NAS list update without restarting radius server.

liran tal liransgarage at gmail.com
Wed Jan 23 13:07:09 CET 2008


I think that having 2 servers running in master/slave and constantly
exchanging the roles between them is highly a compromise for reading
once in a while a cached nas list and updating it every now and then.

The interval to update the nas list can be user defined and will solely
depend on your system being able to support it. Ofcourse I wouldn't
recommend doing it every second but a reasonable time is in place
I think.

Also I'm thinking that like most services in the world changes take affect
only after a limited time which you can enforce in a policy.
For example, you tell your users or whomever operates the nas list that
changes to the nas are affected only after 3 hours and set that time as
the interval for freeradius to re-build the list.

Very much like that is what happens with DNS record updates for example
(although for somewhat different reasons) which you have to wait at least
a couple of hours if not the full 72 hours for the dns records to update
on servers/routers across the globe.



Regards,
Liran Tal.

On Jan 23, 2008 12:08 PM, Pawel Cieplinski <pawel at parkandmarine.com> wrote:

> I wont be adding NASes, but users will do, so i am thinking 0-10 a day.
>
> Linking to a dynamic list using interal its not a good solution, becouse i
> will need to wait for list update after adding NAS.
>
> Other solution i am thinking is to run two instances of server and restart
> them in round robin and use iptables to redirect packets to actual working
> server.
>
> Goal is to serveradius to third party as a service, so users will add
> their
> own nases, modified them etc, at this stage i cannot really say how many
> times a day i will need a restart, but i am wondering about also about
> following soltion:
>
> Run two servers:
>
> Primary and Secondary, primary will be restarted once a day, and secondary
> every time NAS list will be changed. After adding a NAS primimary will not
> respond (unknown NAS) so NAS will ask secondary instead) also request from
> other nases will not be lost becouse primary is not restarded on NAS list
> change.
>
> What do you think ?
>
>
> ________________________________
>
>        From:
> freeradius-users-bounces+pawel=parkandmarine.com at lists.freeradius.org
> [mailto:
> freeradius-users-bounces+pawel=parkandmarine.com at lists.freeradius.or
> g] On Behalf Of Marinko Tarlac
>        Sent: 23 January 2008 10:05
>        To: FreeRadius users mailing list
>        Subject: Re: NAS list update without restarting radius server.
>
>
>        Well how many times per day do you add nases?
>
>
>        On Jan 23, 2008 10:20 AM, liran tal <liransgarage at gmail.com> wrote:
>
>
>
>                Hey Alan,
>
>
>                On Jan 23, 2008 9:47 AM, Alan DeKok
> <aland at deployingradius.com> wrote:
>
>
>                        liran tal wrote:
>                        > Maybe freeradius can read the nas list from sql
> at
> startup to some
>                        > linked list and this list will be updated every
> given interval with a query
>                        > to the database.
>
>
>                         It's more complicated than that.  The NASes need
> to
> be deleted, too.
>                        And this has to be done without affecting normal
> server operation.
>
>                         As always, patches are welcome.
>
>
>
>                Well, every given interval a query will run on the database
> server to get the
>                list of nases and it will build a new linked list based on
> that and delete
>                the other nodes and free the pointers of those.
>
>                I guess that coming up with a method to check against each
> nas if it's
>                there or not, and to remove or add it based on a check is
> do-able
>                but would probably face some efficiency issues where-as I
> think it
>                would be proper to create a new linked list with whatever
> nases that
>                query returns and free the previous linked list from
> memory.
>
>
>                I haven't had a look at the relevant code but it seems
> quite
> basic
>                to implement unless I'm over-seeing some critical aspects
> :-)
>
>                I'll be glad to take a look if you can refer me to the
> current piece
>                of code where freeradius handles the nas lists read from
> the
> database
>                and stores them.
>
>
>                Regards,
>                Liran Tal.
>
>                -
>                List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080123/3d6e9a90/attachment.html>


More information about the Freeradius-Users mailing list