Alan Dekok wrote: > Jaume wrote: >> Can my machine run 2 FreeRadius at the same time? Each FreeRadius in a >> diferent IP but simultanously in the same CPU and O.S.? Somebody tell >> me thats possible if each radius is reading from a diferent PATH... > > As Josh said, yes. > > But why? The server can be configured to listen on multiple IP's and > ports. The only reason to run two servers is if they're administered by > completely different people.
We run multiple instances, with each service on a secondary IP and its own server process; this helps with fault isolation, as well as allowing development of an appropriate config for new services without disrupting existing ones (doubly important now that HUP doesn't work). re: Fault isolation - FreeRadius is a pretty reliable bit of software, but it's not bug-free. We have an infrequent hang-up of our wireless WPA instance (and yes, as soon as I have enough info I will report the bug). Blowing away our entire network (wired ports, vpn, dialup, eduroam) because that has hung up is not attractive, and multiple processes helps there. Running redundant servers doesn't help much in this case for 2 reasons: first, we've found that Cisco APs are very, very poor at detecting dead radius servers and moving to the backup; second, it seems to be malformed data coming from a certain client so if the APs do failover, the 2nd server hangs up in short order. Additionally there are certain configurations that are easy to do individually, but very difficult to combine; though the config unlang in 2.0 should resolve most of the cases I have in mind, and they can be resolved in 1.1 with careful use of Autz/Acct-Type and early use of a module that can add request items (hints, huntgroups, rlm_passwd). - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html