RE: Error binding port to ipv6 address
Setting the flag --without-udpfromto inside debian/rules solved the issue. Probably debian/ubuntu testers added it in the default config because they didn't test it with ipv6, I don't know. Anyway now it works, thanks all for the help - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error binding port to ipv6 address
I didn't enabled it but maybe the debian-build made it for me without noticing it. Anyway it's definetely the udpfromto problem. For debugging I just forced the define of HAVE_AF_INET6 (that it was not defined and so made udpfromto_init return -1) and now the code works. Or better, there is a problem but it is different. Now I can listen on ipv6, but only on localhost. On localhost it works (just tested with radclient). If I tried to assign any other address (any ::, or a specific one) it tells me that the address is already assigned and it exits. Can it be related to udpfromto or it is another problem? D'AVELLA STEFANO wrote: > Exactly the problem is in the udpfromto_init() call inside the > listen_bind() function. Then disable udpfromto. It is NOT enabled in the default build of the server, so the only way you can run into this problem is if you enable a non-standard feature. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error binding port to ipv6 address
D'AVELLA STEFANO wrote: > Exactly the problem is in the udpfromto_init() call inside the > listen_bind() function. Then disable udpfromto. It is NOT enabled in the default build of the server, so the only way you can run into this problem is if you enable a non-standard feature. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error binding port to ipv6 address
Exactly the problem is in the udpfromto_init() call inside the listen_bind() function. Inside this function the return value is set to be: return setsockopt(s, proto, flag, &opt, sizeof(opt)); with the ipv6 address, it returns -1 (and after a couple of calls and error logs, the program exits) with the ipv4 address it returns the correct 0 value. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error binding port to ipv6 address
Ok I have traced where the problem is (of course it was in the actual
binding of the port).
Listen_init() calls listen_parse() that calls common_socket_parse().
Inside this function around line 510 of listen.c there is this line:
/*
* And bind it to the port.
*/
if (listen_bind(this) < 0) {
the call to listen_bind() actually returns -1 and that's the problem.
Because I am new at ipv6 too I will get sometime to examine what
listen_bind() exactly do (and why it returns -1), anyway meanwhile I
printed the variable "this" passed to it and the variable "this->data"
that inside the function is assigned to sock. Here are the results:
print *this
$30 = {next = 0x0, type = RAD_LISTEN_AUTH, fd = -1, server = 0x0, status
= 0,
recv = 0x8059ba0 , send = 0x8057640
,
encode = 0x8057960 ,
decode = 0x8057880 , print = 0x8057b40
,
data = 0x8cd40a0, stats = {total_requests = 0, total_invalid_requests
= 0,
total_dup_requests = 0, total_responses = 0, total_access_accepts =
0,
total_access_rejects = 0, total_access_challenges = 0,
total_malformed_requests = 0, total_bad_authenticators = 0,
total_packets_dropped = 0, total_no_records = 0, total_unknown_types
= 0}
print *(listen_socket_t *) this->data
$33 = {ipaddr = {af = 10, ipaddr = {ip4addr = {s_addr = 288}, ip6addr =
{
__in6_u = {__u6_addr8 = " \001", '\0' ,
"\003P",
__u6_addr16 = {288, 0, 0, 0, 0, 0, 0, 20483}, __u6_addr32 =
{288, 0,
0, 1342373888}, port = 0, interface = 0x8bdea7e "eth3",
clients = 0x0}
(I couldn't print directly sock because gdb didn't allow me to access
that memory address).
