From owner-freebsd-isp Sat Oct 7 16:53:49 2000 Delivered-To: freebsd-isp@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id 5611637B670 for ; Sat, 7 Oct 2000 16:53:44 -0700 (PDT) Received: from chimp.simianscience.com (cage.simianscience.com [64.7.134.1]) by smtp1.sentex.ca (8.11.0/8.11.0) with SMTP id e97NrWB37256; Sat, 7 Oct 2000 19:53:36 -0400 (EDT) From: Mike Tancsa To: wash@iconnect.co.ke (Odhiambo Washington) Cc: freebsd-isp@freebsd.org Subject: Re: Radius and Accounting Date: Sat, 07 Oct 2000 19:53:32 -0400 Message-ID: References: In-Reply-To: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 7 Oct 2000 15:50:14 -0400, in sentex.lists.freebsd.isp you wrote: >I did this yes ;-) for two POPs but we're going to have 2 more POPs and = I >am concerned about it. At current we use PortMaster 2E (old stuff!) and >Radius on FreeBSD. I also use proxy radius. When you have a single = radius >server and you've got to authenticate from more that 3 POPs, I thought >there would be some concern on authent traffic on the link btn the POPs. > >On a single user db, my only worry is that of how I can merge the info = rqd >by radius (as in the /etc/raddb/users) into /etc/passwd?? That kinda = makes >it difficult.. It doest work that way. For the most part, you will never need to touch = the /etc/raddb/users file. The only time really you need to explicitly = mention your customers userids in the /etc/raddb/users file is when you want to give them static IP address or do something special with a particular = user thats different from everyone else. Even then you can setup default rules based on the UNIX GID they might have. Everyone else should get done via the DEFAULT rules in the users file.=20 > >Almost what I am looking for!! Any possiblility of sharing those = scripts, >please. I must plead because I am not a programmer...I am those network >engineers promoted to sysadmin ;-) but I'm thinking of embracing perl, >though I must swear I need more time. Have a look through the cistron radius mailing list and web page (http://www.freeradius.org). There you will find pretty well anything and everything you need to do any types of reporting you want. > >=3D> >Now that is superb!! Any HOWTOs towards achieving this??? Howto get = radius >to write directly to SQL db?? We have 2 SQL programmers who I believe = will >assist with some coaxing... Yes, again, check the mailling list and the Cistron web page. There are patches that allow you to send all your accounting info to various SQL servers. Also, 2 RADIUS servers, one acting as backup can easily handle a few thousands of ports across several POPs. There is no need to have a radius server in each pop. =20 ---Mike Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message