[EXT] Using netbox as a backend for FreeRADIUS
Brian Julin
BJulin at clarku.edu
Mon Mar 10 19:12:26 UTC 2025
Michael Schwartzkopff wrote:
> I jusst published a blog article how to use netbox as a backend for
> FreeRADIUS to lookup MAC addresses for MAC-bypass. It is a nice exercise
> of the use of the rest module of FreeRADIUS.
Nice... yes netbox is a pretty easy REST target. I'd encourage a test environment with
it though as the netbox devs like to... change stuff... a lot.
Also, last time I looked at rlm_rest I was a bit concerned about the number of connections
it seems to want to keep running. Maybe overly so... there isn't much of a guide about
whether every thread really needs a connection or whatnot. Consolidated all transactions
into an SQL database to eliminate races and batched them up from a single-connection
REST script instead.
A linux box running netbox won't be bothered very much by this but with some appliances
there's a pretty low limit on the number of REST connections allowed, so if you have a lot
of services/servers trying to hit something over REST any extra connections can add up fast.
Maybe I misunderstand the way REST uses connections or maybe FR4 has improvements
in sharing live connections between threads.
More information about the Freeradius-Users
mailing list