[Chilli] Best Coova - Radius centralized setup (at least what you think)

Luis Ferreira lferreira at cabocom.cv
Mon May 5 10:36:03 UTC 2014 

Hi everyone,

 

I would like to have your opinion on the smartest setup that in your opinion
is the best chilli – radius connectivity for centralized NAS.

 

Imagin a scenario where you have several hotspots spread, and you want to
interconnect them.

 

For instance, I’ve tried the following:

 

               +------------------+
+---------------------------+

               |   Location 1     |             | Remote Centralized Server
|

               +------------------+
+---------------------------+

               |                  |             |
|

Subscribers <> | CoovaChilli box  |  <=======>  |  Free Radius + MySQL DB
|

               |                  |             |
|

               +------------------+
+---------------------------+

 

 

 

Pros:     Fast Radius response

Easy configuration in case of Radius changes (centralized)

 

Cons:    Some ‘stalled’ accounts, where the radius sends a disconnect packet
to Location, but due to network problems it does not arrive on chilli CoA
port, for instance. 

Due to radius server communication that might fail some time, due to line
blackouts, it enter in a state where users cannot make login and then, when
they can, radius or chilli does not allow

 

 

               +--------------------------------+
+---------------------------+

               |   Location 1                   |             | Remote
Centralized Server |

               +--------------------------------+
+---------------------------+

               |                                |             |
|

Subscribers <> | CoovaChilli box + Free Radius  |  <=======>  |
MySQL DB          |

               |                                |             |
|

               +--------------------------------+
+---------------------------+

 

Pros:     When losing connection to MySQL DB, radius fails to authenticate,
and so does chilli, preventing creating those communication issues between
Chilli and Radius

                When loosing connectivity, system still works, and when it
returns, it is able to resume it’s normal process, not leaving ‘Stalled’
Accounts

In the event of potential ‘Stalled’ Accounts, it would be easy to wipe them
out, since radius and chilli would always be in sync

 

Cons:    Slow in getting a response from MySQL DB, due to connection speed
(creating a socket or waiting for timeout to create a new one).

                Hard configuration changes (have to change in all locations
radius config file.

 

 

What other setup’s do you know or what in your opinion are the better ones
(if possible, telling good things and bad things).

 

 

Atentamente,


Descrição: Descrição: Descrição: C:\CABOCOM\CABOCOM WORK\logo-e-mail.gif

Luis Ferreira

CTO

Cabocom S.A.

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20140505/69e7ac89/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3526 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20140505/69e7ac89/attachment.png>

More information about the Chilli mailing list