Thanks, this was helpful. I would rather not use LVS. I would prefer
to use the built-in functionality of the NAS to fall back from a primary
to secondary or tertiary auth/accounting servers.
This whole setup would be far simpler and more robust if I could just do
master-master replication with the MySQL servers. Oh well.
I was not aware of radsqlrelay. I think this gets me closer to what I
need than anything else. I can't guarantee which server the NAS will
choose to log to at any given time. Therefore, I may need to use
radsqlrelay on each server to keep the others in sync. Does this seem
like a sensible plan?
--Aaron
Nicolas Baradakis wrote:
Aaron Paetznick wrote:
I've been struggling with this problem for a couple of weeks, and I
thought I'd pass it along to the mailing list. Basically I'm trying to
answer the following question. Given multiple identical dedicated
servers each running Linux and MySQL, how can I configure FreeRADIUS for
maximum stability, reliability, and performance? The question, it
seems, is not as easy as is sounds.
I've already setup FreeRADIUS on multiple redundant servers, but never
had the time to write a HOWTO. The main guideline is:
1. Use LVS in a "direct routing" setup to dispatch the RADIUS requests.
http://www.linuxvirtualserver.org/VS-DRouting.html
2. Use MySQL replication for the authorize database, so each FreeRADIUS
server connects to a local, read only database.
http://dev.mysql.com/doc/refman/5.1/en/replication.html
3. Use radsqlrelay for the accounting database, so the accounting data
is written to a central database without slowing down the RADIUS
servers. radsqlrelay is to be found in the FreeRADIUS source tarball,
you could read the "rlm_sql_log" and "radsqlrelay" manpages for more
details.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
