ippool bug or config problem?

2002-09-24 Thread magmike 


ippool assign the same ip address for two different users.
May be my config is broken?
When i use large pool (1-254), i have the same bug after restarting
radiusd.


- radiusd.conf
modules {

ippool ippool-1-fast {
range-start = 192.168.5.1
range-stop = 192.168.5.6
netmask = 255.255.255.0
cache-size = 800
session-db = ${raddbdir}/pools/db.pool-1-fast
ip-index = ${raddbdir}/pools/db.pool-1-fast.idx
}
}

accounting {
detail
unix
radutmp
ippool-1-fast
}

post-auth {
ippool-1-fast
}
- end of radiusd.conf

- users
DEFAULT  NAS-IP-Address == 192.168.0.5,  Service-Type == Framed-User,  Pool-Name := 
ippool-1-fast
Framed-MTU = 1500,
Service-Type = Framed-User,
Fall-Through = 1
- end of users

Now run radiusd:

root@vpn:/etc/raddb# radiusd -xx
Starting - reading configuration files ...
...
Module: Loaded IPPOOL
 ippool: session-db = /etc/raddb/pools/db.pool-1-fast
 ippool: ip-index = /etc/raddb/pools/db.pool-1-fast.idx
 ippool: range-start = 192.168.5.1 IP address [192.168.5.1]
 ippool: range-stop = 192.168.5.6 IP address [192.168.5.6]
 ippool: netmask = 255.255.255.0 IP address [255.255.255.0]
 ippool: cache-size = 800
rlm_ippool: Initializing database
Module: Instantiated ippool (ippool-1-fast)
Initializing the thread pool...
 thread: start_servers = 5
 thread: max_servers = 32
 thread: min_spare_servers = 3
 thread: max_spare_servers = 10
 thread: max_requests_per_server = 0
 thread: cleanup_delay = 5

Ready to process requests.
Thread 5 waiting to be assigned a request
rad_recv: Access-Request packet from host 192.168.0.5:1026, id=70, length=133
Thread 1 assigned request 0
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/1/4
Nothing to do.  Sleeping until we see a request.

- Now I try send auth packet with radclient (user 
mmike):

Thread 1 handling request 0, (1 handled so far)
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = mmike
MS-CHAP-Challenge = 0xb9ca50b535f1d25c8d22873d4c203565
MS-CHAP2-Response = 
0x01002bbf1007dc607b833af3cdd279ece38b2284ae758753dd9cd3e78d98dfcdde06a8db899b56543336
NAS-IP-Address = 192.168.0.5
NAS-Port = 0
modcall: entering group authorize
  modcall[authorize]: module preprocess returns ok
rlm_passwd: Added User-Password: mike
rlm_passwd: Added Group: fast
rlm_passwd: Adding Auth-Type: MS-CHAP
  modcall[authorize]: module raddb_userlist returns ok
  modcall[authorize]: module mschap returns ok
rlm_realm: No '' in User-Name = mmike, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop
users: Matched DEFAULT at 201
  modcall[authorize]: module files returns ok
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type MS-CHAP
auth: type MS-CHAP
modcall: entering group authenticate
rlm_mschap: doing MS-CHAPv2 with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
  modcall[authenticate]: module mschap returns ok
modcall: group authenticate returns ok
Login OK: [mmike] (from client 192.168.0.5 port 0)
modcall: entering group post-auth
rlm_ippool: Searching for an entry for nas/port: 192.168.0.5/0
rlm_ippool: num: 1
rlm_ippool: Allocated ip 192.168.5.3 to client on nas 192.168.0.5,port 0
  modcall[post-auth]: module ippool-1-fast returns ok
modcall: group post-auth returns ok
Sending Access-Accept of id 70 to 192.168.0.5:1026
Framed-MTU = 1500
Service-Type = Framed-User
MS-CHAP2-Success = 0x01533d453742313241354342463337383533443044383236383
73933463331363332363844463839414236
MS-MPPE-Recv-Key = 0xe3464568c260d4f054599eac8c270f89762624d03837024c13e
53c392029a3ca21c2
MS-MPPE-Send-Key = 0xe345be695620746dcc14948143420d08d333dd86889a5a66f9a
1e084b1c5a4b6d723
MS-MPPE-Encryption-Policy = 0x0002
MS-MPPE-Encryption-Types = 0x0004
Framed-IP-Address = 192.168.5.3

 OK ip assigned 192.168.5.3
 Now I try to connect with pppd+radiusclient (user mmmike)

Nothing to do.  Sleeping until we see a request.
Thread 1 handling request 5, (2 handled so far)
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = mmmike
MS-CHAP-Challenge = 0x35a4ce64ebf19fc25af6921225399273
MS-CHAP2-Response = 0x010068295ca3c0f2c063e229225a129b53df00
00405f88f247c0d22d083286a7123eb6cc61415f5401ad09fc
NAS-IP-Address = 192.168.0.5
NAS-Port = 0
modcall: entering group authorize
  modcall[authorize]: module preprocess returns ok
rlm_passwd: Added User-Password: mike
rlm_passwd: Added Group: fast
rlm_passwd: Adding Auth-Type: MS-CHAP
  modcall[authorize]: module raddb_userlist returns ok

Re: ippool bug or config problem?

