FR 3.0 radsec : dynamic home server discovery status

[Alan DeKok]

On Mar 13, 2020, at 11:44 AM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
> For v3 I think poking via radmin to add new destinations might be a reasonably simple way to do this asynchronously.

  I agree.

> Request comes in for new realm, calls exec to trigger a script to do the resolution and insert the realm info via radmin (maybe just have the ability to define new realms via config snippets?). FR doesn't responsd to the original request.
> 
> Retransmit comes in, gets forwarded to realm that's now magically appeared.

  Sure.

> Synchronisation for the realm rbtree would be a pain, but as this is relatively low volume, maybe just add a toggle that puts a mutex around the tree?

  There's already a mutex for the moonshot / trust router stuff.

> Actually adding radsec and dynamic realm support is much much easier in v4.

  Yeah.

  One simple reason is that in v4, the realms are *not* part of the core server configuration / code.  So it's easy to add / edit / delete them.

  Alan DeKok.