Dynamic proxies??

[Alan DeKok]

On Jul 15, 2015, at 4:48 PM, Peter Lambrechtsen <peter at crypt.co.nz> wrote:
> Has anyone ever thought of having a similar module as dynamic clients where
> you can pull proxies for external realms from an external source using
> unlang such as sql or ldap??

  Yes.  In v3.0, there is preliminary support for dynamic realms.  Right now, it's only possible via the trust router code.  It's probably not *that* difficult to extend it for additional methods.

  My $0.02 would be add a "dynamic_realm" module, just like with dynamic clients.  Have it look for the Proxy-To-Realm attribute, and if found, look up a filename in a subdirectory on disk.  Then, load the realm from that subdirectory.

> I have an interesting use case where I am looking to replace an existing
> radius proxy server with FreeRadius that has a lot of downstream proxies.
> So far the the best option I have is to copy the proxies.conf across all
> the instances and HUP the config whenever a new realm is added or removed
> and wondered if there was a smarter way to do it.

  Dynamic realms would help.

  Alan DeKok.