(RADIATOR) database's in same server as radiator?
Hugh Irvine
hugh at open.com.au
Wed Apr 11 17:37:08 CDT 2007
Hello Carlos -
Your proposed solution sounds very good to me.
As you say, some testing will be required, but I think the machines
you describe should be capable of running everything.
I will be very interested to hear about your results.
regards
Hugh
On 12 Apr 2007, at 00:06, onrubia carlos wrote:
> Hello,
>
> I have looked at the mailing list to find an aswer on my problem but
> even if this topic is rather present in the mailing list, I
> do not know what to conclude for my own situation.
> That's why I post this mail in order to have a clear view on what to
> do ... and what not to do!
> I hope I will receive a clear answer.
>
> Presently my radius configuration is the following one:
>
> - 10 radius servers (radiator 3.11) with debian linux (running with
> one authentication configuration and one accounting configuration)
>
> Hardware is: Proliant DL360G3 - 2Gb memory - 2 processor Intel(R)
> Xeon(TM) CPU 2.80GHz - 12Gb disk
>
> - 5 slaves dB's servers (debian linux) on mysql where the user profile
> is present (essentially login/psw)
> These 5 db's are synchronised with a master db where the
> provisioning is done.
>
> Hardware is: Proliant DL360G3 - 2Gb memory - 2 processor Intel(R)
> Xeon(TM) CPU 2.80GHz - 12Gb disk
>
> - 5 accounting db's servers (debian linux) on mysql where I insert the
> accounting requests.
>
> Hardware is: Proliant DL360G3 - 2Gb memory - 2 processor Intel(R)
> Xeon(TM) CPU 2.80GHz - 12Gb disk
>
> The db's are reached from the radius servers via a Load Balancer (see
> here below a part of the configuration file)
>
>
> Authentication
> --------------
>
>
> <AuthBy SQL>
>
> Identifier blabla
>
> DBSource dbi:mysql:bobo:X.X.X.X
> DBUsername bobo
> DBAuth bobo
> Timeout 5
> FailureBackoffTime 10
> RejectEmptyPassword
> NoDefault
>
> AuthSelect SELECT HIGH_PRIORITY a.clear_pass, a.check_attr
> from dialup a,login_alias b WHERE b.alias='%n' AND a.login = b.login
> AND a.type & % {BGCBitType} = %{BGCBitType} AND status = 'open'
>
> DefaultReply Service-Type = Framed-User, Framed-Protocol =
> PPP, Framed-Routing = None
>
> DefaultSimultaneousUse 2
>
> </AuthBy>
>
>
> Accounting
>
> -----------
>
>
>
> <AuthBy SQL>
>
>
>
> Identifier toto
>
>
>
> DBSource dbi:mysql:toto:X.X.X.X
>
> DBUsername toto
>
> DBAuth toto
>
>
>
> Timeout 5
>
> FailureBackoffTime 10
>
> #AccountingStopsOnly
>
>
>
> AccountingTable toto
>
>
>
> AcctColumnDef login,User-Name
>
> AcctColumnDef time_stamp,Timestamp,integer
>
> AcctColumnDef status_type,Acct-Status-Type
>
> AcctColumnDef delay_time,Acct-Delay-Time, integer
>
> AcctColumnDef in_bytes,RB-Acct-Input-Octets-64,integer
>
> AcctColumnDef out_bytes,RB-Acct-Output-
> Octets-64,integer
>
> AcctColumnDef session_id,Acct-Session-Id
>
> AcctColumnDef duration,Acct-Session-Time,integer
>
> AcctColumnDef end_cause,Acct-Terminate-Cause
>
> AcctColumnDef nas_id,NAS-Identifier
>
> AcctColumnDef nas_port,NAS-Port,integer
>
> AcctColumnDef framed_ip,Framed-IP-Address
>
> AcctColumnDef nas_ip,NAS-IP-Address
>
> AcctColumnDef nas_port_type,NAS-Port-Type
>
> AcctColumnDef called_id,Called-Station-Id
>
> AcctColumnDef caller_id,Calling-Station-Id
>
> AcctColumnDef usertype,SkyCustType
>
> AcctColumnDef gric_isp_id,Gric-Isp-Id
>
> AcctColumnDef gric_timezone,Gric-Timezone
>
> AcctColumnDef rbit,BGCBitType,integer
>
> AcctColumnDef skynum,Skynum,integer
>
> AcctColumnDef coninfo,Connect-Info,string
>
>
>
> AcctFailedLogFileName %L/failed.RES
>
> AcctInsertQuery INSERT INTO %0 (%1) VALUES (%2)
>
> </AuthBy>
>
>
>
>
>
>
> Question:
> ---------
>
> I need to make the renewal of all these servers and I need to know
> what kind of servers to choose for the new set-up.
> As the standard servers for the renewal in my company are more
> powerful that the present one, I am thinking of putting all the
> functionnalities in the same server (radiator, authentication db and
> accounting db).
> I will this way use less servers and skip the mysql queries (select,
> insert, delete) via the network (Load Balancer).
>
> I guess the mysql access will be then reduced a lot; moreover each
> radiator will have its own DB's ( a fail over DB - other server- will
> be put in the configuration
> file in case of local mysql problem)
>
> I think of the following situation:
>
> 10 servers (of less? - performance to be tested) with the following
> hardware:
>
> ==> DL380R05 - 1 (or 2??) processors (dual core:Intel 5150 -
> 2,66GHz/1333 FSB ) - 4 Gygabytes of memory - 2 disk of 72Gb - 4 disk
> of 146 Gb.
>
>
> What do you think?
> Any blocking points?
> Is this set up (radiator/DB's in the same servers) often used?
>
>
> Thanks in advance for your feedback, remarks.
>
>
> Carlos,
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list