Overview of RADIUS failover server

One of the methods used to authorize Internet services in Splynx is the RADIUS protocol. More details about the Splynx RADIUS server you can find in our article or in our documentation.

Starting from Splynx version 4.1, a new Radius failover module was added to work with the RADIUS protocol, ensuring higher reliability and fault tolerance.

What is a Radius failover? Radius failover is a module that allows you to create an additional server or servers that will act as a backup for the main Splynx RADIUS server in the event that the Splynx server is under maintenance or loses connection with the main server. At the same time, the router will automatically switch to the failover server and the end-user will not notice any problems in the operation of its services. Data synchronization between the primary and radius failover server(s) occurs approximately every 2 hours.

There are several benefits to using RADIUS failover, including:

  • Improved availability: By having a secondary server ready to take over in case of a failure, you can ensure that users have uninterrupted access to network resources.
  • Increased reliability: With a secondary server in place, you can reduce the risk of network outages caused by server failures.
  • Better security: RADIUS failover can help protect against cyber attacks that target the primary server, as the secondary server can take over if the primary server is compromised.
  • Simplified maintenance: With RADIUS failover, you can perform maintenance on the primary server without disrupting users, as the secondary server will handle authentication requests during the maintenance period.

Configuring radius failover takes place in several stages:

New – newly added server for radius failover (if it is enabled in the configuration, it immediately switches to Init status);

Init – the server initialization process when the necessary packages will be installed and the necessary data for the operation of the backup server will be synchronized (depending on the number of services on the main server, the initialization time may vary on different servers);

Syncing – the process of synchronizing data to ensure the correct operation of new services and after changes in existing services.

Synced – at this stage, all data is synchronized and the radius failover server is ready to work using the RADIUS protocol to provide AAA (authentication, authorization, accounting) tasks. Now you can specify it as another radius server on the router.

 

Settings:

First, you must have a Radius server configured on your Splynx server. You can learn how to configure the Splynx Radius server from our documentation.

The next stage of configuring radius failover. The setting is located in Config – Networking – Radius failover.

In the server addition window, you must specify the IP address of the backup server for RADIUS and SSH port and execute the commands on the backup server that will be offered in the server addition window. In order for the initialization process to start immediately, it must be turned on in the settings (enabled) and click Add.

After completing all initialization stages, you will have to wait until the process is completed on the remote server. You can view the status of services on the backup server in the radius failover configuration list.

An example of network topology with a failover server (radius auth request to the main server):

 

An example of a network topology with a failover server when the main one is under maintenance (radius auth request to failover server):

 

An example of setting up a Mikrotik router to use several Radius servers (main + failover):

An example of failover server operation for PPPoE connections:

 

failover server operation

And when we use Radius failover:

More in Network management

Network management Network topology failover server

Overview of RADIUS failover server

One of the methods used to authorize Internet services in Splynx is the RADIUS protocol. More details about the Splynx R...

Network management Below is the topology sample that depicts the captured flow of how Splynx and NetFlow accounting work.

How to configure NetFlow accounting in Splynx

Learn how to configure NetFlow accounting to to bring usage data into Splynx.

Network management Hotspot add-on in Splynx 4.0

Hotspot add-on in Splynx 4.0

The Hotspot add-on was built to help businesses from low-income communities grow and earn more.

Network management How to configure Juniper Radius

Juniper Radius configuration with variables

This article is the second part of the Juniper MX Radius configuration tutorial.

Network management How to configure Radius Juniper MX

How to configure Radius Juniper MX

Juniper Networks is one of the leading vendors producing networking equipment. Together with Cisco, Juniper defines wher...

Network management Mikrotik ipv6 configuration

How to configure Mikrotik IPv6

This blog post describes how to configure the Mikrotik router to act as a PPPoE server with IPv6 enabled.

Network management How to configure Cisco IOS XR Radius in Splynx

How to configure Cisco IOS XR Radius (ASR 9000 series)

We've implemented PPPoE Radius authentication on Cisco one of the most powerful BRASes ASR 9000, that runs the IOS XR op...

Network management How to configure Juniper Radius server in Splynx

How to configure Juniper Radius server (updated)

This is an updated version of the Radius server configuration with Juniper using variables for speed limitations.

Network management How to configure Huawei NE (NetEngine) router Radius

How to configure Huawei NE (NetEngine) router Radius

We'll tackle the configuration of the Huawei NE20 and Huawei NE40 router with the Radius server. We will be using Splynx...

Network management

IPv6 CPE and home routers support

This article shows examples of 3 different CPEs from 3 other vendors. We have selected IPv6 routers that are used in net...

Find out how Splynx helps ISPs grow

Learn more