Re: (RADIATOR) Database Failover
you can do this on the NAS itself. Mir Atir - Original Message - From: Brett Murphy To: Dirk Laan ; [EMAIL PROTECTED] Sent: Friday, March 23, 2001 2:23 AM Subject: Re: (RADIATOR) Database Failover I have the same issue, and I am going to implement a MySQL server that has high availability.ie, dual processor, redundant power supply etc.What I really would like is a sample config on how to get radiator to just "auth everyone" on database fail, at least the customers wont notice then.At 09:14 AM 3/22/2001 +0100, Dirk Laan wrote:Hello,How do I build a failover for our database ?We're using MySql.For example:The Radius server is still working but it can't connect to the database.Any help would be great.I've include the configRegards,Dirk LaanForegroundTrace 4LogStdoutLogDir /var/logLogFile /var/log/%Y-radius.logDbDir .Client x.x.x.x Identifier Cisco Secret xxx DupInterval 0/ClientClient x.x.x.x Identifier Ascend Secret DupInterval 0/ClientClient DEFAULT Secret mysecret DupInterval 0/ClientClientListSQL DBSource dbi:mysql:radius DBUsername radius DBAuth radius/ClientListSQLAddressAllocator SQL Identifier RDCAllocator DBSource dbi:mysql:radius DBUsername radius DBAuth radius DefaultLeasePeriod 86400 LeaseReclaimInterval 3600 AddressPool x.x.x.x-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool x.x.x.x-2 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-2 Range x.x.x.x x.x.x.x /AddressPool/AddressAllocatorSessionDatabase SQL DBSource dbi:mysql:radius DBUsername radius DBAuth radius CountQuery \ select NASIDENTIFIER, NASPort, AcctSessionID from RADONLINE \ where UserName='%n'/SessionDatabase# configure AuthBy SQL for authenticationAuthBy SQL Identifier InitialAuth DBSource dbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select AUTHTYPE, PASSWORD from RDC where USERNAME = '%n' AuthColumnDef 0, Auth-Type, check AuthColumnDef 1, User-Password, check StripFromReply Group-ID AddToReply Service-Type=Framed-User, Framed-Protocol=PPP, cisco-avpair="ip:dns-servers=x.x.x.x"/AuthBy# configure AuthBy SQL for GIDAuthBy SQL Identifier SQL_GetGID DBSource dbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select GROUPID, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Group-ID, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault/AuthBy# configure AuthBy SQL for Fixed IPAuthBy SQL Identifier Fixed_IP DBSource dbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select STATICVST, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Framed-IP-Address, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault/AuthBy# configure AuthBy DYNADDRESS for Dynamic IPAuthBy DYNADDRESS Identifier Dynamic_IP Allocator RDCAllocator PoolHint %{NAS-IP-Address}-%{Reply:Group-ID} StripFromReply Group-ID MapAttribute yiaddr, Framed-IP-Address/AuthBy# configure AuthBy SQL for accountingAuthBy SQL Identifier AuthAccounting DBSource dbi:mysql:radius DBUsername radius DBAuth radius AuthSelect AccountingTable ACCOUNTING AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef DNIS,Called-Station-Id AcctColumnDef CLID,Calling-Station-Id/AuthBy# configure AuthBy GROUP for Static IPAuthBy GROUP Identifier AuthStatic AuthByPolicy ContinueWhileAccept AuthBy Fixed_IP AddToReply Class = Fixed_IP/AuthBy# configure AuthBy GROUP for Dynamic IPAuthBy GROUP Identifier AuthDynamic AuthByPolicy ContinueWhileAccept AuthBy SQL_GetGID AuthBy Dynamic_IP/AuthBy# configure Handlers for accountingHandler Request-Type=Accounting-Request, Class = Fixed_IP AuthBy AuthAccounting/HandlerHandler Request-Type=Accounting-Request AuthByPolicy ContinueAlways AuthBy AuthAccounting AuthBy AuthDynamic/Handler# configure Handlers for a
Re: (RADIATOR) Database Failover
you can do this on the NAS itself. Mir Atir Right, except you can't do this with the session database, that one has to have high-availability if you need it for sim use checking, etc. Chris === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Database Failover
Hello, How do I build a failover for our database ? We're using MySql. For example: The Radius server is still working but it can't connect to the database. Any help would be great. I've include the config Regards, Dirk Laan Foreground Trace 4 LogStdout LogDir /var/log LogFile /var/log/%Y-radius.log DbDir . Client x.x.x.x Identifier Cisco Secret xxx DupInterval 0 /Client Client x.x.x.x Identifier Ascend Secret DupInterval 0 /Client Client DEFAULT Secret mysecret DupInterval 0 /Client ClientListSQL DBSourcedbi:mysql:radius DBUsername radius DBAuth radius /ClientListSQL AddressAllocator SQL Identifier RDCAllocator DBSourcedbi:mysql:radius DBUsername radius DBAuth radius DefaultLeasePeriod 86400 LeaseReclaimInterval3600 AddressPool x.x.x.x-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool x.x.x.x-2 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-2 Range x.x.x.x x.x.x.x /AddressPool /AddressAllocator SessionDatabase SQL DBSourcedbi:mysql:radius DBUsername radius