On Fri, Jan 03, 2003 at 05:38:49PM -0500, Steve Fulton wrote: > Hi all, > > I'm evaluating FreeRADIUS, and will be using a backend DB of some sort for > AAA as necessary. I'm looking for opinions and observations between using > an SQL backend, like MySQL or PostgreSQL, or possibly LDAP. What is your > experience?
I've recently started using Freeradius with MySQL here at a small isp I'm running. So far, i've been fairly impressed with the capabilities, after i made a few slight modifications to the SQL schema (i added a single "unprocessed" flag that defaults to 1 and can't be null, so that i can mark off entries in the SQL radacct table after i've processed them for billing and accounting). I don't know of many people who are using PostgreSQL, but i imagine it works equally well with that. I can't comment on LDAP, but I'd be inclined to choose whichever you can get data back out of and add data to the easiest. Currently i'm writing a custom administration frontend for my own purposes, and doing that for SQL is a tad easier than for LDAP (if only because of the extensive documentation). That said, I don't know why there'd be any reason why you couldn't mix-n-match. :og accounting details to a SQL database, and get authorization details from LDAP. just the added annoyance of relying on one more point of failure. Other people may have more extensive comments, but generally, freeradius+SQL seems fast, and responsive (since it doesn't need to keep checking the shadow/passwd files every time someone logs on). Yhe added security can be a bonus too (I've seen a few instances where all radius users could login to the radius server itself!) HTH Andrew Pilley > > -- Steve > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
