Hi Alan,
Thanks for responding,
So now there is already a home_server_pool assigned to the default
realm, but I continue and create a home_server entry for server B
...
sites-enabled/copy-acct-to-server-B:
---------------------------------------
server copy-acct-to-home-server {
Uh... you have TWO virtual servers with the same name. This isn't
allowed. And this config isn't the same as what's shown in the debug log.
Can you explain why you're posting WRONG configurations? It's not
like we can't notice.
Sorry, I didnt clarify properly - I _repeated_ my original
configuration, this time including the changes I had made.
So right now my entire proxy.conf looks as follows:
proxy server {
default_fallback = no
}
home_server copy-acct-to-server-A {
type = acct
ipaddr = server_A
port = 1813
secret = secret
}
home_server copy-acct-to-server-B {
type = acct
ipaddr = server_B
port = 1813
secret = secret
}
home_server_pool my_acct_failover {
home_server = copy-acct-to-server-A
}
realm DEFAULT {
acct_pool = my_acct_failover
nostrip
}
detail_recv: Read packet from /var/log/radius/radacct/detail-combined.work
User-Name = "u...@realm"
Fri Nov 13 09:19:59 2009 : Info: server copy-acct-to-server-A {
Fri Nov 13 09:19:59 2009 : Info: +- entering group preacct {...}
Fri Nov 13 09:19:59 2009 : Info: [suffix] Looking up realm "realm" for
User-Name = "u...@realm"
Where did this come from? There's no "preacct" section in the config
you posted, and there's no "suffix" module, either.
I had attempted to only include relevant sections of my configuration in
an attempt to keep it short and readable, but perhaps this has confused
the issue more than helped, my apologies.
You can see from the line above that it is sending this request to
server A as well. This is where Im getting stuck :(
Because that's what you told it to do. Your config is telling it to
proxy BOTH requests to the "DEFAULT" realm. And it does so. The debug
log clearly shows this.
If you want the requests to be proxied to a DIFFERENT location, you
will need to set the "Proxy-To-Realm" attribute manually. i.e.
server a {
preacct {
update control {
Proxy-To-Realm := "realm for home server A"
}
}
}
And do the same thing for B. And configure two realms, too.
YES! This is where Im getting lost :) Maybe I am misunderstanding the
word "realm".
All my requests are for a single realm, eg user@"patric.com". This was
the reason I used the "DEFAULT" realm... It occurs to me now that
perhaps in the config file the word "realm" does not refer to my domain,
but instead are names I give to servers A and B? Or am I completely off
track?
Ok, so is it possible for me to create a realm for server A and another
realm for server B, but both are processing "u...@patric.com" ? If so
please could you point me to some docs that might help me understand
how, clearly Im missing or not understanding something *bangs head on wall*
Thanks for your patience and time!
Patric
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
