Some new features in the v3.0.x branch
Alan DeKok
aland at deployingradius.com
Mon Jul 26 20:56:49 CEST 2021
There are some interesting new features available now in the v3.0.x branch. Initial documentation is here:
https://github.com/FreeRADIUS/freeradius-server/tree/v3.0.x/raddb/certs/realms#readme
In short, it's now trivial to have one EAP module serve multiple realms, each with their own certificate chain.
I've also added Server Name Indication (SNI) for RadSec. This allows for the same kind of realm selection in RadSec.
SNI also allows tools like haproxy to accept many TLS connections, and then forward "realm A" to home server A (over TCP), and "realm B" to home server B. This configuration allows for increased scalability and load balancing.
Any questions or comments?
Alan DeKok.
More information about the Freeradius-Users
mailing list