277 realms to maintain
Hello All, In order to be able to use the home server pools and fail-over I had to create a list of 277 realms. There are now 277 entires similar to this: realm domain.com { auth_pool = my_auth_failover nostrip } Could I use an $INCLUDE statement here to maintain the list of realms in a separate file? That way it would be easier to automate the creation of the realms list. Is there a better way of doing this? Thank you, Bertalan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 277 realms to maintain
Hi, There are now 277 entires similar to this: realm domain.com http://domain.com { auth_pool = my_auth_failover nostrip } Could I use an $INCLUDE statement here to maintain the list of realms in a separate file? That way it would be easier to automate the creation of the realms list. Sure. Just do exactly that. Stefan Is there a better way of doing this? Thank you, Bertalan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 signature.asc Description: OpenPGP digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 277 realms to maintain
On 02/25/2013 11:32 AM, Bertalan Voros wrote: Hello All, In order to be able to use the home server pools and fail-over I had to create a list of 277 realms. There are now 277 entires similar to this: realm domain.com http://domain.com { auth_pool = my_auth_failover nostrip } Do all the realms point to the same or a few servers/pools? Could I use an $INCLUDE statement here to maintain the list of realms in a separate file? That way it would be easier to automate the creation of the realms list. Is there a better way of doing this? If they all point to the same (or a small number of) server pool(s), then yes - don't use the suffix/realm module, and instead set Realm / Proxy-To-Realm manually, like so: authorize { if (User-Name =~ /some regexp/) { update request { Realm := BLAH.BLAH } update control { Proxy-To-Realm := UPSTREAM } } ... } Only realms from Proxy-To-Realm need to be defined in proxy.conf - in this case, UPSTREAM. If they all point to different home server/pool(s) then you just continue what you're doing, using $INCLUDE. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html