Re: VMPS - Initial project ideas
Hairy51 wrote: > Is there any documentation out there on how to get a basic VMPS system up > and running? I am purely in the testing stages at the moment, but would like > to get the box attached to a switch and begin responding to VMPS requests as > quick as possible... There's no quick guide. See also raddb/sites-available/vmps for additional configuration information. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: VMPS - Initial project ideas
Excellent, thanks for all your comments guys - i have managed to successfully download, compile and install the Freeradius 2.1.1 application and have delved into the vmpsd.conf.inf file Is there any documentation out there on how to get a basic VMPS system up and running? I am purely in the testing stages at the moment, but would like to get the box attached to a switch and begin responding to VMPS requests as quick as possible... Any inout much appreciated, Cheers Jon Hairy51 wrote: > > Hi all, > > I am just about to start a project to remove the VMPS system from an aging > catalyst switch and i would like to investigate the possibilty of using > FreeRadius for this. > > We currently have about 1500 hosts that rely on VMPS for dynamic > assignment and an ideal solution would be to move the VMPS service onto a > server (Or multiple servers) with as little interuptions to users as > possible. > > Also, for simplicities sake it would be great if we could re-use the > current Static VMPS file that the catalyst switch uses. > > I have looked into FreeNAC as a solution, but want to investigate other > ways of acheiving this. We do not really need to do anything other than > assign (or block) VLANs, so the extra functionality of FreeNAC is not > needed at this point. > > Considering i am coming from a limited Linux background, how hard would it > be for me to acheive this using FreeRADIUS? Does it sound feasible? I am > really looking for a bit of advice from those with experience of the > FreeRADIUS application and who know of the potential pit-falls and > complications that we may face! > > Many thanks - any comments or idea's much appreciated... > > Cheers > > Jonathan > > > -- View this message in context: http://www.nabble.com/VMPS---Initial-project-ideas-tp20264221p20457684.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: VMPS - Initial project ideas
Hi, > I am just about to start a project to remove the VMPS system from an aging > catalyst switch and i would like to investigate the possibilty of using > FreeRadius for this. yep - no problem. grab the latest version of FreeRADIUS and use the VMPC functionality. fwiw, we migrated to the FreeRADIUS VMPS just over a yera ago - from an openvmps system. reasons? we had FreeRADIUS experience, we needed a full threaded VMPS method that could handle incoming requests from 48-port switches etc. we also needed something that could read our MAC/user details from a database. solution, freeradius 2.x with VMPS module - with the module calling PERL - which did our DB lookups (very big custom queries which we simply cut and pasted from our openvpmc perl wrapper. a couple of days of migration , testing and debugging. and then a very busy night optimising the DB because FR really could whack it solid! (a few multi table indexes and queries went from 0.2s to 0.001s) you may not need or want tha complexity, so just get your data into a plain file which the VMPS module can easily read - see the supplied examples - you should be able to show the current VMPS MAC stuff with the right 'show' command and cut'n'paste the results out into a file (I've never used an actual cisco device to do VMPS - I've heard thats the expected way but hey! :-) ) > really looking for a bit of advice from those with experience of the > FreeRADIUS application and who know of the potential pit-falls and > complications that we may face! 1) compiling from source may need more linux skills 2) handling files and stuff needs skills too 3) debugging the application could be tricky. you might get enough hand-holding via this list alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: VMPS - Initial project ideas
Hairy51 wrote: Hi all, I am just about to start a project to remove the VMPS system from an aging catalyst switch and i would like to investigate the possibilty of using FreeRadius for this. We currently have about 1500 hosts that rely on VMPS for dynamic assignment and an ideal solution would be to move the VMPS service onto a server (Or multiple servers) with as little interuptions to users as possible. Also, for simplicities sake it would be great if we could re-use the current Static VMPS file that the catalyst switch uses. You won't be able to do that, but you should be able to convert it pretty easily, probably into a comma-separated: mac,vlan-name ...file I have looked into FreeNAC as a solution, but want to investigate other ways of acheiving this. We do not really need to do anything other than assign (or block) VLANs, so the extra functionality of FreeNAC is not needed at this point. FreeNAC offers nothing useful that I can see. Considering i am coming from a limited Linux background, how hard would it be for me to acheive this using FreeRADIUS? Does it sound feasible? I am really looking for a bit of advice from those with experience of the FreeRADIUS application and who know of the potential pit-falls and complications that we may face! We've done it. It was not very hard. Basically, you need: * FreeRadius 2 - pick the most recent version * A list of the mac,vlan pairs in a text file * Ability to follow the (pretty simple) examples in the FreeRadius source Specifically see "raddb/sites-available/vmps" - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: VMPS - Initial project ideas
Hairy51 wrote: > Also, for simplicities sake it would be great if we could re-use the current > Static VMPS file that the catalyst switch uses. That's a little difficult, because FreeRADIUS doesn't parse those VMPS files. But it shouldn't be hard to convert the format to something FreeRADIUS can use. > Considering i am coming from a limited Linux background, how hard would it > be for me to acheive this using FreeRADIUS? Does it sound feasible? I am > really looking for a bit of advice from those with experience of the > FreeRADIUS application and who know of the potential pit-falls and > complications that we may face! It's doable. Download the server, and read raddb/sites-available/vmps There are examples doing MAC to VLAN assignment. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
VMPS - Initial project ideas
Hi all, I am just about to start a project to remove the VMPS system from an aging catalyst switch and i would like to investigate the possibilty of using FreeRadius for this. We currently have about 1500 hosts that rely on VMPS for dynamic assignment and an ideal solution would be to move the VMPS service onto a server (Or multiple servers) with as little interuptions to users as possible. Also, for simplicities sake it would be great if we could re-use the current Static VMPS file that the catalyst switch uses. I have looked into FreeNAC as a solution, but want to investigate other ways of acheiving this. We do not really need to do anything other than assign (or block) VLANs, so the extra functionality of FreeNAC is not needed at this point. Considering i am coming from a limited Linux background, how hard would it be for me to acheive this using FreeRADIUS? Does it sound feasible? I am really looking for a bit of advice from those with experience of the FreeRADIUS application and who know of the potential pit-falls and complications that we may face! Many thanks - any comments or idea's much appreciated... Cheers Jonathan -- View this message in context: http://www.nabble.com/VMPS---Initial-project-ideas-tp20264221p20264221.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
