(RADIATOR) RadSec Loadbalancing

Robert Blayzor rblayzor.bulk at inoc.net
Mon Apr 14 21:47:03 CDT 2008


On Apr 14, 2008, at 9:09 PM, Hugh Irvine wrote:
> RADSEC does not currently support loadbalancing directly, although  
> you could do something with multiple instances of Radiator on a  
> single machine.
>
> The first instance would use normal RADIUS loadbalancing to some  
> smallish number of local instances, each of which would run a single  
> RADSEC channel.
>
> Alternatively this could be incorporated into the architecture I  
> usually recommend with a front-end loadbalancer and multiple back- 
> ends each with multiple instances.



Hugh, thanks for that input.  As an alternative, since RADSEC can use  
stateful TCP connections, we're using a Layer3 load balancing switch  
now... (IOS SLB).  That should pretty much take the guesswork out of  
it.  The only downside is that the connections are nailed up, so busy  
RADDIUS proxies stay connected to the same host, so it really doesn't  
distribute requests in a round robin fashion, only for new and failed  
connections.

-- 
Robert Blayzor, BOFH
INOC, LLC
rblayzor at inoc.net
http://www.inoc.net/~rblayzor/

Mac OS X. Because making Unix user-friendly is easier than debugging  
Windows.






--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list