If somebody sees something wrong please tells me (I have still to check
how the two structs are organized so for the moment I still don't know)
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error binding port to ipv6 address
I don't have selinux installed on the machine, the only installed package about selinux is the shared library libselinux1, so I don't think that is the problem. I am thinking that it is something about the ipv6 config in ubuntu but I am not sure. What I am doing right now is trying to backtrace the exact function that creates the problem. I just started right now and I see that it is somewhere inside listen_init() in listen.c. When I will get the exact function that it is not working as it should be maybe there will be some more ideas about what's going on... No problem :) Maybe a shot in the dark but is selinux enabled? check your logs to see if any policies are blocking it or type 'echo 0 > /selinux/enforce' then try to start it again. -- Leigh On Tue, Feb 10, 2009 at 3:19 AM, D'AVELLA STEFANO wrote: Thanks for the suggestion but of course I tried different ways to try to grep the process :) I just mentioned one of the command I used to make people understand that I checked the process list :) Still no clue about the problem anyway... Try just 'ps -e|grep radius' that will catch freeradius aswell as radiusd which it is called on some. -- Leigh On Mon, Feb 9, 2009 at 12:02 PM, D'AVELLA STEFANO wrote: Be sure that no other freeradius is running and also that you have enough rights to open such a port. Look in your inet.d or similar to avoid that another service is run instead of the planned freeradius. Thanks for the quick answer. I have thought the same because also some old mailing list post seemed to be related to this problem. I checked this possible problem before posting, but as far as I can see there is no other instance of freeradius running (ps -e | grep freeradius returns empty), and nothing is listening on that port (according to netstat). I also tried to change port several times but it's not working In /etc/services the port 1812 both tcp and udp are correctly assigned to radius (in fact in the error message it correctly use the port 1812). Regards, -- Stefano D'Avella - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error binding port to ipv6 address
No problem :) Maybe a shot in the dark but is selinux enabled? check your logs to see if any policies are blocking it or type 'echo 0 > /selinux/enforce' then try to start it again. -- Leigh On Tue, Feb 10, 2009 at 3:19 AM, D'AVELLA STEFANO < stefano.dave...@alcatel-lucent.com> wrote: > Thanks for the suggestion but of course I tried different ways to try to > grep the process :) > I just mentioned one of the command I used to make people understand that I > checked the process list :) > > Still no clue about the problem anyway... > > > Try just 'ps -e|grep radius' that will catch freeradius aswell as radiusd > which it is called on some. > > -- > Leigh > > On Mon, Feb 9, 2009 at 12:02 PM, D'AVELLA STEFANO < > stefano.dave...@alcatel-lucent.com> wrote: > >> *Be sure that no other freeradius is running and also that you have >> enough rights to open such a port.* >> * >> * >> *Look in your inet.d or similar to avoid that another service is run >> instead of the planned freeradius.* >> >> Thanks for the quick answer. I have thought the same because also some old >> mailing list post seemed to be related to this problem. >> I checked this possible problem before posting, but as far as I can see >> there is no other instance of freeradius running (ps -e | grep freeradius >> returns empty), and nothing is listening on that port (according to >> netstat). I also tried to change port several times but it's not working >> In /etc/services the port 1812 both tcp and udp are correctly assigned to >> radius (in fact in the error message it correctly use the port 1812). >> >> Regards, >> >> -- >> Stefano D'Avella >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error binding port to ipv6 address
Thanks for the suggestion but of course I tried different ways to try to grep the process :) I just mentioned one of the command I used to make people understand that I checked the process list :) Still no clue about the problem anyway... Try just 'ps -e|grep radius' that will catch freeradius aswell as radiusd which it is called on some. -- Leigh On Mon, Feb 9, 2009 at 12:02 PM, D'AVELLA STEFANO wrote: Be sure that no other freeradius is running and also that you have enough rights to open such a port. Look in your inet.d or similar to avoid that another service is run instead of the planned freeradius. Thanks for the quick answer. I have thought the same because also some old mailing list post seemed to be related to this problem. I checked this possible problem before posting, but as far as I can see there is no other instance of freeradius running (ps -e | grep freeradius returns empty), and nothing is listening on that port (according to netstat). I also tried to change port several times but it's not working In /etc/services the port 1812 both tcp and udp are correctly assigned to radius (in fact in the error message it correctly use the port 1812). Regards, -- Stefano D'Avella - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error binding port to ipv6 address
Try just 'ps -e|grep radius' that will catch freeradius aswell as radiusd which it is called on some. -- Leigh On Mon, Feb 9, 2009 at 12:02 PM, D'AVELLA STEFANO < stefano.dave...@alcatel-lucent.com> wrote: > *Be sure that no other freeradius is running and also that you have > enough rights to open such a port.* > * > * > *Look in your inet.d or similar to avoid that another service is run > instead of the planned freeradius.* > > Thanks for the quick answer. I have thought the same because also some old > mailing list post seemed to be related to this problem. > I checked this possible problem before posting, but as far as I can see > there is no other instance of freeradius running (ps -e | grep freeradius > returns empty), and nothing is listening on that port (according to > netstat). I also tried to change port several times but it's not working > In /etc/services the port 1812 both tcp and udp are correctly assigned to > radius (in fact in the error message it correctly use the port 1812). > > Regards, > > -- > Stefano D'Avella > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error binding port to ipv6 address
Be sure that no other freeradius is running and also that you have enough rights to open such a port. Look in your inet.d or similar to avoid that another service is run instead of the planned freeradius. Thanks for the quick answer. I have thought the same because also some old mailing list post seemed to be related to this problem. I checked this possible problem before posting, but as far as I can see there is no other instance of freeradius running (ps -e | grep freeradius returns empty), and nothing is listening on that port (according to netstat). I also tried to change port several times but it's not working In /etc/services the port 1812 both tcp and udp are correctly assigned to radius (in fact in the error message it correctly use the port 1812). Regards, -- Stefano D'Avella - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error binding port to ipv6 address
Am 09.02.2009 um 17:17 schrieb D'AVELLA STEFANO:
Hello,
I am new to Freeradius. I am running Freeradius 2.1.0 on Ubuntu
8.10, built from source.
