Adding a NAS via SQL
Stefan Winter
stefan.winter at restena.lu
Mon Jul 30 15:54:49 CEST 2007
Hi,
> It is an issue that has been discussed previously and FreeRADIUS is
> unlikely to ever do an SQL SELECT of the nas table for every inbound
> packet. What may be possible is to reload the nas list at certain intervals
> (from cron is the easiest) but until/unless HUP handling is improved that
> is problematic for deployments that need to keep session state (ie. EAP
> users). If you dont use EAP, then there is no problem doing a full restart
> on a regular basis..
regular checks still would be a waste of resources most of the time (how often
do you add a NAS?). How about:
- doing the SQL query when it encounters a request from a new, unknown IP
address,
- RATE-LIMITED to once per minute or so.
That would make re-reading event-driven, and not make the server be DoS'ed
when a wave of fake requests comes in.
Not sure how difficult to implement this though...
Stefan
--
Stefan WINTER
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070730/b1a092d4/attachment.pgp>
More information about the Freeradius-Users
mailing list