First steps in 3.0

Stefan Winter stefan.winter at restena.lu
Tue Aug 14 14:56:20 CEST 2012 

Hi,

>   Hmm... those sections shouldn't be mandatory.  I'll fix that.

Thanks!

As I did some tests, it occured to me that the behaviour of rlm_sql
will change significantly if running it with a 2.1 config. I had

        num_sql_socks   = 2

which opened two sockets on startup, and never closed them.

If not defining a pool in 3.0, rlm_sql behaves very greedy. It opened
one connection to the server to deliver my SELECT, and immediately
closed it again:

(0) sql-vpn :   expand: %{User-Name} -> ctompers
(0) sql-vpn : sql_set_user escaped user --> 'ctompers'
rlm_sql (sql-vpn): Opening additional connection (0)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql-vpn): Reserved connection (0)
(0) sql-vpn :   expand: SELECT id, username, attribute, value, op           FROM check_vpn           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM check_vpn           WHERE username = 'ctompers'           ORDER BY id
Executing query SELECT id, username, attribute, value, op           FROM check_vpn           WHERE username = 'ctompers'           ORDER BY id
(0) sql-vpn : User found in radcheck table
rlm_sql (sql-vpn): Released connection (0)
rlm_sql (sql-vpn): Closing idle connection (0): Too many free connections (1 > 0)
rlm_sql (sql-vpn): Closing connection (0)

It also meant I realised only during runtime that something was wrong
with my MySQL uplink - with 2.x, I'd get the errors right on startup.

If that setting is kept, it generates lots of useless load, a full TCP
handshake + MySQL login for every single query!

Of course you could say: your bad, why didn't you configure the pool!
That's right (and now that I've realised it, I will of course work with
pools right away), but it creates surprises for people who just run 3.0
with their 2.1 config. According to -users, that seems to be a popular
thing to do, judging from the many 1.x -> 2.x conversions going wrong.

For backwards-compatibility, it might make sense to convert the 
num_sql_socks statement into a pool block implicitly, like:

        num_sql_socks   = 2

=>

pool {
	start = 2
	min = 2
	max = 2
	spare = 2
	uses = 0
	lifetime = 0
	idle_timeout = 0
}

That should conserve the old behaviour.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20120814/6bd7591e/attachment.pgp>

More information about the Freeradius-Devel mailing list