Hi all

I have a complex authentication problem to solve.  The basics are 100,000+ 
users, 7 different billing systems, different realms and users not using 
realm currently (7 separate radius systems).  I need to bring these together 
and do some authentication based on nas ip address, called id and possibly 
client ip address.

I can do this with freeradius using the users file but I have too many users 
to load users into memory (as I understand users is read into memory when 
configuration is loaded/reloaded).  

I can do it with dbm (which is my preference for response and because files 
dont crash like sql, easier to restore and fault find) but I have a snag I 
have not been able to get around. 

The freeradius dbm support only uses old berkley and gdbm libraries (have read 
older posts on this which suggest it may be fixed in the future).

If anyone has a work around for this I would like to know how :) I tried using 
the binaries rlm_dbm_cat and rlm_dbm_parser which is fine except I can't seem 
to get rlm_dbm_parser to remove users.

So now I have taken a look at the rlm_sql approach as we use MySQL on all of 
our systems.  However I can not see from the default table design that it 
could support any kind of fall through.  

This is an example of what functionality I need using a users file layout:

username        Password == "testing123",
        Called-Station-ID == "12345678"
        Framed-MTU = 576,
        Service-Type = Framed-User,
        Fall-Through = Yes

username        Password == "abc123",
        Called-Station-ID == "87654321"
        Framed-MTU = 576,
        Service-Type = Framed-User
        Fall-Through = Yes

username        Password == "quigybo",
        Called-Station-ID == "77665511"
        Framed-MTU = 576,
        Service-Type = Framed-User


username2       Password == "ackack",
        Nas-Ip-Address == "203.44.55.66"
        Framed-MTU = 576,
        Service-Type = Framed-User,
        Fall-Through = Yes

username2       Password == "dicey",
        Nas-Ip-Address == "203.44.55.67"
        Framed-MTU = 576,
        Service-Type = Framed-User
        Fall-Through = Yes

username2       Password == "beer",
        Nas-Ip-Address == "203.44.55.68"
        Framed-MTU = 576,
        Service-Type = Framed-User

If anyone has an ideas to help me solve my problem I would appreciate it.  
There is nothing mentioned of this complexity in the O'Rielly RADIUS book 
either (which I own a copy of).

A solution to what dbm libraries I can install to create/modify a freeradius 
compatible dbm file would be my favourite solution.

Cheers :)
-- 
Martin ([EMAIL PROTECTED])
ICQ# 748846


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to