Setting up a virtual server to handle incoming proxied requests

[Patric]

Hi again all :)

I have a primary and secondary server, each of which receive accounting 
requests from multiple NAS servers.
Both my servers proxy these requests to each other to stay in sync.
I would like to setup a virtual server on my secondary to handle the 
incoming proxy requests from the primary.
My secondary is running freeradius 2.1.3

I have read the sites-available/README documentation and have a few 
questions.

First I include my current configuration for your consideration.

radiusd.conf
------------

listen {
       ipaddr = *
       port   = 0    # Use /etc/services for ports
       type   = auth
}

listen {
       ipaddr = *
       port   = 0    # Use /etc/services for ports
       type   = acct
}

proxy_requests  = yes
$INCLUDE proxy.conf
...


clients.conf
------------
Nothing


proxy.conf
----------

home_server copy-acct-to-home-server {
       type = acct
       ipaddr = primary_server_ip
       port = 1813
       secret = shared_key
       response_window = 20
       zombie_period = 40
       revive_interval = 120
}

home_server_pool my_acct_failover {
       home_server = copy-acct-to-home-server
}

realm DEFAULT {
       acct_pool = my_acct_failover
       nostrip
}


Currently my clients reside in the nas table in my database.


With the above config I have listen sections for auth and acct.
Do I understand the documentation correctly if I add this to the above 
existing config:


client primary_server {
       ipaddr                        = primary_server_ip
       secret                        = shared_secret
       require_message_authenticator = no
       nastype                       = other
       virtual_server                = requests_from_primary
}


server requests_from_primary {
   listen {
       ipaddr = *
       port   = 0
       type   = acct
   }

   proxy_requests = no   # Can this be done here? If not how would I 
disable proxying for this virtual server?
                         # Do I just exclude my detail-radrelay in the 
accounting section?


   # Since this is just processing accounting requests do I still need 
to define the authorize, authenticate & other sections?


   preacct {
       preprocess
       acct_unique
   }

   accounting {
       detail
       sql
       # detail-radrelay - Exclude this so that these requests are not 
proxied?
   }
}


I *think* Im on the right track but would appreciate any pointers :)

Many thanks
Patric
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html