Hello Kevin -
Whether to use Realms or Handlers depends on what you are trying to match in a
request packet when you set up your authentication and accounting processing.
In general terms, Realms are more efficient as individual Realm selection is
done through a table lookup by the Realm suffix in a User-Name, so the overhead
is minimal. Handlers on the other hand allow you to match on any attribute or
combination of attributes in the request packet (and some other things
besides), however Handler selection is done through a table walk, so the
overhead is greater.
We have customers with hundreds or even thousands of Realms or Handlers, in
which case the one to use is critically important.
In your case below with a single Realm, what you are doing is just fine.
regards
Hugh
On Sat, 15 Jul 2000, Kevin Wormington wrote:
> Hi all,
>
> I just upgraded to 2.16.1 (all patches applied) from 2.14.1 on a test
> machine running Linux. I'm using DBD-Sybase-0.22 and the latest freeTDS
> snapshot. Everything works fine, but I'm still using realms and have seen a
> lot on the list lately regarding handlers. Would there be any advantage to
> using handlers instead? Radius.cfg is included below.
>
> Thanks,
>
> Kevin
>
> ---------------------------------------
> My radius.cfg
> ---------------------------------------
>
> Foreground
> #LogStdout
> Trace 3
> LogDir /root/Radiator-2.16.1
> LogFile %L/radiator.log
> DbDir /root/Radiator-2.16.1
> AuthPort 1812
> AcctPort 1813
>
> <Client DEFAULT>
> Secret shhhhhh
> DupInterval 30
> </Client>
>
> <Realm>
> PasswordLogFileName %L/password.log
> AuthByPolicy ContinueWhileAccept
> RewriteUsername tr/A-Za-z0-9\-//cd
>
> <AuthBy PLATYPUS>
> DBSource dbi:Sybase:server=some.big.server
> DBUsername xxxxx
> DBAuth xxxxx
>
> # You can add to or change these if you want.
> AccountingTable Calls
> AcctColumnDef UserName,User-Name
> AcctColumnDef CallDate,Timestamp,integer-date
> AcctColumnDef AcctStatusType,Acct-Status-Type,integer
> AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer
> AcctColumnDef AcctInputOctets,Acct-Input-Octets,integer
> AcctColumnDef AcctOutputOctets,Acct-Output-Octets,integer
> AcctColumnDef AcctSessionId,Acct-Session-Id
> AcctColumnDef AcctSessionTime,Acct-Session-Time,integer
> AcctColumnDef
> AcctTerminateCause,Acct-Terminate-Cause,integer
> AcctColumnDef NASIdentifier,NAS-Identifier
> AcctColumnDef NASIdentifier,NAS-IP-Address
> AcctColumnDef NASPort,NAS-Port,integer
> AcctColumnDef NASPortType,NAS-Port-Type,integer
> AcctColumnDef FramedAddress,Framed-IP-Address
> AccountingStopsOnly
> </AuthBy>
> <AuthBy FILE>
> Filename /path/Radiator-2.16.1/users
> </AuthBy>
> AddToReplyIfNotExist Port-Limit=1
> </Realm>
>
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
