Define coa_server for clients in nas table

Jorge Pereira jpereiran at gmail.com
Wed Oct 28 20:00:35 CET 2015 

On Wed, Oct 28, 2015 at 2:10 PM, Alan DeKok <aland at deployingradius.com>
wrote:

> On Oct 28, 2015, at 11:47 AM, Bryan Mesich <bryan.mesich at digikey.com>
> wrote:
> > I have a functioning FreeRadius 3.0.10 installation that currently uses
> > the rlm_sql module for accounting and authorization.  The setup is
> > composed of 2 FreeRadius servers with a MariaDB/Galara cluster.  I'm
> > interested in using the nas table in the database rather than
> > clients.conf when configuring my clients.
>
>   That should work.
>
> > Each NAS "client" has a corresponding home_server defined in
> > sites-enabled/originate-coa, which the client gets tied to with the
> > coa_server parameter in clients.con:
>
>   Yes...
>
> > The provided radius schema does not include a coa_server field in the
> > nas table.  One would think that would be needed in order for clients
> > that are defined in the db to use the appropriate CoA server.
>
>   Yes.  It's not there.
>
>   Patches are welcome.
>

I have made this, but the Arran word was: Only in 3.1.x! currently is
possible to reuse
the logic of  client_afrom_cs() that has a option with_coa

src/include/clients.h:RADCLIENT *client_afrom_cs(TALLOC_CTX *ctx,
CONF_SECTION *cs, bool in_server, *bool with_coa*);

My patch is simple: if exist the key with_coa=true in the client { }
sections. just create a home_server based.


>
> >  Looking
> > at the source code, I located the function generate_sql_clients(),
> > which appears to parse the records returned from the query defined for
> > the particular DB platform (mods-config/sql/main/mysql/queries.conf in
> > this case).
>
>   Yes.
>
> > It doesn't appear to be possible to define a coa_server for a client
> > that is defined in the nas table.  Is it possible for FreeRadius to
> > identify the appropriate CoA home_server based on the IP address that
> > originated the request (thus not requiring the coa_server parameter)?
>
>   Sure.  That information has to be stored somewhere, and retrieved
> somewhere.  Those are policies you can create.
>
>   You'll have to store the NAS IP in an accounting table for each user.
> Then when you want to disconnect a user, look up the NAS IP in the
> accounting table.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list