[RADIATOR] Status-Server changes in patches for Radiator 4.11

Heikki Vatiainen hvn at open.com.au
Wed Jun 19 02:35:28 CDT 2013 

The patch set for Radiator 4.11 now has changes to make Status-Server
based detection of failed Hosts more reliable especially when there is
more than one Host defined for AuthBy RADIUS or its subclasses.

Using Status-Server for active probing is an alternative of using the
lack of responses for normal requests from the next hop Host to detect
failures.

Status-Server is useful for proxying environments, such as eduroam,
where the lack of response from the next hop Host may be caused by a
server far away failing to respond.

Basing failure detection on lack of responses for normal requests can
help detecting authentication backend failures that are happening
nearby. For example, when Radiator can not connect to an SQL database
while it is otherwise working, it can ignore the request and the
previous hop can then try another Host.

Status-Server based failure detection needs two options specified in
AuthBy RADIUS or Host within AuthBy RADIUS:
- Flag: UseStatusServerForFailureDetect
- Integer: KeepaliveTimeout numsec

When UseStatusServerForFailureDetect is enabled only a valid response
from the next hop Host will make it eligible for forwarding again. The
other option specifies how frequently the Status-Server messages are
sent when there is no other traffic to forward to the next hop Host.

Status-Server uses Retries, RetryTimeout and other variables as defined
in the reference manual 'Failure algorithm' section. The only difference
is that FailureBackoffTime is not used. The failed Host will stay down
until there is a valid response to a Status-Server probe (or in special
cases, some other request generated by Hooks etc.).

Please see the details and other changes in the patch set description.

Comments and test reports are welcome!

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

More information about the radiator mailing list