FR 3.0 radsec : dynamic home server discovery status

Alan DeKok aland at
Fri Mar 13 14:54:18 CET 2020

On Mar 13, 2020, at 8:57 AM, Stefan Winter <stefan.winter at> wrote:
> many hundreds of realms set NAPTR records in eduroam. Those typically
> point to an approximate dozen of country-level endpoints which take the
> traffic from there over RADIUS/UDP.

  That makes sense.

> To be honest, the lack of NAPTR lookup capability is my #1 reason why
> I'm using Radiator and radsecproxy as the two RADIUS implementations for
> my own country-level servers. Both allow dynamic lookups.

  We'll take a look at this for v3.  If it's important to the community, we're happy to add features.

  The main concern is how much needs to change in v3.   The architecture there is fairly limited for things like dynamic DNS queries.

  If admins are happy with *blocking* DNS queries, it's a lot easier to add.  And then if DNS goes down, so does FreeRADIUS.  But the solution there is "don't do that..."

  Alan DeKok.

More information about the Freeradius-Users mailing list