Setup Help

[chandler767]

I really like what you're doing here and I was curious if you could briefly explain how to set this up correctly? I'm new to golang (only sample projects) but I have worked with RADIUS servers (freeradius). All I want to be able to do is authentication and log accounting information to a mysql database.

From what I can tell, this project is the only one that attempts to handle authentication and accounting. No other golang project is attempting to record the accounting information (that I could find).

I appreciate the help.

[mpdroog]

Thanks for the kind words :) Yeah, the problem with most Go radius implementation attempts is that they either don't work or they're unfinished.

Basically all you need is MySQL, config.toml for your IP+secrets and to run radiusd.

1) Install MySQL-server on the server 2) Use the default config.toml from the repo and adjust how you want it 3) Compile radiusd, put it on the server, create an init.d/upstart/systemd script OR run it in a screen :p 4) Need some verbosity why it fails? Stop the daemon, run radiusd -v to enable verbosity and have a peek :)

Something regarding Galera Cluster: I mention Galera Cluster (MySQL with an active replication strategy) in the readme but that's only when you want to setup it for a corporate environment where you can't accept downtime when there's something wrong with the server or it's services.

In case you're interested in zero downtime, having no Single Point of Failure (marketing baby xD) in a corporate environment I suggest the following:

• Have at least 3 servers (quorum, against split-brain issues)
• On every server install RadiusD/Galera (with MySQL)
• Have something like a load-balancer, VIP or DNS round robin in front of it so downtime of one server doesn't break the service
• And most important, get familiar with MySQL replication using Galera Cluster, knowing at forehand HOW to recover from replication issues so when it happens (and it will) you know what to do

And in case you're interested why I prefer Galera replication opposed to all the other MySQL replication strategies: I love active replication (data needs to be accepted on ALL available servers) so the chance of different data-states between servers is close to zero. The problem with most (asynchronous) replication strategies is that data could be different between nodes with the only way of knowing is using (free) tools like pt-table-checksum

[mpdroog]

Before I forget, to set-up the DB in MySQL: Add the required tables https://github.com/mpdroog/radiusd/blob/master/db/vpnxs_radius.sql

[chandler767]

Thanks for the response and the advice on zero downtime. I'm going to do some more research on that.

What do I need to fill out in the database? How do I add a user and whatever else I need? What if I needed to send an attribute on access-accept? Such as "address-list"?

I'm going to be testing this with a mikrotik device, isn't that what you're using? Any advice?

Again, I appreciate the help.

[mpdroog]

We're using Mikrotik's here yes, but I have no experience with those things (I wrote this code for the company I work for).

I would advice getting it to work with just a simple MySQL-server, so you can learn how the basics work. As you sound like you don't have much experience with replication (it's not easy stuff).

What do I need to fill out in the database? How do I add a user and whatever else I need? I would advice just start playing with it (I'm too lazy to write a manual for ya kid), I love tools that make it easier, maybe install Navicat or SQLyog on your PC to make it a bit easier for you.

What if I needed to send an attribute on access-accept? Such as "address-list"? Well, you'll have to hack the code to add it :p, getting down and dirty. I wrote the code to do exactly what I needed.

[mpdroog]

Considering the issue as resolved.