cucidhcp merged

Alan DeKok aland at deployingradius.com
Tue Aug 23 15:28:51 CEST 2011


Stephen R. van den Berg wrote:
> The reason one would not want to use a different DHCP server is because
> freeradius allows controlling the DHCP server using a RADIUS backend.

  No.

  FreeRADIUS is (pretty much) no longer just a RADIUS server.  It's a
generic policy && protocol server.  It does RADIUS, DHCP, and VMPS.
Other protocols are likely to be added: TACACS+, and maybe ARP.

  The goal for 3.0 (or maybe 3.1) is to move the protocol-specific code
into plugin libraries.  The server core will know *nothing* about RADIUS.

> This allows for more finegrained control over the DHCP responses
> than most other DHCP servers provide.

  Which is exactly the reason why relaying support should be added, too.

> DHCP relay functionality, however, is a rather dull and simple task.
> Just about the only configurable thing about a DHCP relay is the
> IP address of the upstream DHCP server it relays to.
> Embedding this functionality in a radius server doesn't give you
> great benefits.  A small program like dhcp-helper does the relaying
> part just fine (at least as good as, if not better than freeradius).

  dhcp-helper hasn't been updated in 3 years.  It's Linux only.  It
doesn't do policies.

  FreeRADIUS is portable to many different platforms.  It does policies.
 Having a policy-enabled DHCP relay across many platforms is very useful.

  Alan DeKok.



More information about the Freeradius-Devel mailing list