IP pools with rlm_sql_mongo + some general testing with MongoDB
Alan DeKok
aland at deployingradius.com
Mon Feb 17 14:17:19 CET 2020
On Feb 17, 2020, at 5:39 AM, Benjamin Thompson <b.thompson at latera.ru> wrote:
> In case it is useful to anyone else, I ended up with something like this:
Not trivial, but definitely powerful.
> I do recommend FreeRADIUS to others (including for DHCP) and can't see
> that anyone would go back to ISC after trying it.
The things which are easy in ISC can be difficult in FreeRADIUS. i.e. basic rules around static IPs, etc.
The things which are impossible in FreeRADIUS are only slightly more difficult in FreeRADIUS. FreeRADIUS has higher performance than ISC, is more flexible, supports more database back-ends, etc.
In some sites we're seeing 8K DORAs per second with a Redis cluster back-end, and minimal logic. When we add multiple round-trips to databases for various other policy checks, that drops to "only" 2K DORAs per second.
> One thing though
> which our clients are asking for more and more is DHCPv6 so on our
> wishlist we are hoping that you will be get this in (v4) at some
> point.
Hmm...
$ cd ~/git/v4
$ ls src/protocols/dhcpv6
all.mk attrs.h base.c decode.c dhcpv6.h encode.c packet.c
$ ls src/tests/unit/protocols/dhcpv6
addresses.txt packet_domain-list.txt rfc6225.txt
bools.txt packet_ia-na.txt rfc6355.txt
dates.txt packet_ia-pd.txt rfc6939.txt
dictionary packet_ia-ta.txt rfc7078.txt
dns_wire_format.txt packet_ntp-server.txt rfc7600.txt
fixed_element_arrays.txt packet_sip-server-d.txt rfc8415.txt
integers.txt rfc3315.txt strings.txt
microsoft.txt rfc3319.txt tlvs.txt
packet.txt rfc3633.txt variable_element_arrays.txt
packet_AFTR-Name-rfc6334.txt rfc3646.txt
packet_client_server.txt rfc4704.txt
I have no idea what that's about. :)
The main difficulty with DHCPv6 is that it doesn't do TLVs. It allocates all attributes from the same global attribute space. Including sub-attributes. Allowing this in v4 requires some fairly substantial rework of core pieces. So that's taking time.
Alan DeKok.
More information about the Freeradius-Users
mailing list