[EXT] Re: FR 3.0 radsec : dynamic home server discovery status

[Brian Julin]

There's some stale... geez 7 years stale I can't believe it's been that long... code
in my github tree that does async lookups via NAPTR.  But it's just the lookup.
It doesn't touch the home server config to add or remove home servers and
I think given what the core devs say about v4, you'd be much better off trying
to pull that off under v4's architecture.

https://github.com/skids/freeradius-server/tree/ddds

> Alejandro Perez-Mendez <alex.perez-mendez at jisc.ac.uk>
> El 4/3/20 a las 16:16, Alan DeKok escribió:
>> On Mar 4, 2020, at 9:53 AM, Alejandro Perez-Mendez <alex.perez-mendez at JISC.AC.UK> wrote:
>>> In v3 we've got the rlm_realm module, which we use for the Trust Router protocol, which is somewhat a dynamic discovery mechanism. Would it be very difficult to add another discovery mechanism there?
>>    The issue is DNS lookups.  We would need to do them via some async method, otherwise the server just shuts down.

> That's right, but for the TR we make this sync anyway, and it works good
> enough, since the blocking method only happens once per realm during the
> first attempt.

> Just mentioning that for providing a just-works solution it might be an
> approach to take into account.
>>    The internals of v4 are 100% async, so this is almost trivial to do there.  In v3, it's just a lot more complex.

> Agreed. But for v3 it could be synchronous.

There's some stale... geez 7 years stale I can't believe it's been that long... code
in my github tree that does async lookups via NAPTR over libunbound.  But it's
just the lookup. It doesn't touch the home server config to add or remove home
servers and I think given what the core devs say about v4, you'd be much better
off trying to pull that off under v4's architecture.  You might be able to cram that into
doing a sync lookup at boot time and then figure out how to alter the config before
the home servers are instantiated, I dunno.

https://github.com/skids/freeradius-server/tree/ddds