[RADIATOR] How to combine HASHBALANCE with AuthBy RadSec?
Jan Tomasek
jan at tomasek.cz
Fri Sep 11 04:08:34 CDT 2015
Hi,
On 09/08/2015 11:12 AM, Tuure Vartiainen wrote:
>> But I need to forward auth requests to RadSec not RADIUS hosts. Is it
>> possible somehow?
>>
>
> Unfortunately, HASHBALANCE only works with AuthBy RADIUS, as it inherits from
> AuthBy RADIUS and just overrides the chooseHost() function.
>
> Same functionality could be achieved by running three instances of Radiator
> on a same host, where first uses HASHBALANCE to proxy UDP RADIUS requests to
> other instances which proxy requests with RadSec:
>
> --2nd Radiator--RadSec-->
> |
> 1st Radiator--HASHBALANCE--
> |
> --3rd Radiator--RadSec-->
this disables Server-Status based detection of failed peer - this is
quite usefull.
> Or by creating a new AuthHASHBALANCERADSEC.pm based on AuthHASHBALANCE.pm, but
> which inherits from AuthRADSEC :)
I've spend some time with source code. AuthHASHBALANCE itself is prety
easy, but AuthRADSEC inherits from AuthGeneric not from AuthRADIUS. And
AuthRADIUS contains a lot of Gossip related code. Which is another
feature I'm interested in.
> Currently Gossip notifications only work with AuthBy RADIUS.
>
> We’ll add a Gossip support for RadSec later, probably to 4.16 patches, and look
> into implementing equivalent balancing support for RadSec as what there is currently
> for RADIUS:
>
> AuthEAPBALANCE.pm
> AuthHASHBALANCE.pm
> AuthLOADBALANCE.pm
> AuthVOLUMEBALANCE.pm
> AuthROUNDROBIN.pm
> AuthRADIUSBYATTR.pm
Do you have time plan for this?
I'm interested in early access to that code, I can offer my time for
betatesting. I know Perl so I can also debug problems if necessary.
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
More information about the radiator
mailing list