Alan DeKok wrote:
B Thompson <[EMAIL PROTECTED]> wrote:
http://lists.freeradius.org/mailman/htdig/freeradius-users/2006-March/051856.html
A short work-around (i.e. hack) may be to not reload everything on HUP.
Why are you HUPing it so often?
I realise this question wasn't directed to me, but the reason we HUP it
so often is to reload a *large* rlm_passwd map in response to users
registering and de-registering for things, and users being blocked and
unblocked.
I realise in theory an SQL lookup might make more sense, but frankly
we've found SQL in FreeRadius to be less-than reliable in the past, and
it's certainly never going to be anything like as fast as rlm_passwd.
Largely these issues were to do with peak load scaling and MVCC issues
in Postgres (MySQL not being an option).
It's my intention to write and contribute an rlm_tdb module at some
point when I have the free time (ha!) which would allow update processes
to write to the binary map file whilst FR is running e.g.
modules
tdb mac2zone {
file = %{confdir}/mac2zone.tdb
key = "Calling-Station-Id"
result = "~MyZone ~MyHostId"
}
tdb nas2vlanset {
file = %{confdir}/nas2vlanset.tdb
key = "NAS-IP-Address"
result = "~MyVlanset ~MyNasId"
}
tdb zonevlan2vlan {
file = %{confdir}/zonevlan2vlan
key = "MyZone MyVlanset"
result = "Tunnel-Private-Group-Id"
}
}
authorize {
preprocess
files
Autz-Type MACBASEVLANS {
mac2zone
nas2vlanset
zonevlan2vlan
}
}
...and one could update the .tdb live
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
