[RADIATOR] AuthBy LDAP2 failover with round-robin DNS?
Garry Peirce
peirce at maine.edu
Mon Dec 20 10:04:48 CST 2010
Seeing this thread, I was reminded that I had once submitted a desired patch, but not sure it was ever implemented (?).
http://www.open.com.au/pipermail/radiator/2007-June/014065.html
It was to resolve my issue with Clients (routers) with multiple A records and the fact that Client's addresses were resolved once at Radiator start-up and used only the first address returned by DNS.
My clients are routers and therefore may have a number of addresses which might be valid.
By sending the FQDN from the client as the NAS_ID, I modified Client::find to make use of it.
I can then define clients by FQDN, not by IP address.
This has worked well, but I have to remember to modify this module when upgrading.
Reading that this behavior may still exist, might this patch to be added to the source?
> On 12/17/2010 11:29 PM, Christian Kratzer wrote:
>
> >> one more quick question. What is the behavior of AuthBy LDAP2 with
> a
> >> round-robin DNS entry (multiple A records for the RR)? If I'd like
> >> failover behavior, will a single Host declaration with a round-robin
> >> record be enough, or do I need to list out each individual LDAP
> >> server?
> >
> > you should explicitly list all servers as Dns will get resolved once
> > on load of config.
>
> That is true with e.g. Clients,
> .......
More information about the radiator
mailing list