Roberto, I've seen this happening. The problem was that some usernames were incorrect, and not handled by the backend servers. If the backend server ignores the message, the frontend will think the backend servers have died, and tries the next server. This continues until all backend servers have been marked as 'dead'.
We've resolved this by adding a handler to the end of the backend config, denying every request that hasn't been handled before. On 05-09-14 08:39, Ullfig, Roberto wrote: > Hello, > > with the semester just beginning we find that our Radius services > (using UDP) can't keep up. The servers themselves are pretty much > idle. We're using 3 load balancers and AuthBy HASHBALANCE - connecting > to 7 radius instances on 5 different servers (RHEL 6). We've been > running like this for a few years. At peak we're authenticating ~15 > users a second but we're now seeing tons of these messages (128231 on > Thursday) on the load balancers and lots of users can't connect: > > AuthRADIUS : Could not find a working host to forward messages > > We're having a hard time determining the bottleneck. Should we just > add a whole bunch of new instances on these idle servers? > > > --- > Roberto Ullfig - ACCC Research Programmer > [email protected] > > > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator -- Peter Havekes ICT-Ontwikkeling & CSIRT | Diensteenheid ICT en Facilitair Avans Hogeschool | 0885256592 | Onderwijsboulevard 215 | 5223 DE 's-Hertogenbosch | http://www.avans.nl Twitter: https://twitter.com/phavekes Google+: https://plus.google.com/+PeterHavekes
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
