On Tuesday 27 March 2007 18:13:09 Alexander Papenburg wrote: > Hi Freeradius-Mailing-List, > > does anyone of you differentiate sql database table with realms? > E.g.: > > Auth-Requests for [EMAIL PROTECTED] will be checked against table db_radius1 > Auth-Requests for [EMAIL PROTECTED] will be checked against table db_radius2 > .....and so on. > > I already found out that it is possible to use multiple sql instances, > but for what i understand is that they would be asked/checked one after > another. That would be nice for failover scenarios but if there are > about 20-30 realms to check it would be result in a very slow > performance (depending on mysql host speed). > So is there a better way to solve this Problem? All users in one > database is at the time unfortunately no option... > > > Thanks in advance > > Alex
An example of this is below. In each sql definition you can define the
different queries necessary to handle a particular realm. realm3 shows how
to allow multiple realms to use the same db/SQL queries, so you can easily
merge the databases over time and update the users file to reflect the db
changes.
Kevin Bonner
== sql.conf ==
sql db1 { ... }
sql db2 { ... }
...
== sql.conf ==
== radiusd.conf ==
authorize {
...
Autz-Type SQL1 {
db1
}
Autz-Type SQL2 {
db2
}
}
== radiusd.conf ==
== users ==
DEFAULT Realm == "realm1", Autz-Type := SQL1
DEFAULT Realm == "realm2", Autz-Type := SQL2
DEFAULT Realm == "realm3", Autz-Type := SQL2
... OR
DEFAULT User-Name =~ "@realm1$", Autz-Type := SQL1
DEFAULT User-Name =~ "@realm2$", Autz-Type := SQL2
DEFAULT User-Name =~ "@realm3$", Autz-Type := SQL2
== users ==
pgpe2o0vglrsB.pgp
Description: PGP signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
