Virtual server specific SQL schema.
Alan DeKok
aland at deployingradius.com
Wed Jun 16 08:21:45 CEST 2010
Stephen Fulton wrote:
> The second is that
> the NAS'es which will communicate with this RADIUS cluster are known to
> drop auth requests and issue a denial if the response is not "quick"
> enough. Unfortunately this is a 3rd party managed set of NAS'es, and
> therefore limited in what I can do.
Refer them to RFC 5080, which has a recommended retransmit policy.
i.e. ask them to implement RADIUS. :)
If you want to share one MySQL instance across multiple virtual
servers, it's relatively easy. The MySQL queries are editable for a
reason. Change the ${authcheck_table} references to
%{SQL-Auth-Check-Table} and similarly for the rest of the table names.
Go to raddb/dictionary, and define SQL-Auth-Check-Table as a "string"
attribute.
Then for each virtual server "authorize" and "preacct" sections, do:
update request {
SQL-Auth-Check-Table := "table-for-this-vs"
...
}
i.e. add a layer of indirection for the table names, and update them
in each virtual server.
Alan DeKok.
More information about the Freeradius-Users
mailing list