VMPS - Initial project ideas

Phil Mayers p.mayers at imperial.ac.uk
Fri Oct 31 14:58:18 CET 2008


Hairy51 wrote:
> Hi all,
> 
> I am just about to start a project to remove the VMPS system from an aging
> catalyst switch and i would like to investigate the possibilty of using
> FreeRadius for this.
> 
> We currently have about 1500 hosts that rely on VMPS for dynamic assignment
> and an ideal solution would be to move the VMPS service onto a server (Or
> multiple servers) with as little interuptions to users as possible.
> 
> Also, for simplicities sake it would be great if we could re-use the current
> Static VMPS file that the catalyst switch uses. 

You won't be able to do that, but you should be able to convert it 
pretty easily, probably into a comma-separated:

mac,vlan-name

...file

> 
> I have looked into FreeNAC as a solution, but want to investigate other ways
> of acheiving this. We do not really need to do anything other than assign
> (or block) VLANs, so the extra functionality of FreeNAC is not needed at
> this point.

FreeNAC offers nothing useful that I can see.

> 
> Considering i am coming from a limited Linux background, how hard would it
> be for me to acheive this using FreeRADIUS? Does it sound feasible? I am
> really looking for a bit of advice from those with experience of the
> FreeRADIUS application and who know of the potential pit-falls and
> complications that we may face!

We've done it. It was not very hard.

Basically, you need:

  * FreeRadius 2 - pick the most recent version
  * A list of the mac,vlan pairs in a text file
  * Ability to follow the (pretty simple) examples in the FreeRadius source

Specifically see "raddb/sites-available/vmps"



More information about the Freeradius-Users mailing list