DBAuth radius CountQuery \ select NASIDENTIFIER, NASPort, AcctSessionID from RADONLINE \ where UserName='%n' /SessionDatabase # configure AuthBy SQL for authentication AuthBy SQL Identifier InitialAuth DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select AUTHTYPE, PASSWORD from RDC where USERNAME = '%n' AuthColumnDef 0, Auth-Type, check AuthColumnDef 1, User-Password, check StripFromReply Group-ID AddToReply Service-Type=Framed-User, Framed-Protocol=PPP, cisco-avpair= "ip:dns-servers=x.x.x.x" /AuthBy # configure AuthBy SQL for GID AuthBy SQL Identifier SQL_GetGID DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select GROUPID, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Group-ID, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault /AuthBy # configure AuthBy SQL for Fixed IP AuthBy SQL Identifier Fixed_IP DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select STATICVST, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Framed-IP-Address, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault /AuthBy # configure AuthBy DYNADDRESS for Dynamic IP AuthBy DYNADDRESS Identifier Dynamic_IP Allocator RDCAllocator PoolHint %{NAS-IP-Address}-%{Reply:Group-ID} StripFromReply Group-ID MapAttribute yiaddr, Framed-IP-Address /AuthBy # configure AuthBy SQL for accounting AuthBy SQL Identifier AuthAccounting DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect AccountingTable ACCOUNTING AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef DNIS,Called-Station-Id AcctColumnDef CLID,Calling-Station-Id /AuthBy # configure AuthBy GROUP for Static IP AuthBy GROUP Identifier AuthStatic AuthByPolicy ContinueWhileAccept AuthBy Fixed_IP AddToReply Class = Fixed_IP /AuthBy # configure AuthBy GROUP for Dynamic IP AuthBy GROUP Identifier AuthDynamic AuthByPolicy ContinueWhileAccept AuthBy SQL_GetGID AuthBy Dynamic_IP /AuthBy # configure Handlers for accounting Handler Request-Type=Accounting-Request, Class = Fixed_IP AuthBy AuthAccounting /Handler Handler Request-Type=Accounting-Request
Re: (RADIATOR) Database Failover
Hello Dirk - You would specify multiple DBSource, DBUsername and DBAuth lines in the AuthBy SQL clause(s). Have a look at section 6.26 in the Radiator 2.18 reference manual. Keep in mind however that keeping the databases coherent is a whole other problem that is outside the scope of Radiator. In general we recommend using a single high-availability SQL host with hot-swap RAID disks. regards Hugh On Thursday 22 March 2001 19:14, Dirk Laan wrote: Hello, How do I build a failover for our database ? We're using MySql. For example: The Radius server is still working but it can't connect to the database. Any help would be great. I've include the config Regards, Dirk Laan Content-Type: text/plain; charset="us-ascii"; name="config.txt" Content-Transfer-Encoding: 7bit Content-Description: Content-Type: text/x-vcard; charset="us-ascii"; name="d.laan.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Dirk Laan -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Database Failover
I have the same issue, and I am going to implement a MySQL server that has high availability. ie, dual processor, redundant power supply etc. What I really would like is a sample config on how to get radiator to just "auth everyone" on database fail, at least the customers wont notice then. At 09:14 AM 3/22/2001 +0100, Dirk Laan wrote: Hello, How do I build a failover for our database ? We're using MySql. For example: The Radius server is still working but it can't connect to the database. Any help would be great. I've include the config Regards, Dirk Laan Foreground Trace 4 LogStdout LogDir /var/log LogFile /var/log/%Y-radius.log DbDir . Client x.x.x.x Identifier Cisco Secret xxx DupInterval 0 /Client Client x.x.x.x Identifier Ascend Secret DupInterval 0 /Client Client DEFAULT Secret mysecret DupInterval 0 /Client ClientListSQL DBSourcedbi:mysql:radius DBUsername radius DBAuth radius /ClientListSQL AddressAllocator SQL Identifier RDCAllocator DBSourcedbi:mysql:radius DBUsername radius DBAuth radius DefaultLeasePeriod 86400 LeaseReclaimInterval3600 AddressPool x.x.x.x-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool x.x.x.x-2 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-2 Range x.x.x.x x.x.x.x /AddressPool /AddressAllocator SessionDatabase SQL DBSourcedbi:mysql:radius DBUsername radius DBAuth radius CountQuery \ select NASIDENTIFIER, NASPort, AcctSessionID from RADONLINE \ where UserName='%n' /SessionDatabase # configure AuthBy SQL for authentication AuthBy SQL Identifier InitialAuth DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select AUTHTYPE, PASSWORD from RDC where USERNAME = '%n' AuthColumnDef 0, Auth-Type, check AuthColumnDef 1, User-Password, check StripFromReply Group-ID AddToReply Service-Type=Framed-User, Framed-Protocol=PPP, cisco-avpair= "ip:dns-servers=x.x.x.x" /AuthBy # configure AuthBy SQL for GID AuthBy SQL Identifier SQL_GetGID DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select GROUPID, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Group-ID, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault /AuthBy # configure AuthBy SQL for Fixed IP AuthBy SQL Identifier Fixed_IP DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select STATICVST, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Framed-IP-Address, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault /AuthBy # configure AuthBy DYNADDRESS for Dynamic IP AuthBy DYNADDRESS Identifier Dynamic_IP Allocator RDCAllocator PoolHint %{NAS-IP-Address}-%{Reply:Group-ID} StripFromReply Group-ID MapAttribute yiaddr, Framed-IP-Address /AuthBy # configure AuthBy SQL for accounting AuthBy SQL Identifier AuthAccounting DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect AccountingTable ACCOUNTING AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef DNIS,Called-Station-Id AcctColumnDef CLID,Calling-Station-Id /AuthBy # configure AuthBy GROUP for Static IP AuthBy GROUP Identifier AuthStatic AuthByPolicy ContinueWhileAccept AuthBy Fixed_IP AddToReply
IMPORTANT - Re: (RADIATOR) Database Failover
Hello Brett, Hello Everyone - My advice is to do the following: 1. Configure your NAS(s) to point at one or the other of two load balancing Radiator proxies outside your firewall. These can be very modest machines just running Radiator and tcpwrapper or similar for security. 2. Configure the load balancing proxies to point to two or more Radiator processing hosts inside the firewall. Use the AuthBy LOADBALANCE clause and add caching and local file accounting on fail (available in Radiator 2.18). This will allow your customers (who have dialed up within the caching window) to authenticate, and you will have a flat file accounting record that you can subsequently process to add the details to the customer records. 3. Build and configure two or more Radiator processing hosts inside your firewall. Configure these hosts to run against your SQL host. 4. Build a *very* solid database host with multiprocessor and hot-swap RAID disk array. This is not the only solution of course, but at least this one is relatively easy, simple and inexpensive. regards Hugh On Friday 23 March 2001 10:23, Brett Murphy wrote: I have the same issue, and I am going to implement a MySQL server that has high availability. ie, dual processor, redundant power supply etc. What I really would like is a sample config on how to get radiator to just "auth everyone" on database fail, at least the customers wont notice then. At 09:14 AM 3/22/2001 +0100, Dirk Laan wrote: Hello, How do I build a failover for our database ? We're using MySql. For example: The Radius server is still working but it can't connect to the database. Any help would be great. I've include the config Regards, Dirk Laan Foreground Trace 4 LogStdout LogDir /var/log LogFile /var/log/%Y-radius.log DbDir . Client x.x.x.x Identifier Cisco Secret xxx DupInterval 0 /Client Client x.x.x.x Identifier Ascend Secret DupInterval 0 /Client Client DEFAULT Secret mysecret DupInterval 0 /Client ClientListSQL DBSourcedbi:mysql:radius DBUsername radius DBAuth radius /ClientListSQL AddressAllocator SQL Identifier RDCAllocator DBSourcedbi:mysql:radius DBUsername radius DBAuth radius DefaultLeasePeriod 86400 LeaseReclaimInterval3600 AddressPool x.x.x.x-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool x.x.x.x-2 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-1 Range x.x.x.x x.x.x.x /AddressPool AddressPool NULAD-2 Range x.x.x.x x.x.x.x /AddressPool /AddressAllocator SessionDatabase SQL DBSourcedbi:mysql:radius DBUsername radius DBAuth radius CountQuery \ select NASIDENTIFIER, NASPort, AcctSessionID from RADONLINE \ where UserName='%n' /SessionDatabase # configure AuthBy SQL for authentication AuthBy SQL Identifier InitialAuth DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select AUTHTYPE, PASSWORD from RDC where USERNAME = '%n' AuthColumnDef 0, Auth-Type, check AuthColumnDef 1, User-Password, check StripFromReply Group-ID AddToReply Service-Type=Framed-User, Framed-Protocol=PPP, cisco-avpair= "ip:dns-servers=x.x.x.x" /AuthBy # configure AuthBy SQL for GID AuthBy SQL Identifier SQL_GetGID DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select GROUPID, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Group-ID, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault /AuthBy # configure AuthBy SQL for Fixed IP AuthBy SQL Identifier Fixed_IP DBSourcedbi:mysql:radius DBUsername radius DBAuth radius AuthSelect select STATICVST, SIMUSE from RDC where USERNAME = '%n' AuthColumnDef 0, Framed-IP-Address, reply AuthColumnDef 1, Simultaneous-Use, check NoDefault /AuthBy # configure AuthBy DYNADDRESS for Dynamic IP AuthBy DYNADDRESS Identifier Dynamic_IP Allocator RDCAllocator PoolHint %{NAS-IP-Address}-%{Reply:Group-ID} StripFromReply Group-ID MapAttribute yiaddr, Framed-IP-Address /AuthBy # configure AuthBy SQL for