Freeradius-Users Digest, Vol 119, Issue 17

kanmongkhon buasa thaimat1997 at gmail.com
Wed Mar 4 15:43:33 CET 2015


http://paidvertsmoneynew.blogspot.com/

2015-03-04 21:36 GMT+07:00 <freeradius-users-request at lists.freeradius.org>:

> Send Freeradius-Users mailing list submissions to
>         freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
>         freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
>         freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
>    1. Re: Weird issue - threads bottleneck in post-proxy section
>       (Alan DeKok)
>    2. Re: Question about multiple sql databases! (Alan DeKok)
>    3. Insert accounting data in different tables based on realm
>       (Francisco Amaral)
>    4. Re: Question about multiple sql databases! (Haviaras Kostas)
>    5. redis Module "rlm_redis" not available in Freeradius 2.2.5 ?
>       (tom greisch)
>    6. Re: redis Module "rlm_redis" not available in Freeradius
>       2.2.5 ? (Herwin Weststrate)
>    7. Re: Question about multiple sql databases! (Haviaras Kostas)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 4 Mar 2015 07:54:17 -0500
> From: Alan DeKok <aland at deployingradius.com>
> To: FreeRadius users mailing list
>         <freeradius-users at lists.freeradius.org>
> Subject: Re: Weird issue - threads bottleneck in post-proxy section
> Message-ID: <51284ED0-4211-4D88-8047-4B9CC62864E9 at deployingradius.com>
> Content-Type: text/plain; charset=windows-1252
>
> On Mar 4, 2015, at 3:53 AM, RESTOUX, Loïc <loic.restoux at capgemini.com>
> wrote:
> > Do you mean that you reach 20K pps with time-consuming processing in
> post-proxy ?
>
>   I mean there’s 20K PPS with a carefully crafted configuration.  So
> FreeRADIUS *can* do 20Kpps proxying.
>
> > It's a critical point, because it means that there is something bad in
> our overall environment, not in FreeRADIUS.
>
>   Yes.  There is nothing in the server which is designed to destroy
> performance.  The server core is designed to run as fast as possible.
>
>   But… if you use EAP (TLS), performance drops about 90%.  That’s due to
> the CPU overhead of calculating the RSA keys.  If you use a database,
> performance drops a similar amount.  Because databases have to write to
> disk, and disks are slow.
>
>   I have *never* seen the server proxy 100 pps, even with complex rules in
> pre and post-proxy.  So there’s something weird about your local system.
>
>   Alan DeKok.
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 4 Mar 2015 07:57:41 -0500
> From: Alan DeKok <aland at deployingradius.com>
> To: FreeRadius users mailing list
>         <freeradius-users at lists.freeradius.org>
> Subject: Re: Question about multiple sql databases!
> Message-ID: <7C10500A-FCCF-4079-8B86-B54B06A8DF6A at deployingradius.com>
> Content-Type: text/plain; charset=windows-1252
>
> On Mar 4, 2015, at 2:50 AM, Haviaras Kostas <koshalirod at gmail.com> wrote
> > I just tested, you are right, I am getting the same result! You know how
> to
> > solve this ???
>
>   Configure multiple SQL modules.  One for each virtual server.
>
>   Or, update the queries to include a “database table” field.  Take that
> field from a RADIUS attribute.  Probably one you create yourself (see
> raddb/dictionary).  Then, in each virtual server, set the value of that
> attribute to the correct database table.  And then use the same SQL module
> in all 3 virtual servers.
>
>   Alan DeKok.
>
>
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 4 Mar 2015 13:07:10 +0000
> From: Francisco Amaral <famaral at towerstream.com>
> To: "freeradius-users at lists.freeradius.org"
>         <freeradius-users at lists.freeradius.org>
> Subject: Insert accounting data in different tables based on realm
> Message-ID: <1425474427863.49191 at towerstream.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hello,
>
>
