hi,
We are using 2 radius server with 2 sql redundant(master and slave).
and we are using sqlcounter to limit users in time.
-We got two problems when testing this solution:
1- when sql1 gone down, the radiusd1 gone too.
2- when a user reach his limit time in sql1, the sqlcounter work correctly.
but in the slave sql2 , it don't work, even if the radacct db are
synchronized, why this problem?
here are the config files
sql.conf:
sql sql1 {
# Database type
# Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
# rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
driver = "rlm_sql_mysql"
# Connect info
server = "192.168.100.1"
login = "x"
password = "xx"
}
sql sql2 {
# Database type
# Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
# rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
driver = "rlm_sql_mysql"
# Connect info
server = "192.168.100.1"
login = "x"
password = "xx"
}
in the radiusd.conf:
...
sqlcounter limitcounter {
counter-name = Limit-Session-Time
check-name = Max-Limit-Session
sqlmod-inst = sql2
key = User-Name
reset = never
}
authorize {
#
# The preprocess module takes care of sanitizing some bizarre
# attributes in the request, and turning them into attributes
# which are more standard.
#
# It takes care of processing the 'raddb/hints' and the
# 'raddb/huntgroups' files.
#
# It also adds a Client-IP-Address attribute to the request.
#
preprocess
#
# The chap module will set 'Auth-Type := CHAP' if we are
# handling a CHAP request and Auth-Type has not already been set
#
# chap
# counter
# attr_filter
# eap
# suffix
files
limitcounter
group {
sql1 {
fail = 1
notfound = return
noop = 2
ok = return
updated = 3
reject = return
userlock = 4
invalid = 5
handled = 6
}
sql2 {
fail = 1
notfound = return
noop = 2
ok = return
updated = 3
reject = return
userlock = 4
invalid = 5
handled = 6
}
}
limitcounter
}
# Accounting. Log to detail file, and to the radwtmp file, and maintain
# radutmp.
accounting {
# acct_unique
detail
# counter
unix
group {
sql1 {
fail = 1
notfound = return
noop = 2
ok = return
updated = 3
reject = return
userlock = 4
invalid = 5
handled = 6
}
sql2 {
fail = 1
notfound = return
noop = 2
ok = return
updated = 3
reject = return
userlock = 4
invalid = 5
handled = 6
}
}
radutmp
# sradutmp
}
Any ideas !!!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html