One use would be in the place of the proxy server (roaming server) that is
in RadiusNT now. If the first server contaced didn't authenticate, the
request could be passed to another. This could happen without the user
needing to type in their full domain name. If the other didn't
authenticate, it could pass to another, and so on in a ring. Certainly
you'd have to watch out for loops.
Another possibility is a set of cascaded servers. Imagine a centralized
authentication server but with sub-servers located in densely populated
area. The sub-server would try the request first. If it didn't
authenticate, the request would bounce back to the central authenticator.
A third use would be to redirect certain auth requests to a different
server to be handled differently. For example, customers who haven't paid
their ISP bill could be removed from the primary server. Their request
would get forwarded to a different server which would handle them differently.
I'm sure there are other uses. It's just a bit more flexibility for the
package. My main interest is in #1 and #2 but I can see how we might be
able to use #3 at my ISP too.
_M_