Dear Zen folks. I have to follow up with another question about UDP load balancing. I'm trying to balance 3 RADIUS backends. However, in UDP mode, Zen NATs the package and sends it off with its own IP to the RADIUS server (which then doesn't respond since it's not a client that it knows).
This problem goes away if I add the Zen load balancer as a RADIUS client. However, then all clients using the load balanced solution will need to use the same shared secret (less optimal). E.g.: Zen primary IP: 10.0.0.10 Zen Farm IP (Carped): 10.0.0.11 Radius Client: 10.0.0.1 Radius Server: 10.0.0.50 Essentially, an exchange goes like this: 10.0.0.1 -> 10.0.0.11 Radius Request 10.0.0.10 -> 10.0.0.50 Radius Request *** nothing if zen primary IP is not a RADIUS client on 10.0.0.50 *** or if it is: 10.0.0.50 -> 10.0.0.10 Radius Accept 10.0.0.11 -> 10.0.0.1 Radius Accept Ideally, is there a way to disable the NATing and just forward the packet to a backend? Is there any other way around this or do I have a fundamental misunderstanding here? Otherwise I have to add both Zen cluster members as RADIUS clients and then configure each "real client" to use the same shared secret. -Andy
------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________ Zenloadbalancer-support mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
