Simultaneous-Use Checking with FreeRadius + MYSQL
Fajar A. Nugraha
list at fajar.net
Wed Nov 9 02:04:27 CET 2011
On Wed, Nov 9, 2011 at 5:11 AM, Erik <heidebock at gmail.com> wrote:
> I've read in prior posts where you said that checkrad should
> initiate regardless if the radutmp or mysql modules were used.
I really don't recommend using radutmp. And if you use sql, there's no
need to use checkrad. Simultanous check is done using simple queries.
>
>> Reflash the NAS so that it has a firmware which supports this feature.
> which feature(s)? RADIUS accounting, SNMP, finger, or rusers? Your
If you use sql, you only need the NAS to send accounting.
In my setup (pretty large deployment), we only check sql records to
see whether a user is online or not. We don't check the NAS whether
the user is ACTUALLY online, since checking the NAS directly can be
slow.
If you REALLY want to verify with the NAS, then the NAS should provide
some kind of mechanism. Checkrad supports multiple vendors and
multiple mechanism (read the file checkrad, it's documented). You
could even modify it and write your own mechanism.
> guidance here would really help so I can make sure I acquire
> appropriate NAS' in the future.
> Generally, is there any way to get simultaneous-use to work if a given
> NAS doesn't send accounting packets to the radius server? 3rd party
> software?
I'd say don't bother.
It MIGHT be possible if you write your own checkrad-like program and
check ONLY the username, and the NAS can answer whether the username
is online or not.
--
Fajar
More information about the Freeradius-Users
mailing list