3.13. Gossip configuration

This section lists the parameters that are common to all Gossip modules.

3.13.1. Identifier

All Gossip backends, such as GossipRedis and GossipUDP, must be configured with Identifier. Identifier will be required in later releases to reference the chosen Gossip instance.
# Modules that require GossipRedis can refer to us with this Identifier
Identifier gossip-redis

3.13.2. Debug

Debug configuration parameter is available for all Gossip implementations. This optional flag enables debugging within the Radius::Gossip and its derived modules. It enables the logging of the details of all messages sent and received when Trace is set to 4 or higher. This is not set by default.
Requires Perl Data::Printer module.
# See all message details.
Debug

3.13.3. Secret

Secret is an optional parameter that enables encryption and decryption of Gossip messages. Secret does not store the key in an encrypted format and using EncryptedSecret is preferred. For more information, see Section 3.13.4. EncryptedSecret.
The format is n,value where:
  • n is key index. The valid values are from 1 and 65535. The key index cannot be 0, it is a reserved value and an error is logged if 0 is used.
  • value is the key
Using Secret requires the following Perl modules:
  • Crypt::GCM
  • Crypt::Rijndael
CAUTION
If none of the Secret parameters can be successfully parsed, Gossip does not work and logs an error.
Here is an example of using Secret:
<GossipUDP>
    # Secret also works with GossipREDIS clause
    Secret 1,fred1
    Secret 2,fred2
    Secret 3,fred3
</GossipUDP>

3.13.4. EncryptedSecret

EncryptedSecret is an optional parameter that enables encryption and decryption of Gossip messages. EncryptedSecret stores the key in an encrypted format and thus it is preferable to use it instead of Secret.
The format is n,{method}encrypted-value where:
  • n is key index. The valid values are from 1 and 65535. The key index cannot be 0, it is a reserved value and an error is logged if 0 is used.
  • method is the encryption method. Currently, there is one supported method, rcrypt
  • encrypted-value is the key encrypted with the encryption method
Using EncryptedSecret requires the following Perl modules:
  • Crypt::GCM
  • Crypt::Rijndael
CAUTION
If none of the EncryptedSecret parameters can be successfully parsed and decrypted, Gossip does not work and logs an error.
Here is an example of using EncryptedSecret:
<GossipUDP>
    # EncryptedSecret also works with GossipREDIS clause
    EncryptedSecret 1,{rcrypt}OjJXcK4bIA8sJERMzD2R0/Gx
    EncryptedSecret 2,{rcrypt}GyqZa52CYTRwsFqYQvsHNWbc
    EncryptedSecret 3,{rcrypt}I1vIkmow6FgLJyg5/pMfOOv2
</GossipUDP>