On Mon, 24 May 2004, Alexander Lunyov wrote:
> Hello freeradius-users,
>
> I have a problem with rlm_ippool - it's not deallocating ip's from
> pool, and i think i'm somewhat close to its solution, but i want to
> do all things right, that's why i'm here again.
>
> FreeBSD 4.8R-p14, freeradius-0.9.3 with cvs version of rlm_ippool
> (* Version: $Id: rlm_ippool.c,v 1.20.2.2 2003/10/09 01:05:17 phampson Exp $)
>
> When radiusd receives request from NAS, like this
>
> Calling-Station-Id = "0:50:ba:c1:3:38"
> Called-Station-Id = "pppoe"
> Service-Type = Framed-User
> User-Name = "lan"
> Framed-Protocol = PPP
> MS-CHAP-Challenge = xxxxxxxxxxxxxxxxxxxxxx
> MS-CHAP2-Response = xxxxxxxxxxxxxxxxxxxxxx
> NAS-Identifier = "zeus.startatom.ru"
> NAS-Port-Type = Ethernet
> NAS-Port = 1984
>
> rlm_ippool allocates ip address and writes this entry in his db
> under two keys, NAS address and NAS port:
>
> rlm_ippool: Searching for an entry for nas/port: zeus.startatom.ru/1984
> rlm_ippool: Allocating ip to nas/port: zeus.startatom.ru/1984
> rlm_ippool: num: 1
> rlm_ippool: Allocated ip 192.168.253.207 to client on nas zeus.startatom.ru,port 1984
> modcall[post-auth]: module "legal_pool" returns ok for request 0
>
> Then, when this client disconnects, rlm_ippool somehow turning
> NAS-Identifier to direct ip address instead of FQDN. This is Stop
> request:
>
> rad_recv: Accounting-Request packet from host 62.33.65.2:2107, id=71, length=162
> Calling-Station-Id = "0:50:ba:c1:3:38"
> Called-Station-Id = "pppoe"
> Service-Type = Framed-User
> User-Name = "lan"
> Framed-Protocol = PPP
> Framed-IP-Address = 192.168.253.207
> Framed-IP-Netmask = 0.0.0.0
> NAS-Identifier = "zeus.startatom.ru"
> NAS-Port-Type = Ethernet
> NAS-Port = 1984
> Acct-Status-Type = Stop
> Acct-Session-Id = "s-1474470826"
> Acct-Multi-Session-Id = ""
> Acct-Delay-Time = 0
> Acct-Input-Octets = 656
> Acct-Input-Packets = 2
> Acct-Output-Octets = 0
> Acct-Output-Packets = 0
> Acct-Session-Time = 13
>
> See? NAS-Identifier is the same FQDN, but rlm_ippool thinks
> differently:
>
> rlm_ippool: Searching for an entry for nas/port: 62.33.65.2/1984
> rlm_ippool: Entry not found
> modcall[accounting]: module "legal_pool" returns ok for request 2
>
> And as a result when client disconnects, his address doesn't
> deallocates from pool, and after some time radiusd is run out of
> addresses, and clients cannot connect.
>
> I solved this problem by adding simple attr_rewrite entry to
> post-auth block (before ippool entry):
>
> attr_rewrite NAS {
> attribute = NAS-Identifier
> searchin = packet
> searchfor = "zeus.startatom.ru"
> replacewith = "62.33.65.2"
> new_attribute = no
> }
>
> So, it's always direct ip written to db, and when rlm_ippool check
> entry on Stop request, it successefully deallocates ip address from
> pool. I think, this workaround will work for me, but are there
> another way to make rlm_ippool work without that?
These problems should be fixed in the CVS version of rlm_ippool.
>
>
>
> --
> Best regards,
> Alexander mailto:[EMAIL PROTECTED]
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
