I reply down in your lines.
2012/4/16 Andreas M. Iwanowski <[email protected]>
> Dear Zen folks.****
>
> ** **
>
> I have to follow up with another question about UDP load balancing.****
>
> I’m trying to balance 3 RADIUS backends.****
>
> However, in UDP mode, Zen NATs the package and sends it off with its own
> IP to the RADIUS server (which then doesn’t respond since it’s not a client
> that it knows).****
>
> ** **
>
> This problem goes away if I add the Zen load balancer as a RADIUS client.
> However, then all clients using the load balanced solution will need to use
> the same shared secret (less optimal).****
>
> ** **
>
> E.g.:****
>
> Zen primary IP: 10.0.0.10****
>
> Zen Farm IP (Carped): 10.0.0.11****
>
> Radius Client: 10.0.0.1****
>
> Radius Server: 10.0.0.50****
>
> ** **
>
> Essentially, an exchange goes like this:****
>
> 10.0.0.1 -> 10.0.0.11 Radius Request****
>
> 10.0.0.10 -> 10.0.0.50 Radius Request****
>
> *** nothing if zen primary IP is not a RADIUS client on 10.0.0.50****
>
> *** or if it is:****
>
> 10.0.0.50 -> 10.0.0.10 Radius Accept****
>
> 10.0.0.11 -> 10.0.0.1 Radius Accept****
>
> ** **
>
> ** **
>
> Ideally, is there a way to disable the NATing and just forward the packet
> to a backend?
>
No, There isn't, This is named sNAT method, Zen LB works only in this way
at the moment
****
>
> Is there any other way around this or do I have a fundamental
> misunderstanding here?
>
There is not misunderstanding, all is fine, We are working now in v3, we
are going to add other methods to work that allow Zen to work in
transparent mode, but now, the only one solution is your own workaround
defined in this email.
> ****
>
> Otherwise I have to add both Zen cluster members as RADIUS clients and
> then configure each “real client” to use the same shared secret.****
>
> ** **
>
> -Andy****
>
>
> ------------------------------------------------------------------------------
> For Developers, A Lot Can Happen In A Second.
> Boundary is the first to Know...and Tell You.
> Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
> http://p.sf.net/sfu/Boundary-d2dvs2
>
> _______________________________________________
> Zenloadbalancer-support mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe): [email protected]
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
