sqlippool additional information

Matthew Newton mcn at freeradius.org
Thu Dec 6 17:27:42 CET 2018


On Thu, 2018-12-06 at 09:00 -0500, Alan DeKok wrote:
> On Dec 5, 2018, at 10:35 PM, Nathan Ward <lists+freeradius at daork.net>
> wrote:
> > I can optimise the above in to the query cache, aside for one
> > query, by doing (pseudocode):
> > - control:Internal-Attr-Prefix = SELECT prefix FROM prefixes WHERE
> > prefix >>= ‘%{reply:Framed-IP-Address}’;
> > - reply:Attribute-1 = SELECT attribute1 FROM prefixes WHERE prefix
> > = ‘%{control:Internal-Attr-Prefix}’;
...
> > 
> > But, it’s still not ideal - I’d rather avoid the round trip to the
> > DB over and over, and just get all the attributes in one hit.
> > 
>   Yeah.  That's why we added "map" in v4:
> 
> 	map sql select {
> 		radius-attribute = sql-column
> 		...
> 	}
> 
>   Which does multiple things in one go.

Can do that with rlm_ldap in v3 - use the ldap config update{} section
to map radius attrs to LDAP attrs.

Redis (or maybe SQL) for IPs, LDAP for network options is probably a
reasonable place.

Or Redis for all of it, if you want to go fast.

-- 
Matthew



More information about the Freeradius-Users mailing list