> I am trying to insert accounting data from different realms into different
> tables in MySQL. I would rather not have this run on the database server as
> a stored procedure, or spin up another pair of radius servers for every
> realm if possible.
>
>
> For instance I would like to:
>
>
> insert accounting data for user at example.org into radiusdb.radacct
>
> insert accounting data for user at example.com into radiusdb.radaccttemp
>
>
> Could someone point me in the right direction if this is even possible in
> FreeRADIUS before I call support? It seems to me like this has probably
> been done somewhere and I would not have to re-invent the wheel.
>
>
> I have been searching quite a bit the last few days and can't find an
> example.
>
>
> Regards,
>
>
> //F
>
>
> Francisco Amaral
> Senior Wi-Fi Networks Engineer
> Phone: (866) 848-5848 x 318
> Fax: (866) 762-2250
> Mobile: (401) 862-0526
> Website: http://www.towerstream.com
> towerstream
>
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 4 Mar 2015 15:41:00 +0200
> From: Haviaras Kostas <koshalirod at gmail.com>
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Question about multiple sql databases!
> Message-ID:
>         <
> CAMALVUM9-t3_AH2D1OrX8UGXHS-mfhfBFWGRKYfqZqwjaLvB7Q at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> >> I just tested, you are right, I am getting the same result! You know how
> to
> >> solve this ???
> >
> > Configure multiple SQL modules.  One for each virtual server.
> >
> >  Or, update the queries to include a “database table” field.  Take that
> field from a RADIUS >attribute.  Probably one you create yourself (see
> raddb/dictionary).  Then, in each virtual server, set > the value of that
> attribute to the correct database table.  And then use the same SQL module
> in >all 3 virtual servers.
> >
> > Alan DeKok.
>
> Thanks for your response Alan, I have configure 3 SQL modules in the sql
> file, one for each virtual server and when I am connecting to one virtual
> server it is connect also to the other 2. My sql module is like this:
> /etc/freeradius/mods-enabled/sql:
> sql{
> }
> sql fordb1{
>
> }
> sql fordb2{
>
> }
> sql fordb3{
>
> }
> And my virtual servers are in the /etc/freeradius/sites-enabled/server1
> server server1{
>
>     listen {
>         type = auth
>         ipaddr = *
>         port = 50002
>         limit {
>             max_connections = 16
>             lifetime = 0
>             idle_timeout = 30
>         }
>     }
>
>     listen {
>         type = acct
>         ipaddr = *
>         port = 50003
>         limit {
>         }
>     }
>
>     listen {
>         type = auth
>         ipv6addr = ::
>         port = 50002
>         limit {
>             max_connections = 16
>             lifetime = 0
>             idle_timeout = 30
>         }
>     }
>
>     listen {
>         ipv6addr = ::
>         port = 50003
>         type = acct
>         limit {
>         }
>     }
>
>     authorize {
>         filter_username
>         preprocess
>         chap
>         mschap
>         digest
>         suffix
>         eap {
>             ok = return
>         }
>         files
>         fordb1
>         checkthetime1
>         -ldap
>         expiration
>         logintime
>         pap
>     }
>
>     authenticate{
>         Auth-Type PAP {
>             pap
>         }
>         Auth-Type CHAP {
>             chap
>         }
>         Auth-Type MS-CHAP {
>             mschap
>         }
>         digest
>         eap
>     }
>
>     preacct {
>         preprocess
>         acct_unique
>         suffix
>         files
>     }
>
>     accounting {
>         detail
>         unix
>         fordb1
>         exec
>         attr_filter.accounting_response
>     }
>
>     session {
>         fordb1
>     }
>
>     post-auth {
>         fordb1
>         exec
>         remove_reply_message_if_eap
>         Post-Auth-Type REJECT {
