On 03/23/2011 08:56 PM, Robert Roll wrote:
I'd like to try load balancing EAP/PEAP/MSCHAPV2 using freeradius. I looked at the proxy.conf and it seems that there are two options, because you have to insure the same end client talks to the same radius server. There seems to be client-balance that uses IP source addresses and
We use client-port-balance. IIRC this is the recommended method for UK eduroam sites.
there is Load-Balance-Key something like update control { Load-Balance-Key := "%{NAS-IP-Address} %{NAS-Port} %{User-Name} %{Calling-Station-ID}" }
Huh. Neat. I hadn't seen that.
Currently, we have a Radiator server that uses client mac-addresses for this purpose. If I do want to use the Load-Balance-Key, I'm honestly not sure where to put the update of the Load-Balance-Key.. Does it go in the proxy.conf ?
That's an unlang statement, so it goes in a radius virtual server. Since you want to use it for proxying you will have to do it in the "authorize" section (or maybe pre-proxy) e.g.
/etc/raddb/sites-enabled/default: authorize { update control { Load-Balance-Key = "%{Calling-Station-Id}" } } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html