On Mon, 24 May 2004, Alexander Lunyov wrote: > Hello freeradius-users, > > I have a problem with rlm_ippool - it's not deallocating ip's from > pool, and i think i'm somewhat close to its solution, but i want to > do all things right, that's why i'm here again. > > FreeBSD 4.8R-p14, freeradius-0.9.3 with cvs version of rlm_ippool > (* Version: $Id: rlm_ippool.c,v 1.20.2.2 2003/10/09 01:05:17 phampson Exp $) > > When radiusd receives request from NAS, like this > > Calling-Station-Id = "0:50:ba:c1:3:38" > Called-Station-Id = "pppoe" > Service-Type = Framed-User > User-Name = "lan" > Framed-Protocol = PPP > MS-CHAP-Challenge = xxxxxxxxxxxxxxxxxxxxxx > MS-CHAP2-Response = xxxxxxxxxxxxxxxxxxxxxx > NAS-Identifier = "zeus.startatom.ru" > NAS-Port-Type = Ethernet > NAS-Port = 1984 > > rlm_ippool allocates ip address and writes this entry in his db > under two keys, NAS address and NAS port: > > rlm_ippool: Searching for an entry for nas/port: zeus.startatom.ru/1984 > rlm_ippool: Allocating ip to nas/port: zeus.startatom.ru/1984 > rlm_ippool: num: 1 > rlm_ippool: Allocated ip 192.168.253.207 to client on nas zeus.startatom.ru,port 1984 > modcall[post-auth]: module "legal_pool" returns ok for request 0 > > Then, when this client disconnects, rlm_ippool somehow turning > NAS-Identifier to direct ip address instead of FQDN. This is Stop > request: > > rad_recv: Accounting-Request packet from host 62.33.65.2:2107, id=71, length=162 > Calling-Station-Id = "0:50:ba:c1:3:38" > Called-Station-Id = "pppoe" > Service-Type = Framed-User > User-Name = "lan" > Framed-Protocol = PPP > Framed-IP-Address = 192.168.253.207 > Framed-IP-Netmask = 0.0.0.0 > NAS-Identifier = "zeus.startatom.ru" > NAS-Port-Type = Ethernet > NAS-Port = 1984 > Acct-Status-Type = Stop > Acct-Session-Id = "s-1474470826" > Acct-Multi-Session-Id = "" > Acct-Delay-Time = 0 > Acct-Input-Octets = 656 > Acct-Input-Packets = 2 > Acct-Output-Octets = 0 > Acct-Output-Packets = 0 > Acct-Session-Time = 13 > > See? NAS-Identifier is the same FQDN, but rlm_ippool thinks > differently: > > rlm_ippool: Searching for an entry for nas/port: 62.33.65.2/1984 > rlm_ippool: Entry not found > modcall[accounting]: module "legal_pool" returns ok for request 2 > > And as a result when client disconnects, his address doesn't > deallocates from pool, and after some time radiusd is run out of > addresses, and clients cannot connect. > > I solved this problem by adding simple attr_rewrite entry to > post-auth block (before ippool entry): > > attr_rewrite NAS { > attribute = NAS-Identifier > searchin = packet > searchfor = "zeus.startatom.ru" > replacewith = "62.33.65.2" > new_attribute = no > } > > So, it's always direct ip written to db, and when rlm_ippool check > entry on Stop request, it successefully deallocates ip address from > pool. I think, this workaround will work for me, but are there > another way to make rlm_ippool work without that?
These problems should be fixed in the CVS version of rlm_ippool. > > > > -- > Best regards, > Alexander mailto:[EMAIL PROTECTED] > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html