Freeradius realm using multiple sql and virtual server

Philemon Jaomalaza philemon.jaomalaza at gmail.com
Mon Jun 25 01:59:40 CEST 2018 

FreeRADIUS does not connect to the database set on sql1 beacause I used pool = sql on the module sql1 so all connexion use the sql module config. I commented this line and it work now. Thank's for your help.

Now, I can continue and can you suggested to decide what the best practice and give best performance and memory usage if I want to have a separate service per client :
- define multiple virtual servers with one global "listen" section IP/port for all virtual server.
- define multiple virtual servers and each server has its listen section IP/port difffrent
- define single virtual servers and use if ....elsif....else to select the proper sql module.

It will be for more than 10 NAS and can have more than 50 NAS


Philemon Jaomalaza


-----Message d'origine-----
De : Freeradius-Users [mailto:freeradius-users-bounces+philemon.jaomalaza=gmail.com at lists.freeradius.org] De la part de Alan DeKok
Envoyé : dimanche 24 juin 2018 01:58
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Objet : Re: Freeradius realm using multiple sql and virtual server

On Jun 23, 2018, at 12:30 PM, Philemon Jaomalaza <philemon.jaomalaza at gmail.com> wrote:
> 
> All packets come from different NAS and each NAS must authenticate its users to a specific database, I thought a virtual server will select which database should I use because I saw that it calls the modules sql. and I would configure sql1 on virtual_server1 and sql2 on virtual_server2 and so on.

  Yes, that should happen if FreeRADIUS is configured properly.

> My global scenario are :
> 
> - Now, I have more Virtual Machine where run a freeradius, using database managed by daloradius for AAA and one NAS is for one VM.
> - I want to move all database on a single dedicated server who run a freeradius using multiple database. I want to that One NAS will authentificated their users on spcific database, I think that I can do the selection of database by using the virtuel server et do the select by realm.
> like this :
> NAS1-----> userfromnas1 at realm1------virtual_server---->database1
> NAS2 ----userfromnas2 at realm2------virtual_server2-------> database2

  It's really more:

NAS1-----> virtual_server1----> userfromnas1 at realm1---->database1

  It may also be good to check that people logging in at "NAS1" only use "realm1:.

> What is the best scenarion to do this feature ?

  As I said:

>  Read raddb/sites-available/README.  This documents how virtual servers work.

  Edit each "client" definition, and point the client to the proper virtual server. The documentation for this is in the file I already suggested you should read.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list