[RADIATOR] AuthBy LDAP2 failover with round-robin DNS?

Christian Kratzer ck-lists at cksoft.de
Sat Dec 18 03:18:19 CST 2010


Hi,

On Fri, 17 Dec 2010, Leigh Porter wrote:

> I tried these methods and none of them really worked effectively against a defective LDAP server. The best solution I found was a decent load balancer with LDAP server availability testing..

we have a customer setup that successfully uses autby ldap for ha failover as folows:

 	AutbyByPolicy ContinueWhileIngore
 	AuthBy ldap1
 	AuthBy ldap2
 	AuthBy ldap3

Radiator notices failed ldap servers usually when it gets a socket error
from a dead server and moves on to the next server.

I believe there are still situations when the specific request which runs into
an error situaion is dropped but radius resends should handle those
cases.

Greetings
Christian

-- 
Christian Kratzer                      CK Software GmbH
Email:   ck at cksoft.de                  Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0          D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9          HRB 245288, Amtsgericht Stuttgart
Web:     http://www.cksoft.de/         Geschaeftsfuehrer: Christian Kratzer


More information about the radiator mailing list