Starting from Splynx version 4.1, a new Radius failover module was added to work with the RADIUS protocol, ensuring higher reliability and fault tolerance.
What is a Radius failover? Radius failover is a module that allows you to create an additional server or servers that will act as a backup for the main Splynx RADIUS server in the event that the Splynx server is under maintenance or loses connection with the main server. At the same time, the router will automatically switch to the failover server and the end-user will not notice any problems in the operation of its services. Data synchronization between the primary and radius failover server(s) occurs approximately every 2 hours.
There are several benefits to using RADIUS failover, including:
Configuring radius failover takes place in several stages:
New – newly added server for radius failover (if it is enabled in the configuration, it immediately switches to Init status);
Init – the server initialization process when the necessary packages will be installed and the necessary data for the operation of the backup server will be synchronized (depending on the number of services on the main server, the initialization time may vary on different servers);
Syncing – the process of synchronizing data to ensure the correct operation of new services and after changes in existing services.
Synced – at this stage, all data is synchronized and the radius failover server is ready to work using the RADIUS protocol to provide AAA (authentication, authorization, accounting) tasks. Now you can specify it as another radius server on the router.
First, you must have a Radius server configured on your Splynx server. You can learn how to configure the Splynx Radius server from our documentation.
The next stage of configuring radius failover. The setting is located in Config – Networking – Radius failover.
In the server addition window, you must specify the IP address of the backup server for RADIUS and SSH port and execute the commands on the backup server that will be offered in the server addition window. In order for the initialization process to start immediately, it must be turned on in the settings (enabled) and click Add.
After completing all initialization stages, you will have to wait until the process is completed on the remote server. You can view the status of services on the backup server in the radius failover configuration list.
An example of network topology with a failover server (radius auth request to the main server):
An example of a network topology with a failover server when the main one is under maintenance (radius auth request to failover server):
An example of setting up a Mikrotik router to use several Radius servers (main + failover):
An example of failover server operation for PPPoE connections:
And when we use Radius failover:
Efficient network management is essential for ISPs to deliver reliable and high-quality services to their customers. Wit...
We've implemented PPPoE Radius authentication on Cisco one of the most powerful BRASes ASR 9000, that runs the IOS XR op...
Find out how Splynx helps ISPs growLearn more