On 10/18/2011 10:02 PM, Alan DeKok wrote: > Adam Bultman wrote: >> Problem: The detail reader, when sending the accounting packets, sends >> them out the *correct* interface, but with the *wrong* source IP >> address. (It will send out eth2, but have the source IP of eth0.) > > You're running Linux, right? And both interfaces are on the same network? > > It's a Linux bug. The Linux people think it isn't a bug, so it hasn't > been fixed for 10+ years. >
Yeah, I'm running linux, but all my networks are on distinct interfaces, and none are duplicated. eth0 = 10.x.x.x, eth1 = public IP, eth2 = 192.168.x.x . > As a hint, FreeRADIUS uses the standard socket calls to send/recv > packets. There's no magic "send packets out the wrong interface" code > in it. All of the routing is handled by the kernel. So... blame the > kernel for routng problems. > I did just about everything I could think of to make sure that any packets had the correct source IP via routing - 'ip route 192.168.x.x/24 via 192.168.x.1 dev eth2 src 192.168.x.155', but it made no difference. I didn't think there was any specific code to send things out the wrong interface, but I did wonder perhaps there was something like 'whatever IP I'm told to listen on first, that will be my source IP' type thing. >> I >> proxy to other hosts as well, so I cannot simply force a single proxy ip >> address, since that will break other things. (As far as I can tell.) All >> my routing is good, no firewalls are in the way, etc. > > You can set "src_ipaddr" for each home server. See raddb/proxy.conf. > This is documented. > This isn't in the copy of the proxy.conf file on my RADIUS servers, which explains why I've had trouble at all. If my version (2.1.10) doesn't support src_ipaddr, then I'll upgrade. Thanks for your help, Alan. It is much appreciated. -- Adam - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html