>             fordb1
>             attr_filter.access_reject
>             eap
>             remove_reply_message_if_eap
>         }
>     }
>
>     pre-proxy {
>     }
>
>     post-proxy {
>         eap
>     }
> }
> And similary I have create the other 2 virtual servers. I have to configure
> anything to radiusd.conf? I don't know if I am missing something here.
> Thanks
>
>
> ------------------------------
>
> Message: 5
> Date: Wed, 4 Mar 2015 14:27:06 +0000 (UTC)
> From: tom greisch <tom.greisch at yahoo.de>
> To: "freeradius-users at lists.freeradius.org"
>         <freeradius-users at lists.freeradius.org>
> Subject: redis Module "rlm_redis" not available in Freeradius 2.2.5 ?
> Message-ID:
>         <124032476.4603484.1425479226428.JavaMail.yahoo at mail.yahoo.com>
> Content-Type: text/plain; charset=UTF-8
>
> Hello everybody,
> I try to install Freeradius on a Debian 8.0 Testmaschine.I used the
> Standard Packetmanager for Installation. So i got Freeradius
> 2.2.5.Authentication works against Active Directory -> everything OK
> After that i wanted to use the redis Module to cache AD User Groups. So i
> configured a Redis Server and the "../freeradius/modules/redis" File.
>
> But when i start Freeradius in debugging Mode i get the following Messages:
> etc/freeradius/modules/redis[10]: Failed to link to module 'rlm_redis':
> file not found
> /etc/freeradius/sites-enabled/inner-tunnel[307]: Failed to find "redis" in
> the "modules" section.
> /etc/freeradius/sites-enabled/inner-tunnel[263]: Errors parsing post-auth
> section.
>
> My Question is:
> -Is the Redis Module (rlm_redis) not part of the standard Freeradius 2.2.5
> Installation?
>
>
>
> ------------------------------
>
> Message: 6
> Date: Wed, 04 Mar 2015 15:35:42 +0100
> From: Herwin Weststrate <herwin at quarantainenet.nl>
> To: tom greisch <tom.greisch at yahoo.de>, FreeRadius users mailing list
>         <freeradius-users at lists.freeradius.org>
> Subject: Re: redis Module "rlm_redis" not available in Freeradius
>         2.2.5 ?
> Message-ID: <54F7183E.2030300 at quarantainenet.nl>
> Content-Type: text/plain; charset=utf-8
>
> On 04-03-15 15:27, tom greisch wrote:
> > Hello everybody,
> > I try to install Freeradius on a Debian 8.0 Testmaschine.I used the
> Standard Packetmanager for Installation. So i got Freeradius
> 2.2.5.Authentication works against Active Directory -> everything OK
> > After that i wanted to use the redis Module to cache AD User Groups. So
> i configured a Redis Server and the "../freeradius/modules/redis" File.
> >
> > But when i start Freeradius in debugging Mode i get the following
> Messages:
> > etc/freeradius/modules/redis[10]: Failed to link to module 'rlm_redis':
> file not found
> > /etc/freeradius/sites-enabled/inner-tunnel[307]: Failed to find "redis"
> in the "modules" section.
> > /etc/freeradius/sites-enabled/inner-tunnel[263]: Errors parsing
> post-auth section.
> >
> > My Question is:
> > -Is the Redis Module (rlm_redis) not part of the standard Freeradius
> 2.2.5 Installation?
>
> It is not listed as a stable module (src/modules/stable), which means
> the Debian package doesn't include it.
>
> --
> Herwin Weststrate
>
>
> ------------------------------
>
> Message: 7
> Date: Wed, 4 Mar 2015 16:36:13 +0200
> From: Haviaras Kostas <koshalirod at gmail.com>
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Question about multiple sql databases!
> Message-ID:
>         <
> CAMALVUNjCs7coV6dE_w4gZk9zMz+UorYdUSsYf12PE_D1C6OUw at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> It matters if the user have the same username in the three databases??
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> ------------------------------
>
> End of Freeradius-Users Digest, Vol 119, Issue 17
> *************************************************
>


More information about the Freeradius-Users mailing list