Dynamic Realms (3.07)

[Alan DeKok]

On May 4, 2015, at 12:40 PM, Evan Greco <egreco at elevenwireless.com> wrote:
> I am trying to configure a FreeRADIUS server (version 3.07) to "create" dynamic realms on-the-fly.  For example, upon receiving an Access-Request, I would like to be able look up the user in a database and proxy the user to another RADIUS server based on what the query returns, but NOT have the proxy server be defined in proxy.conf.

  That's more difficult than you think.

  Things like home servers should be *cached*.  This caching gives enormous performance improvements over dynamic lookups.  In addition, it improves network stability, because multiple requests share the same cached home server.  So fail-over, fail-back, etc. all happen *once*, instead of being re-discovered for every request.

>  From what I can tell, this doesn't currently seem to be possible as I can't run any type of unlang in proxy.conf, since it gets read during server initialization, but I've been wrong before.

  Nothing in the documentation or examples says you can put unlang policies into proxy.conf.  So you can't do that.

>  Has anybody managed to get a similar system up and running?

  Some of the basics exist in the server.  But it's not production ready.

  Alan DeKok.