Support for Fail-Over

RadSec supports fail-over by configuring multiple server options. Normally requests will be forwarded to the first server option defined.

If there are multiple server options, the proxy will do fail-over and use the second server if the first is down. If the two first are down, it will try the third etc. If the first server comes back up, it will go back to using that one. Detection of servers being up or down is based on the use of StatusServer (if enabled), and that TCP/TLS/DTLS connections are up. Otherwise unanswered requests are used to detect unresponsive servers.

Multiple RADIUS servers can be configured in radsecproxy.conf as shown below; ensure each server is also added under the realm section,

server radius-server-1 {
    ...
}
 
server radius-server-2 {
    ...
}
 
realm * {
    server radius-server-1
    server radius-server-2
}