On 05/12/2014 02:22 PM, [email protected] wrote: >> Status-Server based failure detection needs two options specified in >> AuthBy RADIUS or Host within AuthBy RADIUS: >> - Flag: UseStatusServerForFailureDetect >> - Integer: KeepaliveTimeout numsec > > what is the interplay/interaction with RADSEC for this StatusServer method?
It is similar to AuthBy RADIUS. That is, when there is no traffic, Status-Server is requested from the RadSec peer. If the peer does not respond, then it is marked as being down. This is similar to when Status-Server is not used and the peer does not reply to requests. Is this what you were thinking of? Here's a quick summary for those who are thinking if they should enable Status-Server or not. This is likely familiar to eduroam folks: In roaming scenarios Status-Server is better since the next hop can be just fine but there's a remote server which is dead and does not respond. However, if RadSec is used locally, then it might be better to rely on ignored requests when it is known that a server will stop responding when it has for example, lost its connection to the backend DB. Thanks, Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
