Humm ... I actually call it flexibility and that's one of the things i like more in Radiator. Anyway, according to the comments on the code itself this way( ok not using this method exactly) is the way of implementing other methods of using more than one host.<br>
<br>#####################################################################<br># chooseHost selects which host to send a packet to.<br># Default implementation is to initially choose the first Host named,<br># and if that fails, choose the next host in the list<br>
# of Hosts. Returns a pointer to a Host object if one can be found<br># Override this to implement your own host selection algorithm<br><br>AuthROUNDROBIN, AuthLOADBALANCE and AuthVOLUMEBALANCE already does that for RADIUS. We use another custom algorithm for balancing request.<br>
<br>Anyway, I'll make a AuthRADSECROUNDROBIN as i suggested and replace the transport between my internal servers. I'll send the patch/code in a one week or so.<br><br>NOTES: <br> * Theoretically AuthRADSEC should have less impact on firewalls and that itself is a reason to change from RADIUS to RADSEC.<br>
* I think for RADSEC it doesn't apply the "loadbalancer in front" because:<br> 1) If it's a layer 4 one the it can't rebalance connections since RADSEC only makes one connection per peer. <br>
2) Because of 1) then should be a Layer 7. If you use TLS with encription then it can't inspect the content. If you don't the the balancer must "know" how to handle RADSEC packets. Since there aren't that many server implementations, i doubt there is any balancer that do that.<br>
<br>José Borges Ferreira<br><br>PS: I forgot to mention in my hack that you must also change all references of Radius::AuthRADIUS to Radius::AuthRADSEC<br><br><div class="gmail_quote">On Mon, Apr 14, 2008 at 4:20 PM, Robert Blayzor <<a href="mailto:rblayzor.bulk@inoc.net">rblayzor.bulk@inoc.net</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">On Apr 11, 2008, at 12:05 PM, Jose Borges Ferreira wrote:<br>
</div><div class="Ih2E3d"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Rename AuthROUNDROBIN.pm to AuthRADSECRR.pm<br>
Edit AuthRADSECRR.pm and replace AuthROUNDROBIN by AuthRADSECRR<br>
Edit your configuration file replace RADSEC by RADSECRR and add ,at least, 2 hosts<br>
Restart and test it.<br>
</blockquote>
<br>
<br>
<br></div><div class="Ih2E3d">
Sounds ugly. I was hoping that it was simply something supported and not hacked up. If RadSec isn't currently supported via RR, that's fine, I just need to know that, and if it's planned in the future (or not).<br>
<br>
-- <br></div><div><div></div><div class="Wj3C7c">
Robert Blayzor, BOFH<br>
INOC, LLC<br>
<a href="mailto:rblayzor@inoc.net" target="_blank">rblayzor@inoc.net</a><br>
<a href="http://www.inoc.net/%7Erblayzor/" target="_blank">http://www.inoc.net/~rblayzor/</a><br>
<br>
Mac OS X. Because making Unix user-friendly is easier than debugging Windows.<br>
<br>
<br>
<br>
<br>
<br>
<br>
--<br>
Archive at <a href="http://www.open.com.au/archives/radiator/" target="_blank">http://www.open.com.au/archives/radiator/</a><br>
Announcements on <a href="mailto:radiator-announce@open.com.au" target="_blank">radiator-announce@open.com.au</a><br>
To unsubscribe, email '<a href="mailto:majordomo@open.com.au" target="_blank">majordomo@open.com.au</a>' with<br>
'unsubscribe radiator' in the body of the message.<br>
</div></div></blockquote></div><br>