Re: Redundant proxyradius and redundant homeradius

2004-12-09 Thread Thor Spruyt
Alan DeKok wrote: Thor Spruyt [EMAIL PROTECTED] wrote: I had both proxyradius servers configured to store all accounting in their own database, so by using radrelay, the databases should be the same, even if one proxyradius server is down for half an hour. Why do the databases need to be the same

Re: Redundant proxyradius and redundant homeradius

2004-12-09 Thread Alan DeKok
Thor Spruyt [EMAIL PROTECTED] wrote: Why do the databases need to be the same on the proxy? What's a backup database worth if it doesn't contain the same as the primary? But you already have two databases, one on each home server. The design of RADIUS, and radrelay, ensures that both

Re: Redundant proxyradius and redundant homeradius

2004-12-09 Thread Thor Spruyt
Alan DeKok wrote: Thor Spruyt [EMAIL PROTECTED] wrote: Why do the databases need to be the same on the proxy? What's a backup database worth if it doesn't contain the same as the primary? But you already have two databases, one on each home server. The design of RADIUS, and radrelay, ensures

Redundant proxyradius and redundant homeradius

2004-12-08 Thread Thor Spruyt
Hi, I have setup a redundant proxyradius and a redundant homeradius. I'll call the proxyradius servers PA and PB I'll call the homeradius servers HA and HB My NAS is configured to auth/acct against PA with fallback to PB PA is configured to proxy to HA with fallback to HB PB is configured to proxy

Re: Redundant proxyradius and redundant homeradius

2004-12-08 Thread Alan DeKok
Thor Spruyt [EMAIL PROTECTED] wrote: Now, when the NAS sends an acct packet to PA, the following happens: - PA proxies the packet to HA and stores in detail file - radrelay on PA relays the packet to PB That last step is the problem. Don't run radrelay on proxies. Run it only on home

Re: Redundant proxyradius and redundant homeradius

2004-12-08 Thread Thor Spruyt
Alan DeKok wrote: Thor Spruyt [EMAIL PROTECTED] wrote: Now, when the NAS sends an acct packet to PA, the following happens: - PA proxies the packet to HA and stores in detail file - radrelay on PA relays the packet to PB That last step is the problem. Don't run radrelay on proxies. Run it only

Re: Redundant proxyradius and redundant homeradius

2004-12-08 Thread Alan DeKok
Thor Spruyt [EMAIL PROTECTED] wrote: I had both proxyradius servers configured to store all accounting in their own database, so by using radrelay, the databases should be the same, even if one proxyradius server is down for half an hour. Why do the databases need to be the same on the