Virtual server specific SQL schema.

Alan DeKok aland at deployingradius.com
Wed Jun 16 08:21:45 CEST 2010


Stephen Fulton wrote:
>  The second is that
> the NAS'es which will communicate with this RADIUS cluster are known to
> drop auth requests and issue a denial if the response is not "quick"
> enough.  Unfortunately this is a 3rd party managed set of NAS'es, and
> therefore limited in what I can do.

  Refer them to RFC 5080, which has a recommended retransmit policy.

  i.e. ask them to implement RADIUS. :)

  If you want to share one MySQL instance across multiple virtual
servers, it's relatively easy.  The MySQL queries are editable for a
reason.  Change the ${authcheck_table} references to
%{SQL-Auth-Check-Table} and similarly for the rest of the table names.

  Go to raddb/dictionary, and define SQL-Auth-Check-Table as a "string"
attribute.

  Then for each virtual server "authorize" and "preacct" sections, do:

	update request {
		SQL-Auth-Check-Table := "table-for-this-vs"
		...
	}

  i.e. add a layer of indirection for the table names, and update them
in each virtual server.

  Alan DeKok.



More information about the Freeradius-Users mailing list