use detail file to proxy Access-Request

Alan DeKok aland at deployingradius.com
Thu Jul 20 14:26:57 CEST 2017


On Jul 20, 2017, at 6:33 AM, adrian.p.smith at bt.com wrote:
> 
> For some testing we are doing it's desirable to send some existing Access-Request traffic to an additional remote server.

  That should be just proxying...

> For Accounting we routinely use a detail file with an associated listening server to achieve this. Looking at the source code, it appears that a detail file listener throws access requests away.

  Yup.

> Is there any other way to get this working please?

  The detail file doesn't handle Access-Requests because they can't be delayed.  i.e. An Accounting-Request packet that's been sitting in a detail file for 2 hrs can still be sent to a home server.  An Access-Request packet can't be sent 2 hrs later, because the client has given up.

  There's also no way to get the responses back from the home server, through the detail file, and back to the client.

  So... a better question is what, exactly are the requirements, and why?

  As a short note... all of this will become trivial in v4 once that's done.  Proxying packets to multiple destinations, etc. will be a 5-line config, instead of "impossible" as it is today.

  Alan DeKok.




More information about the Freeradius-Users mailing list