RE: Next Pool option
On Tue, Jul 5, 2011 at 3:35 PM, Antonio Maciá ama...@sedesc.es wrote:
Hi!
Im running the 2.1.11 version and I would like to know how to
configure next-pool options in the ippool file in order to get a ip from a
secondary pool when the first pool is starved.
Lets say I have two pools, 172.16.1.0/24 and 192.168.10.0/24 and I want
that as soon as the 172.16.1.0 range is empty, the Radius start giving
addresses form the 192.168.10.0 pool. Is it possible?
Unlang is your friend.
The key point is when a pool exhaust its ip address range, it will
return notfound. So you can have something like this in
modues/ippool-test:
ippool ippool-test1 {
range-start = 192.168.1.1
range-stop = 192.168.1.254
netmask = 255.255.255.0
cache-size = 256
session-db = ${db_dir}/db.ippool-test1
ip-index = ${db_dir}/db.ipindex-test1
override = no
maximum-timeout = 0
}
pool ippool-test2 {
range-start = 192.168.2.1
range-stop = 192.168.2.254
netmask = 255.255.255.0
cache-size = 256
session-db = ${db_dir}/db.ippool-test2
ip-index = ${db_dir}/db.ipindex-test2
override = no
maximum-timeout = 0
}
... and something like this on users (or db, wherever your users data is)
testuser Cleartext-Password := testpass, Pool-Name := redundant-pool
... and something this in post-auth
if (%{control:Pool-Name} == redundant-pool) {
update control {
Pool-Name := ippool-test1
}
ippool-test1
if (notfound) {
update control {
Pool-Name := ippool-test2
}
ippool-test2
}
}
--
Fajar
Hi Fajar,
I have configured the code in the post-auth section. When the first pool is
exhausted it tries to give from the secondary, but although there are free
ips it fails. I tried changing the order of the pools, putting the secondary
pool first and it gives addresses correctly, so this pool is well
configured.
Here is the output:
+++[basic_pool] returns notfound
+++? If (notfound)
? Evaluating (notfound) - TRUE
+++- entering if (notfound) {...}
[control] returns notfound
[basic_pool2] No available ip addresses in pool
[basic_pool2] returns notfound
+++- if (notfound) returns notfound
++- if(%{control:Pool-Name} == redundant_pool) returns notfound
Any idea?
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Next Pool option
On Wed, Jul 6, 2011 at 5:33 PM, Antonio Maciá ama...@sedesc.es wrote:
Hi Fajar,
I have configured the code in the post-auth section. When the first pool is
exhausted it tries to give from the secondary, but although there are free
ips it fails. I tried changing the order of the pools, putting the secondary
pool first and it gives addresses correctly, so this pool is well
configured.
Here is the output:
+++[basic_pool] returns notfound
+++? If (notfound)
? Evaluating (notfound) - TRUE
+++- entering if (notfound) {...}
[control] returns notfound
[basic_pool2] No available ip addresses in pool
[basic_pool2] returns notfound
+++- if (notfound) returns notfound
++- if(%{control:Pool-Name} == redundant_pool) returns notfound
Any idea?
( shrug )
it works on my test.
Start with pasting the complete radiusd -X output. It should be able
to show any configuration error. From the limited lines that you post
it should be very clear
[basic_pool2] No available ip addresses in pool
... then again it might be a bug in the code, in which case testing
the latest version (I'd recommend using v2.1.x branch from git, which
is what I currently use) should be useful.
--
Fajar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Next Pool option
On Tue, Jul 5, 2011 at 3:35 PM, Antonio Maciá ama...@sedesc.es wrote:
Hi!
I’m running the 2.1.11 version and I would like to know how to
configure next-pool options in the ippool file in order to get a ip from a
secondary pool when the first pool is starved.
Let’s say I have two pools, 172.16.1.0/24 and 192.168.10.0/24 and I want
that as soon as the 172.16.1.0 range is empty, the Radius start giving
addresses form the 192.168.10.0 pool. Is it possible?
Unlang is your friend.
The key point is when a pool exhaust its ip address range, it will
return notfound. So you can have something like this in
modues/ippool-test:
ippool ippool-test1 {
range-start = 192.168.1.1
range-stop = 192.168.1.254
netmask = 255.255.255.0
cache-size = 256
session-db = ${db_dir}/db.ippool-test1
ip-index = ${db_dir}/db.ipindex-test1
override = no
maximum-timeout = 0
}
ippool ippool-test2 {
range-start = 192.168.2.1
range-stop = 192.168.2.254
netmask = 255.255.255.0
cache-size = 256
session-db = ${db_dir}/db.ippool-test2
ip-index = ${db_dir}/db.ipindex-test2
override = no
maximum-timeout = 0
}
... and something like this on users (or db, wherever your users data is)
testuser Cleartext-Password := testpass, Pool-Name := redundant-pool
... and something this in post-auth
if (%{control:Pool-Name} == redundant-pool) {
update control {
Pool-Name := ippool-test1
}
ippool-test1
if (notfound) {
update control {
Pool-Name := ippool-test2
}
ippool-test2
}
}
--
Fajar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
