On option, though not a true load balancer, is to set up a proxy FreeRadius server and use the Calling-Station-ID as the key on which RADIUS server to send the request to.
We have not done this yet, but are planning on it for this fall. ------------------------ Walter Reynolds Principal Systems Security Development Engineer Information and Technology Services University of Michigan (734) 615-9438 On Wed, Jul 6, 2016 at 9:16 AM, Dennis Xu <[email protected]> wrote: > Hello, > Has anyone had success stories about deploying RADIUS servers behind load > balancers to support large number of concurrent 802.1X users? We just > deployed 5 FreeRADIUS servers behind Cisco ACE and observed packets drop > issues at ACE. By far, I suspect the issue was caused by the RADIUS > stickiness(by calling-station-ID). Has anyone deployed RADIUS load > balancing without using stickiness? > > Thanks. > > > Dennis Xu, MASc, CCIE #13056 > Analyst 3, Network Infrastructure > Computing and Communications Services(CCS) > University of Guelph > > 519-824-4120 Ext 56217 > [email protected] > www.uoguelph.ca/ccs > > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
