CLEANACCESS Archives

December 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Ldap load balancing/failover
From:
Gary Flynn <[log in to unmask]>
Reply To:
Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:
Wed, 21 Dec 2005 15:12:28 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (29 lines) 
Eric Weakland wrote:

> 
> Hi everyone.
> 
> I am hoping I am not going to have to use round robin dns entries with 
> ttl's of 0 to do this . . .  we use LDAP to authenticate our users and 
> while our LDAP servers are very stable - the one time we had one fail it 
> was a catastrophe.  Lots of people couldn't authenticate, the CAM hung 
> etc.  In short, badness.
> 
> In the effort to avoid this badness in the future - I would like to have 
> some sort of LDAP failover/load balancing.  I can't see any way to do 
> this through the CAM - am I missing something?  If there is no feature 
> to do this in the Clean Access Manager software - is anyone using 
> anything to accomplish LDAP failover/load balancing?  Suggestions (other 
> than round robin dns) welcome!


We use a RedHat Piranha/LVS cluster in front of our LDAP
servers for load balancing and automated failover.


-- 
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security

ATOM RSS1 RSS2