At 10:29 AM 8/25/2002 -0400, Tabor J. Wells wrote:
>On Sun, Aug 25, 2002 at 12:09:10PM +0200,
>Xavier Mertens <[EMAIL PROTECTED]> is thought to have said:
>
> > It's LVS (http://www.linuxvirtualserver.org)
> > What do you recommand to load-balance RADIUS traffic? Any suggestion?
>
>I've used Alteon products (now owned by Nortel) to load balance my RADIUS
>traffic at my last company. They are RADIUS aware and will do their health
>checks by trying to do an auth against each real server behind the virtual
>IPs.
You should be able to load balance with any udp aware load balancer as
long as you are not trying to proxy the requests from your systems to
anywhere else.
If you want to proxy from your systems, the situation becomes more complex
as you need to keep some sort of state so that proxy replies are returned
to the system that originally sent them. Or you need to start playing with
different interfaces for inbound/outbound traffic ( so that your NAS see
the radius behind the LB, but proxy traffic outbound takes a different
source ip specific to each machine.
A couple ways to do it, but you really have to have a solid understanding
of the radius protocol and the implications of source addresses and how
radius servers utilize the packet source to make decisions.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
