I have the same issue, and I am going to implement a MySQL server that has
high availability.
ie, dual processor, redundant power supply etc.
What I really would like is a sample config on how to get radiator to just
"auth everyone" on database fail, at least the customers wont notice then.
At 09:14 AM 3/22/2001 +0100, Dirk Laan wrote:
>Hello,
>
>How do I build a failover for our database ?
>We're using MySql.
>
>For example:
>The Radius server is still working but it can't connect to the database.
>
>Any help would be great.
>
>I've include the config
>
>Regards,
>
>Dirk Laan
>Foreground
>Trace 4
>LogStdout
>LogDir /var/log
>LogFile /var/log/%Y-radius.log
>DbDir .
>
><Client x.x.x.x>
> Identifier Cisco
> Secret xxx
> DupInterval 0
></Client>
>
><Client x.x.x.x>
> Identifier Ascend
> Secret xxxx
> DupInterval 0
></Client>
>
><Client DEFAULT>
> Secret mysecret
> DupInterval 0
></Client>
>
><ClientListSQL>
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
></ClientListSQL>
>
><AddressAllocator SQL>
> Identifier RDCAllocator
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
>
> DefaultLeasePeriod 86400
> LeaseReclaimInterval 3600
>
> <AddressPool x.x.x.x-1>
> Range x.x.x.x x.x.x.x
> </AddressPool>
>
> <AddressPool x.x.x.x-2>
> Range x.x.x.x x.x.x.x
> </AddressPool>
>
> <AddressPool NULAD-1>
> Range x.x.x.x x.x.x.x
> </AddressPool>
>
> <AddressPool NULAD-2>
> Range x.x.x.x x.x.x.x
> </AddressPool>
>
></AddressAllocator>
>
>
><SessionDatabase SQL>
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
>
> CountQuery \
> select NASIDENTIFIER, NASPort, AcctSessionID from
> RADONLINE \
> where UserName='%n'
></SessionDatabase>
>
># configure AuthBy SQL for authentication
>
><AuthBy SQL>
> Identifier InitialAuth
>
>
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
>
> AuthSelect select AUTHTYPE, PASSWORD from RDC where USERNAME = '%n'
>
> AuthColumnDef 0, Auth-Type, check
> AuthColumnDef 1, User-Password, check
>
> StripFromReply Group-ID
>
> AddToReply Service-Type=Framed-User, Framed-Protocol=PPP,
> cisco-avpair=
>"ip:dns-servers=x.x.x.x"
></AuthBy>
>
># configure AuthBy SQL for GID
>
><AuthBy SQL>
> Identifier SQL_GetGID
>
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
>
> AuthSelect select GROUPID, SIMUSE from RDC where USERNAME = '%n'
>
> AuthColumnDef 0, Group-ID, reply
> AuthColumnDef 1, Simultaneous-Use, check
>
> NoDefault
></AuthBy>
>
># configure AuthBy SQL for Fixed IP
>
><AuthBy SQL>
> Identifier Fixed_IP
>
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
>
> AuthSelect select STATICVST, SIMUSE from RDC where USERNAME = '%n'
>
> AuthColumnDef 0, Framed-IP-Address, reply
> AuthColumnDef 1, Simultaneous-Use, check
>
> NoDefault
>
></AuthBy>
>
># configure AuthBy DYNADDRESS for Dynamic IP
>
><AuthBy DYNADDRESS>
> Identifier Dynamic_IP
> Allocator RDCAllocator
> PoolHint %{NAS-IP-Address}-%{Reply:Group-ID}
> StripFromReply Group-ID
> MapAttribute yiaddr, Framed-IP-Address
></AuthBy>
>
># configure AuthBy SQL for accounting
>
><AuthBy SQL>
> Identifier AuthAccounting
>
>
> DBSource dbi:mysql:radius
> DBUsername radius
> DBAuth radius
>
> AuthSelect
>
> AccountingTable ACCOUNTING
> AcctColumnDef USERNAME,User-Name
> AcctColumnDef TIME_STAMP,Timestamp,integer
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> AcctColumnDef DNIS,Called-Station-Id
> AcctColumnDef CLID,Calling-Station-Id
></AuthBy>
>
># configure AuthBy GROUP for Static IP
>
><AuthBy GROUP>
> Identifier AuthStatic
>
> AuthByPolicy ContinueWhileAccept
> AuthBy Fixed_IP
> AddToReply Class = Fixed_IP
></AuthBy>
>
># configure AuthBy GROUP for Dynamic IP
>
><AuthBy GROUP>
> Identifier AuthDynamic
>
> AuthByPolicy ContinueWhileAccept
> AuthBy SQL_GetGID
> AuthBy Dynamic_IP
></AuthBy>
>
># configure Handlers for accounting
>
><Handler Request-Type=Accounting-Request, Class = Fixed_IP>
> AuthBy AuthAccounting
></Handler>
>
><Handler Request-Type=Accounting-Request>
> AuthByPolicy ContinueAlways
> AuthBy AuthAccounting
> AuthBy AuthDynamic
></Handler>
>
># configure Handlers for authentication
>
><Handler>
> AuthBy InitialAuth
> AuthByPolicy ContinueWhileAccept
></Handler>
>
>
><Handler Client-Identifier = Cisco>
> <AuthBy GROUP>
> AuthBy InitialAuth
> AddToReply cisco-avpair="ip:dns-servers=x.x.x.x"
> </AuthBy>
></Handler>
>
><Handler Client-Identifier = Ascend>
> <AuthBy GROUP>
> AuthBy InitialAuth
> AddToReply Ascend- ......
> </AuthBy>
></Handler>
All the best,
Brett Murphy
Director, Alphalink (Australia) PTY LTD
ph: +61 3 9495-9000 fax: +61 3 9486-6822
email: [EMAIL PROTECTED]
The contents of this message may not be quoted,
copied, reproduced or published in part or in whole,
without the written authorization of Brett Murphy,
Director, Alphalink (Australia) Pty Ltd.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
