We're running a cluster of 8 FreeRADIUS servers behind two pairs of
Citrix Netscaler's in different data centers which inject two anycast-IP
VIPs into our backbone routing tables. This has worked very well in our
environment for many years. If a Netscaler fails or the member servers
behind it fail, the route is simply withdrawn and traffic switches over
to the other data center's Netscalers. We made sure to keep sessions
'sticky' to a given server as long as everything is operating normally.
We use the NAS IP addr for persistence. It doesn't provide perfectly
even load-balancing over the servers (some NAS' are busier than
others). But, it worked well enough for us. The servers generally see
around 300 requests/sec (auth and acct combined) during a normal semester.
*Joe Rogers*
Associate Director, Network Engineering
University of South Florida – Information Technology
4202 E. Fowler Avenue, SVC4010, Tampa, FL, 33620
[email protected] | Tel: (813) 974-7369
www.usf.edu/it | Facebook: /USF Information Technology | Twitter: @ USF_IT
On 07/06/2016 09:16 AM, Dennis Xu wrote:
Hello,
Has anyone had success stories about deploying RADIUS servers behind
load balancers to support large number of concurrent 802.1X users? We
just deployed 5 FreeRADIUS servers behind Cisco ACE and observed
packets drop issues at ACE. By far, I suspect the issue was caused by
the RADIUS stickiness(by calling-station-ID). Has anyone deployed
RADIUS load balancing without using stickiness?
Thanks.
Dennis Xu, MASc, CCIE #13056
Analyst 3, Network Infrastructure
Computing and Communications Services(CCS)
University of Guelph
519-824-4120 Ext 56217
[email protected]
www.uoguelph.ca/ccs
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