2002-09-24 Thread Kostas Kalevras 

On Tue, 24 Sep 2002 [EMAIL PROTECTED] wrote:


 ippool assign the same ip address for two different users.
 May be my config is broken?
 When i use large pool (1-254), i have the same bug after restarting
 radiusd.
 - Now I try send auth packet with radclient (user 
mmike):

 Thread 1 handling request 0, (1 handled so far)
 Service-Type = Framed-User
 Framed-Protocol = PPP
 User-Name = mmike
 MS-CHAP-Challenge = 0xb9ca50b535f1d25c8d22873d4c203565
 MS-CHAP2-Response = 
0x01002bbf1007dc607b833af3cdd279ece38b2284ae758753dd9cd3e78d98dfcdde06a8db899b56543336
 NAS-IP-Address = 192.168.0.5
 NAS-Port = 0

All Access-Requests contain the same NAS/Port pair. rlm_ippool will consider the
corresponding ip allocated stale and will free it. As a result it will get
reallocated to another user.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re[2]: ippool bug or config problem?

2002-09-24 Thread magmike 



Tuesday, September 24, 2002, 7:29:03 PM, [EMAIL PROTECTED] wrote:

 On Tue, 24 Sep 2002 [EMAIL PROTECTED] wrote:


 ippool assign the same ip address for two different users.
 May be my config is broken?
 When i use large pool (1-254), i have the same bug after restarting
 radiusd.
 - Now I try send auth packet with radclient (user 
mmike):

 Thread 1 handling request 0, (1 handled so far)
 Service-Type = Framed-User
 Framed-Protocol = PPP
 User-Name = mmike
 MS-CHAP-Challenge = 0xb9ca50b535f1d25c8d22873d4c203565
 MS-CHAP2-Response = 
0x01002bbf1007dc607b833af3cdd279ece38b2284ae758753dd9cd3e78d98dfcdde06a8db899b56543336
 NAS-IP-Address = 192.168.0.5
 NAS-Port = 0

 All Access-Requests contain the same NAS/Port pair. rlm_ippool will consider the
 corresponding ip allocated stale and will free it. As a result it will get
 reallocated to another user.

Whith large pool (1-254) ippool returns differ ip for the same
requests.

(old db-files removed)
Auth-request:
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = mmike
MS-CHAP-Challenge = 0xb9ca50b535f1d25c8d22873d4c203565
MS-CHAP2-Response = 
0x01002bbf1007dc607b833af3cdd279ece38b2284ae758753dd9cd3e78d98dfcdde06a8db899b56543336
NAS-IP-Address = 192.168.0.5
NAS-Port = 0


# radiusd -xx | grep ippool

 ippool: session-db = /etc/raddb/pools/db.pool-1-fast
 ippool: ip-index = /etc/raddb/pools/db.pool-1-fast.idx
 ippool: range-start = 192.168.5.1 IP address [192.168.5.1]
 ippool: range-stop = 192.168.5.254 IP address [192.168.5.254]
 ippool: netmask = 255.255.255.0 IP address [255.255.255.0]
 ippool: cache-size = 800
rlm_ippool: Initializing database
Module: Instantiated ippool (ippool-1-fast)

REQUEST #1
rlm_ippool: Searching for an entry for nas/port: 192.168.0.5/0
rlm_ippool: num: 1
rlm_ippool: Allocated ip 192.168.5.55 to client on nas 192.168.0.5,port 0
  modcall[post-auth]: module ippool-1-fast returns ok

REQUEST #2
rlm_ippool: Searching for an entry for nas/port: 192.168.0.5/0
rlm_ippool: Found a stale entry for ip/port: 192.168.5.55/0
rlm_ippool: num: 0
rlm_ippool: num: 1
rlm_ippool: Allocated ip 192.168.5.217 to client on nas 192.168.0.5,port 0
  modcall[post-auth]: module ippool-1-fast returns ok

REQUEST #3
rlm_ippool: Searching for an entry for nas/port: 192.168.0.5/0
rlm_ippool: Found a stale entry for ip/port: 192.168.5.217/0
rlm_ippool: num: 0
rlm_ippool: num: 1
rlm_ippool: Allocated ip 192.168.5.92 to client on nas 192.168.0.5,port 0
  modcall[post-auth]: module ippool-1-fast returns ok

REQUEST #4
rlm_ippool: Searching for an entry for nas/port: 192.168.0.5/0
rlm_ippool: Found a stale entry for ip/port: 192.168.5.92/0
rlm_ippool: num: 0
rlm_ippool: num: 1
rlm_ippool: Allocated ip 192.168.5.233 to client on nas 192.168.0.5,port 0
  modcall[post-auth]: module ippool-1-fast returns ok



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html