New dynamic IP pools module

Peter Nixon listuser at
Sat Jan 27 13:53:31 CET 2007

On Sat 27 Jan 2007 09:42, Alan DeKok wrote:
> Pawel Foremski wrote:
> > On Saturday 27 January 2007 01:10, Peter Nixon wrote:
> >> I will check it out in more detail next week. Has it been tested with
> >> Postgresql?
> >
> > No, as it's clearly stated in docs, it works only with MySQL.
> >
> > Porting would require making the database access method more general,
> > and probably rewriting some SQL queries (or just making them
> > configurable) -- just in case someone wants to volunteer ;-).
>   It might not be too hard.  We'll see.  If we do add the module, it's
> probably best to call it something other than "netvim".

I agree, but please don't call it rlm_sqlippool2 :-)

As a comparison of the features:

* 958 lines of code
+ Supports any database supported by FreeRADIUS
+ Uses 1 SQL table (per instance)
* Supports multiple IP ranges per pool

* 831 lines of code
- Supports MySQL only
- Use 6 different SQL tables
- Does some periodic synchronization steps to keep tables up to date
* Supports multiple IP ranges by creating different pools and then grouping 
+ Supports pool priorities (based on utilization and weighting)
end the host group loop

Please note that I have yet to test the code (just scanning it by eye) so 
please feel free to correct any mis-statements I made.

The basic claim to fame that I can see is that it supports multiple, 
prioritized pools for a single host group (whatever that is). I am 
interested in how this applies generally in different configurations with 
different access methods, but it is an interesting idea. sqlippool does 
support multiple IP ranges in the same pool, and could do simple 
prioritization/fallback by have multiple instances of the module using a 
different sql table each. (Not say that this is better or worse, just that 
it should be possible)

Now, I am a fan of leveraging SQL to get jobs done, but without a production 
test I am not sure whether the extra complexity (it seems that it would also 
be significantly slower than sqlippool) is worth it. Obviously someone finds 
it usefull though, or it wouldn't have been written. :-)

I think this should probably go into cvs head, but with an appropriate name 
(and documentation). I can see that this is going to cause even more 
confusion with the people who come on the list and ask about DHCP/IPPools so 
it is important that we document the advantages of each available module 
clearly. would be a good place to start.


Peter Nixon
PGP Key:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the Freeradius-Devel mailing list