I have solved that using mysql replication on both servers but the underlying problem is switching over in case the main radius server stops working.so, accounting-backup RADIUS is not used for authentication?..
anyway, you will need some tool to synchronize your accounting data on both servers in case of failure of one of them
is it master/master replication?.. then set "accounting-backup: no" on both servers - in that case you should get authentication failover, and mysql replication will give you accounting failoverI have solved that using mysql replication on both servers but the underlying problem is switching over in case the main radius server stops working.
At the moment its master/slave replication. I will setup master/master replication and then disable accounting-backup as you advised.is it master/master replication?.. then set "accounting-backup: no" on both servers - in that case you should get authentication failover, and mysql replication will give you accounting failoverI have solved that using mysql replication on both servers but the underlying problem is switching over in case the main radius server stops working.
mmm?..It worked after changing the time out to different values on both radius client entries. I noticed they need to be well spaced to allow for failover.
there should be no sense in setting different timeout values: second RADIUS should be queried only if first one do not respond...I set time out on both servers at different times and disabled accounting-backup. Is that better?
You are saying you have 2 radius servers and each sever has 3 entries under radius client in MT. I also have two radius servers (main and back up) . May initial setup has failed yet again once the main radius server went down so i have to define the main one again using winbox. If you don't mind please explain how to setup mine to work as failover just a yours does. Thanks.I tend to list the primary and secondary radius servers as alternate entries under Radius in winbox, with a timeout of 500ms.
They are also listed 3 times, so the MT gets 6 goes in 3 seconds to hit either remote Radius server.
The last entry on the MT is a third Local Radius server that has a 24-hour backup of the main authentication database on it.
With this setup some accounting records are lost if the primary falls over, but it doesn't really matter too much, as the accounting records are incremental, and are only used for dynamic bandwidth limiting/timeout kicking.
If i lost Authentication then that would be Bad. Loosing a few accounting records isn't such a big deal.
what do you see in RADIUS stats? are both servers queried?for some reason failover is not working
Concerning My primary server going down its an issue with the national power provider. The power is very erratic and am still in the process of setting up a 24 hr power backup solution.I have upwards of 200 mikrotik + other devices accessing the same 3 Radius servers with no perceiveable problem.
However, i do not use Radius for ppp authentication, so maybe that's enough of a difference.
I *never* set Accounting-Backup because it seemed to break things early in testing, so i never tick it anymore.
If it is a matter of Timing, you might want to give VRRP a try, with the Two Radius servers doing MySQL replication, but both appearing to have the same IP address : if one fails, the second server takes over, and the authenticating equipment should not notice the difference.
Am starting to think its the secondary server with the problem since i setup mysql master-master replication and still its not replicating in a timely manner. Just to ask i the main server runs on mysql 5.0 while the secondary is mysql 5.1 could it be the issue?
Out of interest, *why* would your Primary Radius server break often enough for you to lose sleep ?
Am starting to think its the secondary server with the problem since i setup mysql master-master replication and still its not replicating in a timely manner. Just to ask i the main server runs on mysql 5.0 while the secondary is mysql 5.1 could it be the issue?I have upwards of 200 mikrotik + other devices accessing the same 3 Radius servers with no perceiveable problem.
However, i do not use Radius for ppp authentication, so maybe that's enough of a difference.
I *never* set Accounting-Backup because it seemed to break things early in testing, so i never tick it anymore.
If it is a matter of Timing, you might want to give VRRP a try, with the Two Radius servers doing MySQL replication, but both appearing to have the same IP address : if one fails, the second server takes over, and the authenticating equipment should not notice the difference.
Am starting to think its the secondary server with the problem since i setup mysql master-master replication and still its not replicating in a timely manner. Just to ask i the main server runs on mysql 5.0 while the secondary is mysql 5.1 could it be the issue?
Out of interest, *why* would your Primary Radius server break often enough for you to lose sleep ?