ipaddr, ipv4addr ipv6addr

Arran Cudbard-Bell a.cudbardb at freeradius.org
Sat May 31 11:49:39 CEST 2014


On 31 May 2014, at 10:27, Alan Buxey <A.L.M.Buxey at LBORO.AC.UK> wrote:

> Hi
> 
> AAAA record should be used first if present. But if there's an a A and AAAA then both should be used too

I sort of agree, but that would break any existing implementations where the home_server has A and AAAA records but is not listening on it's V6 address, so it's really not a good idea.

> , ie in client or proxy mode - we have dual stack and gave both v6 and v4 defined to give us routing resiliency

If you want this behaviour then define a v4 and v6 home server and use ipv4addr and ipv6addr, that's exactly the sort of scenario they were added for.

Else the server would have to add both, then go through a vetting process to figure out whether there's a server listening on both the v4 and v6 addresses.

The logic we have here may not be the same for things like dynamic home servers/dynamic discovery. There's a very big difference between the system administrator hard coding the addresses of servers, and FreeRADIUS having to discover the state of the world from a realm.

> Also... if the address doesn't resolve the server fails to start? Ouch. Very nasty behaviour -1 

You've specified a remote resource which doesn't exist. It's the same with the connection pool, if it can't establish 'start' connections for a pool the server fails to start.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140531/352c6dd7/attachment.pgp>


More information about the Freeradius-Users mailing list