reply_log issue

Alan DeKok aland at deployingradius.com
Wed Feb 24 23:14:25 CET 2010


Mark Jones wrote:
> We have a radius server that out las comunicate to for authentication
> and accounting.

  Please review your posts for spelling and grammer.  It's difficult to
understand your questions when they are full of nonsensical phrases.

> Accounting is not stored localy it is wrote to an sql database on
> another server. We have setup the buffered-sql section so that
> accounting is wrote to a local detail file then read from the file and
> wrote to the remote sql server.

  OK...

> the reason we do this is if the sql server is under heavy load or does
> not respond in a timly manor then the accounting accept message is
> delayed or never sent back to the nas so it can end up marking the
> radius server as down which is bad. So the buffered sql has fixed that
> potential problem.

  Yes, that's how it's intended to be used.

> The current problem is to do with post-auth rejects and accepts being
> logged to the remote sql server. We are in the same situation that if
> the remote server does not accept the write of the post-auth then the
> user that tried to login actually gets rejected. So I want to write the
> items to a file then send them to the sql server as available.

  See the sql_log module.  raddb/modules/sql_log, and "man rlm_sql_log".

  It does exactly this.

> I know I can do this with the sql_log feature and radsqlrealy but would
> prefer to do it with the radius server itself not via external program.
> 
> Does that make sense?

  Yes, but that's not supported right now in the main server.  It's
actually pretty hard to do.

  A separate radsqlrelay program isn't very complicated to run.

  Alan DeKok.



More information about the Freeradius-Users mailing list