rlm_perl and accounting -- radrelay?

Kostas Kalevras kkalev at noc.ntua.gr
Thu Sep 7 10:05:48 CEST 2006


On Wed, 6 Sep 2006, Alan DeKok wrote:

> Justin Church <jcc at unc.edu> wrote:
>> OK.  The patch worked, since I can now run radiusd -n radrelay w/o the
>> Abort, but I still am not seeing a way to replicate to multiple
>> accounting servers with radiusd -n radrelay.
>
>  Unfortunately, it doesn't yet do that.  The issue is that the server
> core is really designed to forward packets, not to clone them.
>
>  I think it's possible to clone the packets, it just requires
> additional work in the server core.

Just a side note on the clone packets issue i ve come across it in another 
situation. We act as a proxy for various ISPs and we need to have a way to 
replicate accounting-on/off packets (which obviously don't carry a 
username at realm attribute) to all ISPs. But currently this is not 
possible since we have a server logic of one request,one thread. Being able to 
use multiple Proxy-To-Realm attributes would be great.

>
>> I need to take accounting requests that arrive at "main-radius" in
>> "radrelay-detail" and replicate them to "remote-radius1",
>> "remote-radius2", "remote-radius3" in parallel.  It appears as if my
>> only two options in radrelay.conf are to store accounting data in
>> sql or proxy to other servers.
>
>  You can do more than that.  Pretty much anything the server can do
> is valid in radrelay, it's just that the example config is simpler.
>
>> With the old radrelay, I believe I could have just run #radrelay -r
>> remote-radius1 radrelay-detail; radrelay -r remote-radius2
>> radrelay-detail; radrelay -r remote-radius3 radrelay-detail.
>
>  i.e. one radrelay per detail file.
>
>  You can still do this with the new code, you just have to create
> "radrelay1.conf", radrelay2.conf", etc.  It's a big pain, and
> something that should be fixed before 2.0.
>
>>  Am I missing something, and is this still possible with radiusd -n
>> radrelay?
>
>  Yes, it is.  But it's more work.
>
>  And looking at the conf files, I think the main "libdir",
> "raddbdir", etc. stuff at the top should be moved into a separate
> "directories.conf" file.  That way all of the other "radiusd.conf" and
> "radrelay.conf" files can just $INCLUDE it, which gives a central
> point for storing all changes.
>
>  Alan DeKok.
> --
>  http://deployingradius.com       - The web site of the book
>  http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

--
Kostas Kalevras		Network Operations Center
kkalev at noc.ntua.gr	National Technical University of Athens, Greece
Work Phone:		+30 210 7721861
'Go back to the shadow'	Gandalf



More information about the Freeradius-Users mailing list