> Chesi Maurizio wrote: > > >We have been asked to put a load balancer to distribuite the > >load between two radius servers. The architecture will > >encompasses a hardware load balancer in front of 2 freeRADIUS servers. > >We are wondering if this may cause a problem being the > >possibility that, for example an access-request may be > >managed by a server and, in case of challenge, > >the response access-request containing the response to the > >challenge may be managed by the other radius server.
Set up two separate servers. To load balance, set respective NASes to have a different primary/secondary pair. Then, you need to share the data between both servers. Do this either by:- - using a DB backend like MySQL which is installed on both FreeRadius servers, and replicates to the other one, or one single, solid MySQL server to which both connect (clearly here the point of failure will be the DB server) - creating scripts to mirror a "users" file or other user data between both Radius servers Something along these lines. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
