I tried these methods and none of them really worked effectively against a defective LDAP server. The best solution I found was a decent load balancer with LDAP server availability testing..
-- Leigh On 17 Dec 2010, at 22:24, Heikki Vatiainen wrote: > On 12/17/2010 11:29 PM, Christian Kratzer wrote: > >>> one more quick question. What is the behavior of AuthBy LDAP2 with a >>> round-robin DNS entry (multiple A records for the RR)? If I'd like >>> failover behavior, will a single Host declaration with a round-robin >>> record be enough, or do I need to list out each individual LDAP >>> server? >> >> you should explicitly list all servers as Dns will get resolved once >> on load of config. > > That is true with e.g. Clients, but from the manual it looks like AuthBy > LDAP2 behaves a bit differently. Quote: > > Multiple space separated host names can be specified > and Net::LDAP will choose the first available one. > > A quick check shows that the host name(s) are passed to Net::LDAP which > takes care of resolving names to addresses. Note also how the doc below > says hosts are tried until there is success. > > http://search.cpan.org/~gbarr/perl-ldap-0.4001/lib/Net/LDAP.pod#new > > Radiator seems to create a new Net::LDAP for each (re)connect so it > might be that DNS is queried when there was a disconnect and a reconnect > needs to be done. > > So listing the hosts, like Christian writes, seems to be easier than > trying to follow Net::LDAP's method of resolution. > > -- > Heikki Vatiainen <h...@open.com.au> > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, > NetWare etc. > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
