On 03/23/2011 08:56 PM, Robert Roll wrote:
I'd like to try load balancing EAP/PEAP/MSCHAPV2 using freeradius. I looked
at the proxy.conf and it seems
that there are two options, because you have to insure the same end client
talks to the
same radius server. There seems to be client-balance that uses IP source
addresses and
We use client-port-balance. IIRC this is the recommended method for UK
eduroam sites.
there is Load-Balance-Key something like
update control {
Load-Balance-Key := "%{NAS-IP-Address} %{NAS-Port} %{User-Name}
%{Calling-Station-ID}"
}
Huh. Neat. I hadn't seen that.
Currently, we have a Radiator server that uses client mac-addresses for this
purpose. If I do
want to use the Load-Balance-Key, I'm honestly not sure where to put the update
of the
Load-Balance-Key.. Does it go in the proxy.conf ?
That's an unlang statement, so it goes in a radius virtual server. Since
you want to use it for proxying you will have to do it in the
"authorize" section (or maybe pre-proxy) e.g.
/etc/raddb/sites-enabled/default:
authorize {
update control {
Load-Balance-Key = "%{Calling-Station-Id}"
}
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
