Alan DeKok wrote: > Sam Schultz wrote: > > > I was thinking there may be some way to coerce FR into thinking > > the load balancer is another radius server sending over proxied > > requests, or something like that. > > The simplest way to do that is (perhaps not surprisingly) to run > FreeRADIUS as a proxy, doing RADIUS-aware load balancing. Since that > machine won't be doing authentication (DB's are slow), there's no reason > it can't handle proxying 5k RADIUS requests/s.
I agree with Alan: if you want the features of a RADIUS proxy, just setup FreeRADIUS as a proxy. I note alike the LVS servers, you can have several RADIUS proxies in a pool and use Keepalived for failover. Keepalived will monitor the FreeRADIUS proxies. The health check is configured with a "MISC_CHECK" stanza in keepalived.conf. You have to run "radclient" and test whether the server returns Access-Accept, that's all. -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html