I have already read all the documentation I could find in the
config files and in the wiki.
The machine has two network interfaces, eth0 and eth1, the first
configured with ipv4 and the second with ipv6.
I am interested on using freeradius with ipv6 support so I would
like to test it using it only on eth1 interface.
The point of my testbed will be to define a new attribute and
transfer it to the client when it is authorized.
But before doing it I am finding some problems in opening the ip6
socket in the server.
In fact I configured users and clients.conf to allow my ip6 client
to connect to the server, and then in the radiusd.conf file I
commented the ip4 listening option and uncommented the ip6 one. (I
also commented the accounting listening part because I am not
interested in it).
The problem is that when I run the server it exits saying (last
lines):
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
}
radiusd: Opening IP addresses and Ports
listen {
type = "auth"
ipv6addr = :: IPv6 address [::]
port = 0
/etc/freeradius/radiusd.conf[236]: Error binding to port for ::
port 1812
Be sure that no other freeradius is running and also that you have
enough rights to open such a port.
Look in your inet.d or similar to avoid that another service is run
instead of the planned freeradius.
I checked if the ip6 interface is properly configured, and it seems
so (i can ping other ip6 nodes, and also writing another little c
program to bind an ip6 socket works fine)
Changing port doesn't solve the issue.
Commenting or uncommenting the "interface" line in radiusd.conf
doesn't change anything.
Trying different types of ip6 addresses (::1, or manually assigned
ones) doesn't work either.
Obviously with ip4 I don't have any kind of problem.
I can't understand if it a freeradius configuration problem or a
system configuration one.
Thank you for you help!
Regards,
Have a nice day!
--
Stefano D'Avella
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
users.html
Nicolas Goutte
extragroup GmbH - Karlsruhe
Waldstr. 49
76133 Karlsruhe
Germany
Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624
Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error binding port to ipv6 address
Hello,
I am new to Freeradius. I am running Freeradius 2.1.0 on Ubuntu 8.10,
built from source.
I have already read all the documentation I could find in the config
files and in the wiki.
The machine has two network interfaces, eth0 and eth1, the first
configured with ipv4 and the second with ipv6.
I am interested on using freeradius with ipv6 support so I would like to
test it using it only on eth1 interface.
The point of my testbed will be to define a new attribute and transfer
it to the client when it is authorized.
But before doing it I am finding some problems in opening the ip6
socket in the server.
In fact I configured users and clients.conf to allow my ip6 client to
connect to the server, and then in the radiusd.conf file I commented the
ip4 listening option and uncommented the ip6 one. (I also commented the
accounting listening part because I am not interested in it).
The problem is that when I run the server it exits saying (last lines):
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
}
radiusd: Opening IP addresses and Ports
listen {
type = "auth"
ipv6addr = :: IPv6 address [::]
port = 0
/etc/freeradius/radiusd.conf[236]: Error binding to port for :: port
1812
I checked if the ip6 interface is properly configured, and it seems so
(i can ping other ip6 nodes, and also writing another little c program
to bind an ip6 socket works fine)
Changing port doesn't solve the issue.
Commenting or uncommenting the "interface" line in radiusd.conf doesn't
change anything.
Trying different types of ip6 addresses (::1, or manually assigned ones)
doesn't work either.
Obviously with ip4 I don't have any kind of problem.
I can't understand if it a freeradius configuration problem or a system
configuration one.
Thank you for you help!
Regards,
--
Stefano D'Avella
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
