[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Proxies and dead home servers
Glen Zorn (gwz) wrote:
> No, I'm not. I'm saying that a proxy should _never_ failover.
I think we're talking about two separate things.
I will note that IAS, ACS, Radiator, Navis, SBR, and FreeRADIUS all
support proxy failover. And that's server-based failover, not
realm-based failover (so far as I can tell).
>> If what you say about proxy behavior is true, then the NAS can
>> easily tell the difference between a home server and a proxy. A home
>> server follows RFC 2865, and always sends a response to a request.
>
> Nonsense. It can't send a response if its down.
Well, yes. I thought that went without saying.
>> A
>> proxy server sometimes doesn't respond to a request.
>
> Reflecting the state of an upstream entity.
Which is a problem. So far as the NAS is concerned, the local server
it's sending requests to is authoritative, and *is* the home server.
That local server may be doing proxying, but the NAS doesn't know. So
what you're saying is that when that local server is proxying, it is
free to violate RFC 2865, which requires that servers always respond to
Access-Requests from a NAS.
For reasons I outlined previously, this has major negative impact on
the network. i.e. for a large number of practical, real-world reasons,
it's a good idea for servers to always respond to NASes.
> The problem I'm trying to point out is that the wrong decision is being
> made because the wrong things are being considered. If NAI-based
> routing is in use & routes instead of servers are marked as up or down
> the problem you're talking about evaporates.
Do the NASes implement NAI routing, and mark routes up or down instead
of marking servers up or down? Not that I'm aware of.
I understand what you're getting at, but treating "routes" as up or
down is something that the NAS just can't do. So the scenarios I
presented are *explictly* not addressed by your design. NASes *will*
erroneously believe that a server is down because route A is down, even
though route B is still up. Users *will* get erroneously rejected, and
administrators will have sleepless nights trying to make their network work.
In addition, proxies can't know if the client sending them packets is
a NAS or is instead another proxy. Even if they are configured to treat
the client as another proxy, it is still incumbent on the first server
in the chain to behave properly towards the NAS. So at the minimum,
*one* server in the proxy chain (the one local to the NAS) needs to
always respond to the NAS, otherwise the NAS will think it's down.
Alan DeKok.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>