On 02/25/2013 11:32 AM, Bertalan Voros wrote:
Hello All,
In order to be able to use the home server pools and fail-over I had to
create a list of 277 realms.
There are now 277 entires similar to this:
realm domain.com <http://domain.com> {
auth_pool = my_auth_failover
nostrip
}
Do all the realms point to the same or a few servers/pools?
Could I use an $INCLUDE statement here to maintain the list of realms in
a separate file?
That way it would be easier to automate the creation of the realms list.
Is there a better way of doing this?
If they all point to the same (or a small number of) server pool(s),
then yes - don't use the suffix/realm module, and instead set Realm /
Proxy-To-Realm manually, like so:
authorize {
if (User-Name =~ /some regexp/) {
update request {
Realm := "BLAH.BLAH"
}
update control {
Proxy-To-Realm := "UPSTREAM"
}
}
...
}
Only realms from "Proxy-To-Realm" need to be defined in proxy.conf - in
this case, UPSTREAM.
If they all point to different home server/pool(s) then you just
continue what you're doing, using $INCLUDE.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
