[RADIATOR] Status-Server changes in patches for Radiator 4.11
Heikki Vatiainen
hvn at open.com.au
Sun May 18 18:43:43 CDT 2014
On 05/12/2014 02:22 PM, A.L.M.Buxey at lboro.ac.uk wrote:
>> Status-Server based failure detection needs two options specified in
>> AuthBy RADIUS or Host within AuthBy RADIUS:
>> - Flag: UseStatusServerForFailureDetect
>> - Integer: KeepaliveTimeout numsec
>
> what is the interplay/interaction with RADSEC for this StatusServer method?
It is similar to AuthBy RADIUS. That is, when there is no traffic,
Status-Server is requested from the RadSec peer. If the peer does not
respond, then it is marked as being down. This is similar to when
Status-Server is not used and the peer does not reply to requests.
Is this what you were thinking of?
Here's a quick summary for those who are thinking if they should enable
Status-Server or not. This is likely familiar to eduroam folks:
In roaming scenarios Status-Server is better since the next hop can be
just fine but there's a remote server which is dead and does not respond.
However, if RadSec is used locally, then it might be better to rely on
ignored requests when it is known that a server will stop responding
when it has for example, lost its connection to the backend DB.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list