
> Using this design, the failover occurs at the RADIUS level, not the
> LDAP
> level, and so it's handled implicitly by the secondary server
> specified
> in the NAS. Another advantage of this design is that it also handles
> the
> case where Radiator itself dies.
>
> Hope this helps,
>
> Dave
>
>> -----Original Message-----
>> From: Jim Michael [mailto:JMichael at chesterfield.mo.us]
>> Sent: Tuesday, January 18, 2005 11:27 AM
>> To: radiator at open.com.au
>> Subject: (RADIATOR) LDAP failover?
>>
>> We're using Authby LDAP2, and I was wondering if Radiator has any
>> facility to fail over and try another LDAP server if the one listed
> in
>> "Host" is down for some reason? Seems like a point of failure to
> only
> be
>> able to contact one LDAP server.
>>
>> Jim
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive 
(www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list