In this Guide, I will show you howto create replica of your radius server so that in case of any server failure , you can instantly switch to backup server with the latest data available. In this model we will use MYSQL master-master concept in which whatever changes / records you make on any server, it will replicate to other as well. Also in mikrotik we can use primary and secondary radius server entries OR we can make a script to detect both radius status and act accordingly, all depend on your network requirements & infrastructure.
Scenario:
In this example we have RADIUS MANAGER billing system which uses freeradius and MYSQL DB as its backend engine, installed (with basic level of installation) on two servers. Now we want to create redundancy by replicating radius DB to each other so that in case of one server failure, second server should come to rescue.
Requirements:
- I assume that you have working radius manager installed on both PC and tested its working by creating users in it.
Components Used:
- SERVER1 NAME = MASTER-RADIUS
OS = Centos 6.5 32bit
IP = 101.11.11.241 - SERVER2 NAME = REPLICA-RADIUS
OS = Centos 6.5 32bit
IP = 101.11.11.245 - MIKROTIK PPPOE SERVER = Mikrotik
OS = Mikrotik 5.xx
IP = 101.11.11.255
Let’s Start
Step – 1
Server1 = ‘master-radius’ Configuration
Open mysql config file
nano /etc/my.cnf
and add following under [mysqld] section
log-bin=mysql-bin binlog-do-db=radius server-id=1 auto_increment_increment = 2 auto_increment_offset = 1
SAVE and EXIT.
Now restart mysqld service so changes can take effect.
service mysqld restart
Now we need to create a user that will be used by mysql for replicating data between our two radius (or mysql) servers. As an example I am using id “zaib”. Replace “password” with the password you wish to use for replication.
create user 'zaib'@'%' identified by 'password'; grant replication slave on *.* to 'zaib'@'%';
Now we need to get some information about the current MySQL instance which we will later provide to server2 (replica).
The following command will output a few pieces of important information, which we will need to make note of:
show master status;
The output will look similar to the following, and will have two pieces of critical information: [file and position note it down)
+------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000001 | 336 | radius | | +------------------+----------+--------------+------------------+
1 row in set (0.00 sec)
We need to make a note of the file and position which will be used in the next step.
Step – 2
Server2 = ‘replica-radius’ Configuration
Open mysql config file
nano /etc/my.cnf
and add following under [mysqld] section
log-bin=mysql-bin binlog-do-db=radius server-id=2 auto_increment_increment = 2 auto_increment_offset = 2
Make sure server-id is different then primary server
SAVE and EXIT.
Now restart mysqld service so changes can take effect.
service mysqld restart
Here we are going to create the user which will be responsible for the replication. Replace “password” with the password you wish to use.
create user 'zaib'@'%' identified by 'password'; grant replication slave on *.* to 'zaib'@'%';
The next step involves taking the information that we took a note of earlier and applying it to our mysql instance. This will allow replication to begin. The following should be typed at the mysql shell:
slave stop; CHANGE MASTER TO MASTER_HOST = '101.11.11.241', MASTER_USER = 'zaib', MASTER_PASSWORD = 'password', MASTER_LOG_FILE = 'mysql-bin.000001', MASTER_LOG_POS = 336; slave start;
Your values for MASTER_LOG_FILE and MASTER_LOG_POS may differ than those above. You should copy the values that “SHOW MASTER STATUS” returns on Server-1.
The last thing we have to do before we complete the mysql master-master replication is to make note of the master log file and position to use to replicate in the other direction (from Server 2 to Server 1).
We can do that by typing the following:
SHOW MASTER STATUS;
The output will look similar to the following:
+------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000002 | 125 | radius | | +------------------+----------+--------------+------------------+ 1 row in set (0.00 sec)
Take note of the file and position, as we will have to enter those on server 1, to complete the two-way replication.
The next step will explain how to do that.
Step – 3
Completing Replication on Server1 [Master-radius]
Back on Server 1, we need to finish configuring replication on the command line.
Running this command will replicate all data from Server 2.
slave stop; CHANGE MASTER TO MASTER_HOST = '101.11.11.245', MASTER_USER = 'zaib', MASTER_PASSWORD = 'password', MASTER_LOG_FILE = 'mysql-bin.000002', MASTER_LOG_POS = 125; slave start;
Keep in mind that your values may differ from those above. Please also replace the value of MASTER_PASSWORD with the password you created when setting up the replication user.
