First steps towards RadSec support
Alexander Clouter
alex at digriz.org.uk
Thu Sep 17 17:40:32 CEST 2009
Hi,
Alan DeKok <aland at deployingradius.com> wrote:
>
> Now that version 2.1.7 has been released, the git repository has been
> updated with the first step to RadSec support.
>
> For now, it only provides RADIUS transport over TCP, as per the
> following document:
>
> http://tools.ietf.org/html/draft-dekok-radext-tcp-transport-01
>
> Using "bare" TCP without TLS is't a good idea in most cases. But it's
> useful for testing, and can help with the transition to RadSec.
>
Just thinking out loud, but RADIUS over SCTP I would have thought would
be been more appropriate than TCP (as RFC3436 describes SCTP with TLS)
with the multiplexing of sessions being built in?
Would mean your ID field limitation could be removed...
However, as I do not plan on submitting patches, do ignore me :)
Cheers
--
Alexander Clouter
.sigmonster says: If God is One, what is bad?
-- Charles Manson
More information about the Freeradius-Users
mailing list