Hiya,
We recently updated a server and for some reason I missed (or believed the RADIUS secret would be reinstated following successful sync. Regardless we have two Secrets.
server1 : secret1
server2 : secret2
We wonder of the downstream issue and what the best method is to update, i.e. if I update server2 to secret1 will this cause any downstream issues with authentication etc?
RADIUS Secret
HSNM Hardware and VM configurations. Sms, Email, Backup, Database
-
HSNMSupport
- Posts: 1539
- Joined: 26 Jul 2016, 09:16
Hi Spike
It is the same change the secret on server1 or server2: the down will be, in both case, at max of 5 minutes (on the Mikrotik gateway there is a script that every 5 minutes upgrade the radius configuration)
Best regards
It is the same change the secret on server1 or server2: the down will be, in both case, at max of 5 minutes (on the Mikrotik gateway there is a script that every 5 minutes upgrade the radius configuration)
Best regards
-
spike
- Posts: 47
- Joined: 09 Sep 2016, 01:43
Hiya,
In follow up with this, I've submitted another issue regarding HA sync not being happy, but in the process of diagnosing we've realised two things.
1. roundrobindomains.txt is sometimes corrupt and thus the scripts don't run up update failover
2. RADIUS is populated by radiusip.rsc but radiusip.rsc is not updated during html upgrade.
How / when is radiusip.rsc updated (or is it static from initial build) ? As we're not seeing the ip's update following a successful script run.
In follow up with this, I've submitted another issue regarding HA sync not being happy, but in the process of diagnosing we've realised two things.
1. roundrobindomains.txt is sometimes corrupt and thus the scripts don't run up update failover
2. RADIUS is populated by radiusip.rsc but radiusip.rsc is not updated during html upgrade.
How / when is radiusip.rsc updated (or is it static from initial build) ? As we're not seeing the ip's update following a successful script run.
-
HSNMSupport
- Posts: 1539
- Joined: 26 Jul 2016, 09:16
Hi Spike
About first point, sometimes could happen that the roundrobindomains.txt is downloaded empty; in the latest Mikrotik gateway configuration scripts we added a check, on the "DownloadHTMLPages" script where, if the roundrobindomains.txt is downloaded empty, the script replace the old file.
Instead related the second point, the radiusip.rsc is downloaded from "DownloadHTMLPages" script; this is a portion of the script that download the radiusip.rsc
.....
:log info "Download Radius IP from $URL started";
/tool fetch url="http://$URL/functions/getradiusip.php?domain=domainname&hotspotname=hotspot" dst-path=radiusip.rsc mode=http;
:log info "Download Radius IP from $URL finished";
}
} on-error={
:log info "$URL doesn't respond";
:set continue true;
}
....
Best regards
About first point, sometimes could happen that the roundrobindomains.txt is downloaded empty; in the latest Mikrotik gateway configuration scripts we added a check, on the "DownloadHTMLPages" script where, if the roundrobindomains.txt is downloaded empty, the script replace the old file.
Instead related the second point, the radiusip.rsc is downloaded from "DownloadHTMLPages" script; this is a portion of the script that download the radiusip.rsc
.....
:log info "Download Radius IP from $URL started";
/tool fetch url="http://$URL/functions/getradiusip.php?domain=domainname&hotspotname=hotspot" dst-path=radiusip.rsc mode=http;
:log info "Download Radius IP from $URL finished";
}
} on-error={
:log info "$URL doesn't respond";
:set continue true;
}
....
Best regards
-
spike
- Posts: 47
- Joined: 09 Sep 2016, 01:43
Cheers, the checking script is a good idea. We've been looking into that ourselves.
regarding radiusip.rsc we've seen this file months older than hotspot files and with old content (we since moved servers) but still had radiusip.rsc pointing to the old server.
I'll check that script and see if I can see why it is not updating.
regarding radiusip.rsc we've seen this file months older than hotspot files and with old content (we since moved servers) but still had radiusip.rsc pointing to the old server.
I'll check that script and see if I can see why it is not updating.
-
HSNMSupport
- Posts: 1539
- Joined: 26 Jul 2016, 09:16
Hi Spike
The newest "DownloadHTMLPage" script that check if the roundrobindomains.txt is empty should be like this:
:log info "Download file with round robin domains from $URL started";
/tool fetch url="http://$URL/functions/getroundrobindomains.php?domain=domain&hotspotname=hotspotname" dst-path="hotspot/roundrobindomains.txt" mode=http;
:log info "Download file with round robin domains finished";
:local check [/file get "hotspot/roundrobindomains.txt" contents];
:if (($check="") || ($check=" ") || ([/file get "hotspot/roundrobindomains.txt" size] = 0) ) do={
:log info "The downloaded file roundrobindomains.txt is empty. Re-setting the old value into the file... ";
/file set hotspot/roundrobindomains.txt contents="$content";
}
So check if your script has this new check (line in bold)
Let us know about radiusip.rsc
Thanks
Best regards
The newest "DownloadHTMLPage" script that check if the roundrobindomains.txt is empty should be like this:
:log info "Download file with round robin domains from $URL started";
/tool fetch url="http://$URL/functions/getroundrobindomains.php?domain=domain&hotspotname=hotspotname" dst-path="hotspot/roundrobindomains.txt" mode=http;
:log info "Download file with round robin domains finished";
:local check [/file get "hotspot/roundrobindomains.txt" contents];
:if (($check="") || ($check=" ") || ([/file get "hotspot/roundrobindomains.txt" size] = 0) ) do={
:log info "The downloaded file roundrobindomains.txt is empty. Re-setting the old value into the file... ";
/file set hotspot/roundrobindomains.txt contents="$content";
}
So check if your script has this new check (line in bold)
Let us know about radiusip.rsc
Thanks
Best regards
Rate this topic
Who is online
Users browsing this forum: No registered users and 5 guests
It is currently 15 May 2024, 12:32