(RADIATOR) Multiple hosts for RADSEC?

[Mike McCauley]

Hello Jan,

We have now added RadSec dead host detection, using FailureBackoffTime, 
MaxFailedRequests and MaxFailedGraceTime similar to AuthBy RADIUS.

Now, if you define those parameters, and the host is not responding according 
to those parameters, the NoReplyHook will be called immediately for every 
request until the FailureBackoffTime has expired. That should allow you to 
implement the RadSec host fallback you asked for.

These changes are now in the latest Radiator patch set, and will be included 
in the impending new release of Radiator.

BTW, a new release of Net_SSLeay.pm version 1.30 has now appeared on CPAN and 
mirrors. It includes a number of fixes and new features. Users of RadSec, 
DNSROAM and others are recommended to use the new version. Precompiled 
Windows binaries are available from our web site for the new version.

Hope that helps.

Cheers.

On Friday 06 January 2006 19:15, Jan Tomasek wrote:
> Hi Hugh,
>
> > Set up multiple instances of Radiator on your host - say three in  total
> > (on different ports of course).
> >
> > The first instance will use an AuthBy LOADBALANCE clause (or  ROUNDROBIN
> > or VOLUMEBALANCE), or you could just use a normal AuthBy  RADIUS clause.
> > In either case you would have the other two instances  as targets, and
> > each of these targets would have AuthBy RADSEC  clauses pointing to
> > wherever. In this way you achieve the failover  and so on with the
> > AuthBy RADIUS (or LOADBALANCE ...) and the other  instances just run
> > simple AuthBy RADSEC configurations.
>
> thanks for sugestion, but that is very very complicated. I've four
> hosts. Two of them are NREN level radiuses for eduroam and other two are
> institution level (CESNET). With your way I will have to mantain 4*3 =
> 12 instances of Radiator. That is prety much, debuging this mess might
> nightmare. Not speaking that we have bought license only for 7servers.
>
> > I agree it would be better to have multiple Host support in AuthBy
> > RADSEC, but the above will work well in the meantime.
>
> You are speaking by meantime, does that mean that you are planing
> implement muliple hosts in RADSEC? When you are planing to release it?
>
>
> In that meantime I will try to stabilizate my IPSec solution running
> mostly on racoon or switch to other solution. Only few institutions here
> have Radiator so I will need this anyway.
>
> Best regards

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.