Hello,
I'm running freeradius 1.0.2 using the rlm_ldap module which interfaces an openldap 2.2.23 ldap database with a berkely db 4.3.27 backend. The OS is FreeBSD 5.3-release.
We're using freeradius as a means for our NAS equipment (Cisco's) to authenticate dialup users in an ldap database. We're looking for a way to have radius failover in a very specific fashion if it has problems contacting the ldap database (ie the ldap module fails). I've read the documentation about configurable failovers and having redundant ldap modules in radiusd.conf, but this isn't the most desirable failover for us. The Cisco's have the ability to fail over to a different radius server when the radius server is completely unresponsive. This is the most desirable failover for us for a variety of reasons. This is cleanest and safest failover for us.
Put another way, when the ldap module in radius fails to communicate with the configured ldap server, is there any way for radius to pretend as though its dead or actually die (rather than returning an access-reject packet) so the Cisco's fail over to our other radius servers? Thanks in advance!
Chris Carver Pennswoods.net Network Engineer
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
