With freeradius 2.1.10 I can configure failover for SQL lookups like this:
# in policy.conf
sql_foo {
redundant {
sql_foo_local
sql_foo_remote
}
}
# in sites-available/foo
authorize {
sql_foo
}
However, it looks like I can't use this redundant module inside a string
expansion:
authorize {
update request {
Huntgroup-Name = "%{sql_foo:SELECT groupname FROM radhuntgroup
where nasipaddress='%{NAS-IP-Address}' limit 1}"
}
}
--- Error logged:
WARNING: Unknown module "sql_foo" in string expansion "%"
How could I get the same level of redundancy for string expansions? Could I
do the expansion multiple times inside a redundant section? I am thinking of
perhaps:
huntgroup_local {
update request {
Huntgroup-Name = "%{sql_foo_local:SELECT groupname FROM
radhuntgroup where nasipaddress='%{NAS-IP-Address}' limit 1}"
}
}
huntgroup_remote {
update request {
Huntgroup-Name = "%{sql_foo_remote:SELECT groupname FROM
radhuntgroup where nasipaddress='%{NAS-IP-Address}' limit 1}"
}
}
...
authorize {
redundant {
huntgroup_local
huntgroup_remote
}
}
However, I'm just not sure whether the ok/notfound/fail status would
propagate through a string expansion in this case. The examples in
configurable_failover.rst talk only about normal modules.
Thanks,
Brian.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
