[RADIATOR] FarmChildHook to rotate AuthPort, AcctPort and DBSource
Heikki Vatiainen
hvn at open.com.au
Wed Nov 4 00:59:47 CST 2015
On 13.10.2015 15.45, Christian Kratzer wrote:
> 3. Also note the rather high number fo MaxFailedRequests in HASHBALANCE. I saw the backends get marked bad instantly when activating this in a high load enviroment with a low number fo MaxFailedRequests. I never quite found out why but assume this was due to interfering with in progress EAP transactions. A value of 10 keeps the hashbalance happy until the backend really dies. YMMW of course.
That's possible. See EAPErrorReject configuration parameter for more
info, but the default is to drop many EAP related requests when there's
an error.
> # walk over all AuthBy and Hash database credentials by farmInstance
> foreach my $auth (@{$main::config->{AuthBy}}) {
> my $id = $auth->{Identifier};
You could also fetch the AuthBy handle directly with something like this:
my $id = 'SQLauth';
my $auth = Radius::AuthGeneric::find($id);
Then continue as below (maybe add error check if $auth is not found)
> foreach my $key (qw(DBSource DBUsername DBAuth)) {
> if ($auth->{$key}) {
> my $database_count = @{$auth->{$key}};
> $auth->{$key} = [ $auth->{$key}[ ($main::farmInstance-1)%$database_count ] ];
> &main::log($main::LOG_INFO, "farmchild.hook: AuthBy: $id, $key: ".$auth->{$key}[0] );
> }
> }
Remove one } here too.
>
> return;
> }
Please let me know if the original should go into goodies or if there's
anything you'd like change before it gets added.
Thanks!
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list