Hi, > It is an issue that has been discussed previously and FreeRADIUS is > unlikely to ever do an SQL SELECT of the nas table for every inbound > packet. What may be possible is to reload the nas list at certain intervals > (from cron is the easiest) but until/unless HUP handling is improved that > is problematic for deployments that need to keep session state (ie. EAP > users). If you dont use EAP, then there is no problem doing a full restart > on a regular basis..
regular checks still would be a waste of resources most of the time (how often do you add a NAS?). How about: - doing the SQL query when it encounters a request from a new, unknown IP address, - RATE-LIMITED to once per minute or so. That would make re-reading event-driven, and not make the server be DoS'ed when a wave of fake requests comes in. Not sure how difficult to implement this though... Stefan -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: [EMAIL PROTECTED] Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
signature.asc
Description: This is a digitally signed message part.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
