Hiya
Not sure if I have asked this already...
I need to be able to have freeRadius not respond AT ALL if it cannot contact
any databases, as opposed to sending auth rejections. The logic (crazy as it sounds
initially) is this.
Imagine the setup. 3 locations (A,B & C) each with their own NAS (A,B & C) and also
each with their own FreeRADIUS (A,B & C).
They are configured so that NAS A talks to RADIUS A primarily, and then fails over to
RADIUS B or C, and equivalent for each of the other sites.
RADIUS A is configured to use it's local database as well as the databases of RADIUS B
& C, and the same for the other RADIUS servers.
Now. Suppose there are some problems, and RADIUS A cannot talk to it's local db, but
also cannot talk to RADIUS B or C's db's. It is going to send out Auth Rejects for
every request NAS A sends to it. This doesn't sound too much like a problem, except
that NAS A can see RADIUS B without issue and RADIUS B is still happy. So what we
have here is a NAS refusing connections due to RADIUS A, when infact if RADIUS A
didn't respond it would try using RADIUS B, and be able to authenticate connections.
I know this situation is very unlikley, but I am sure most people are aware that 1 in
a million chances happen 9 times out of 10 (especially when computers are involved! :)
)
Is it possible to configure this into freeRADIUS? or am I going to require some sort
of exterior monitor to kill off freeRADIUS should this occur?
Thanks for your help
--
-----
Graeme Hinchliffe (BSc)
Core Internet Systems Designer
Zen Internet (http://www.zen.co.uk)
ICQ 3842605 (link)
Sales : 0870 6000 971
Fax : 0870 6000 972
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
