Some new features in the v3.0.x branch

Alan DeKok aland at deployingradius.com
Mon Jul 26 20:56:49 CEST 2021


  There are some interesting new features available now in the v3.0.x branch.  Initial documentation is here:

https://github.com/FreeRADIUS/freeradius-server/tree/v3.0.x/raddb/certs/realms#readme

  In short, it's now trivial to have one EAP module serve multiple realms, each with their own certificate chain.

  I've also added Server Name Indication (SNI) for RadSec.  This allows for the same kind of realm selection in RadSec.

  SNI also allows tools like haproxy to accept many TLS connections, and then forward "realm A" to home server A (over TCP), and "realm B" to home server B.  This configuration allows for increased scalability and load balancing.

  Any questions or comments?

  Alan DeKok.




More information about the Freeradius-Users mailing list