(RADIATOR) Multiple hosts for RADSEC?
Hugh Irvine
hugh at open.com.au
Thu Jan 5 02:16:12 CST 2006
Hello Jan -
Here is a workaround for you.
Set up multiple instances of Radiator on your host - say three in
total (on different ports of course).
The first instance will use an AuthBy LOADBALANCE clause (or
ROUNDROBIN or VOLUMEBALANCE), or you could just use a normal AuthBy
RADIUS clause. In either case you would have the other two instances
as targets, and each of these targets would have AuthBy RADSEC
clauses pointing to wherever. In this way you achieve the failover
and so on with the AuthBy RADIUS (or LOADBALANCE ...) and the other
instances just run simple AuthBy RADSEC configurations.
I agree it would be better to have multiple Host support in AuthBy
RADSEC, but the above will work well in the meantime.
hope that helps
regards
Hugh
On 5 Jan 2006, at 18:53, Jan Tomasek wrote:
> Hello Hugh,
>
>> There is a simple NoReplyHook showing something similar in "goodies/
>> hooks.txt".
>
> Thanks, that is prety simple to get idea.
>
> But how about dead host marking? To me that looks that every radius
> request will have to wait till first AuthBy RADSEC timeouts. There
> is no
> dead host marking. Without it is backup radius usesless.
>
> Are you considering implementing multiple hosts into RADSEC? I was
> planing to replace IPSec by RADSEC but now I've to go back to IPSec :(
>
> Best regards
> --
> -----------------------
> Jan Tomasek aka Semik
> http://www.tomasek.cz/
>
>
>>> do you have some example? Will that also provide some dead host
>>> marking?
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list