What is Eduroam?
Eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community.
Eduroam allows students, researchers and staff from participating institutions to obtain Internet connectivity across campus and when visiting other participating institutions by simply opening their laptop.
The eduroam initiative started in 2003 within TERENA's Task Force on Mobility, TF-Mobility.
The task force created a test bed to demonstrate the feasibility of combining a RADIUS-based infrastructure with 802.1X standard technology to provide roaming network access across research and education networks.
The initial test was conducted among five institutions located in the Netherlands, Finland, Portugal, Croatia and the UK. Later, other national research and education networking organisations in Europe embraced the idea and gradually started joining the infrastructure, which was then named eduroam.
eduroam allows any eduroam-enabled user to get network access at any institution connected to eduroam.
Depending on local policies at the visited institutions, eduroam participants may also have additional resources (for example printers) at their disposal.
Today eduroam is a federation of federations (confederation); single federations are run at national level and they are all connected to a regional confederation.
Eduroam technology is based on 802.1X standard and a hierarchy of RADIUS proxy servers.
The role of the RADIUS hierarchy is to forward the users' credentials to the users' home institution, where they can be verified and validated.
When a user requests authentication, the user's realm determines where the request is routed to.
The realm is the suffix of the user-name, delimited with '@', and is derived from the organisation's DNS domain name.
Every institution (i.e. university or equivalent) that wants to participate in eduroam connects its institutional RADIUS-server to the national top-level RADIUS (NTLR) server of the country where the institution is located.
The NTLR is normally operated by the National Research and Education Network (NREN) of that country.
These country-level servers have a complete list of the participating eduroam institutions in that country.
This is sufficient to guarantee national roaming.
For international roaming, a regional top-level RADIUS server is needed in order to roam the users request to the right country.
Currently there are two main regions where eduroam is deployed: Europe and Asia-Pacific.
In the case of Europe the top-level RADIUS server (ETLR) are operated by the Dutch NREN (SURFnet) and the Danish NREN (UNI-C).
In the case of Asia-Pacific, the top-level RADIUS server (APTLR) is operated by the Australian NREN (AARNet) and by the University of Hong Kong.