On Fri, 2004-12-03 at 15:53 -0500, Alan DeKok wrote: > John Horne <[EMAIL PROTECTED]> wrote: > > The problem is that if the first server fails and the local server > > receives a request then it tries to talk to the first DEFAULT server and > > fails, eventually marking it as 'dead'. This is fine but the local > > server also sends back to the client a reject rather than trying the > > second DEFAULT server. > > By the time the local server decides that the home server is dead, > there is a 99% chance that the NAS has already given up on the request. > > There generally isn't much point in trying to send the request to > another home server. > But these aren't home servers. They are external servers used as part of the authentication process and as such are configured as two seperate DEFAULT realm servers with external 'authhost' domain names. In that respect the local server should proxy the request to the second server because it has nothing to do with the first server - they are in different locations.
John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 233839 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