The output will look similar to the following:
Query OK, 0 rows affected (0.01 sec)
Now test the status by issuing command to mysql cli
show slave status\G
and you should see something similar to this. [don’t get confused with different numbers of log file file and position number, as this snap was taken in another lab]
TEST
The last thing to do is to test that replication is working on both servers.
Open server1 radius panel, and try to create new user, after creation, it will be automatically replicated to server2 : )
As showed in the images below …
At a moment no users have been created.
Now create test user
After creation, Goto Server2 (Replica) and check Users List, and you will find the user replicated.
and when you will create any user , it will replicate back to server1.
Adding both Radius Server entries in Mikrotik
Add both radius server
and at radius manager, add the NAS (mikrotik)
Don’t forget to rebuild clients.conf (from the menu) at secondary radius as well.
Now test by connecting any client , once successful, disconnect the primary radius, and try to connect the client again, once mikrotik will be unable to find primary entry, it will auto contact secondary server. as showed in the images below …
I will add few more details later….
Regard’s
Syed Jahanzaib
great thanks. was looking for something like it
LikeLike
Comment by David — June 26, 2015 @ 4:40 PM
Salam Alylkum
Thanks for your great information you put in your blog.
i had setup MYSQL Master-Master Replication on Ubuntu server 12.04 X86_64 LTS and works great
but we had electricity problem in my area if power cut without proper shutdown replication stop working and I have to repeat from start
is there any procedure to fix this issue
also noticed that all data before replication setup didn’t sync i mean if i create users before setup replication those users will not transfer to the other data base
Thanks In Advance
LikeLike
Comment by Ahmed — July 12, 2015 @ 3:35 PM
I do want to setup the replication as well. Can someone confirm if what Salam indicated above is the case. If yes, will it work if I first copy the database on the first server to the second before setting up replication? and if power get lost like Salam indicated whats the fastest way to resume replication?
LikeLike
Comment by Seun — October 8, 2015 @ 4:21 PM
Excellent!
LikeLike
Comment by woronti — October 12, 2015 @ 7:48 AM
Thanks Syed.
We are running master – master replication with 2 Radius Manager servers but keep getting errors in the MySQL logs and then the slave thread stops. The two tables are rm_onlinecm and rm_wlan:
151112 15:35:22 [ERROR] Slave SQL: Error ‘Can’t find file: ‘./radius/rm_onlinecm1.frm’ (errno: 2)’ on query. Default database: ‘radius’. Query: ‘RENAME TABLE rm_onlinecm1 TO rm_onlinecm’, Error_code: 1017
and
151112 15:40:01 [ERROR] Slave SQL: Error ‘Table ‘rm_wlan1′ already exists’ on query. Default database: ‘radius’. Query: ‘CREATE TABLE rm_wlan1 (
maccpe VARCHAR(17), `signal` SMALLINT, ccq SMALLINT, snr SMALLINT, apip VARCHAR(15), timestamp TIMESTAMP,
KEY (maccpe)
) ENGINE=MyISAM DEFAULT CHARSET=utf8’, Error_code: 1050
Any idea why this is happening?
LikeLike
Comment by Nick — November 12, 2015 @ 6:42 PM
[…] https://aacable.wordpress.com/2015/06/26/radius-redundancy-by-using-mysql-master-master-replication/ […]
LikeLike
Pingback by Backup your Backup on CLOUD ! | Syed Jahanzaib Personal Blog to Share Knowledge ! — April 25, 2016 @ 11:19 AM
i configured this one but if the master is stopped i cant able to login into switch . wtaht is the problem what i should do for this
LikeLike
Comment by krishnaprasad — November 10, 2016 @ 4:38 PM
Hi, thank you very much for the dedication and contributions you make to the community. I have followed all the instructions for radius redundancy and it works for me except the clients that do not log me in well. I tell you, the main radius is running with all the clients and the secondary one is a copy of the database and it was imported. We follow the steps and it doubles well when we create a new client but it does not show clients well online, when activating the secondary radius the primary loses the line data of the clients and so on. How could you solve this? Thank you very much in advance
LikeLike
Comment by Carlos Miguel Garcia — December 29, 2016 @ 12:06 AM