[RADIATOR] Radiator and Load Balancer
Hartmaier Alexander
alexander.hartmaier at t-systems.at
Fri Jul 29 04:19:34 CDT 2016
As a general network design we try to stay away from multihomed servers
as much as possible as the server admins lack networking/routing
know-how which leads to failing connectivity all the time.
Direct server return has its own share of problems which is why we don't
use it anymore but this is protocol dependent and might work for radius
which is udp.
When you configure the VIP as loopback on every radiator server and bind
radiator to this ip the reply packets should be sent from it.
Best regards, Alex
On 2016-07-28 00:48, xcorpse wrote:
> On 27/07/16 19:32, Robert Blayzor wrote:
>> DSR load balancing assumes the real servers know about the load balanced VIP and is generally configured on a loopback.
>>
>> The problem with this I think is that Radiator responds with a source address of where the packet leaves. (at least that’s been my experience). Most clients will probably ignore the response as it’s coming from a different address.
>>
>> With Radiator being Perl, I don’t think you can force Radiator to answer from a specific source address on the server.
> i've used radiator with dsr for some fairly large radius installs, works
> fine as long as you set it up correctly. the loopback alias or firewall
> packet mangling rules will make sure that the return packets are not
> ignored ...
>
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
More information about the radiator
mailing list