Arran Cudbard-Bell wrote:
> Yeah, complex sql really can be quite slow, specially when the queries
> are being run multiple times for all the rounds required in eap
> authentication.
If you're using the TLS variants of EAP, you can do:
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Autz-Type := "internal"
Then in the "authorize" section, add:
...
Autz-Type internal {
... do DB lookups here
}
If you're doing password lookups in LDAP, put "ldap" in that section.
Then, the LDAP lookups will only be done when they're needed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
