RE: Next Pool option
On Tue, Jul 5, 2011 at 3:35 PM, Antonio Maciá ama...@sedesc.es wrote: Hi! Im running the 2.1.11 version and I would like to know how to configure next-pool options in the ippool file in order to get a ip from a secondary pool when the first pool is starved. Lets say I have two pools, 172.16.1.0/24 and 192.168.10.0/24 and I want that as soon as the 172.16.1.0 range is empty, the Radius start giving addresses form the 192.168.10.0 pool. Is it possible? Unlang is your friend. The key point is when a pool exhaust its ip address range, it will return notfound. So you can have something like this in modues/ippool-test: ippool ippool-test1 { range-start = 192.168.1.1 range-stop = 192.168.1.254 netmask = 255.255.255.0 cache-size = 256 session-db = ${db_dir}/db.ippool-test1 ip-index = ${db_dir}/db.ipindex-test1 override = no maximum-timeout = 0 } pool ippool-test2 { range-start = 192.168.2.1 range-stop = 192.168.2.254 netmask = 255.255.255.0 cache-size = 256 session-db = ${db_dir}/db.ippool-test2 ip-index = ${db_dir}/db.ipindex-test2 override = no maximum-timeout = 0 } ... and something like this on users (or db, wherever your users data is) testuser Cleartext-Password := testpass, Pool-Name := redundant-pool ... and something this in post-auth if (%{control:Pool-Name} == redundant-pool) { update control { Pool-Name := ippool-test1 } ippool-test1 if (notfound) { update control { Pool-Name := ippool-test2 } ippool-test2 } } -- Fajar Hi Fajar, I have configured the code in the post-auth section. When the first pool is exhausted it tries to give from the secondary, but although there are free ips it fails. I tried changing the order of the pools, putting the secondary pool first and it gives addresses correctly, so this pool is well configured. Here is the output: +++[basic_pool] returns notfound +++? If (notfound) ? Evaluating (notfound) - TRUE +++- entering if (notfound) {...} [control] returns notfound [basic_pool2] No available ip addresses in pool [basic_pool2] returns notfound +++- if (notfound) returns notfound ++- if(%{control:Pool-Name} == redundant_pool) returns notfound Any idea? List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Next Pool option
On Wed, Jul 6, 2011 at 5:33 PM, Antonio Maciá ama...@sedesc.es wrote: Hi Fajar, I have configured the code in the post-auth section. When the first pool is exhausted it tries to give from the secondary, but although there are free ips it fails. I tried changing the order of the pools, putting the secondary pool first and it gives addresses correctly, so this pool is well configured. Here is the output: +++[basic_pool] returns notfound +++? If (notfound) ? Evaluating (notfound) - TRUE +++- entering if (notfound) {...} [control] returns notfound [basic_pool2] No available ip addresses in pool [basic_pool2] returns notfound +++- if (notfound) returns notfound ++- if(%{control:Pool-Name} == redundant_pool) returns notfound Any idea? ( shrug ) it works on my test. Start with pasting the complete radiusd -X output. It should be able to show any configuration error. From the limited lines that you post it should be very clear [basic_pool2] No available ip addresses in pool ... then again it might be a bug in the code, in which case testing the latest version (I'd recommend using v2.1.x branch from git, which is what I currently use) should be useful. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Next Pool option
On Tue, Jul 5, 2011 at 3:35 PM, Antonio Maciá ama...@sedesc.es wrote: Hi! I’m running the 2.1.11 version and I would like to know how to configure next-pool options in the ippool file in order to get a ip from a secondary pool when the first pool is starved. Let’s say I have two pools, 172.16.1.0/24 and 192.168.10.0/24 and I want that as soon as the 172.16.1.0 range is empty, the Radius start giving addresses form the 192.168.10.0 pool. Is it possible? Unlang is your friend. The key point is when a pool exhaust its ip address range, it will return notfound. So you can have something like this in modues/ippool-test: ippool ippool-test1 { range-start = 192.168.1.1 range-stop = 192.168.1.254 netmask = 255.255.255.0 cache-size = 256 session-db = ${db_dir}/db.ippool-test1 ip-index = ${db_dir}/db.ipindex-test1 override = no maximum-timeout = 0 } ippool ippool-test2 { range-start = 192.168.2.1 range-stop = 192.168.2.254 netmask = 255.255.255.0 cache-size = 256 session-db = ${db_dir}/db.ippool-test2 ip-index = ${db_dir}/db.ipindex-test2 override = no maximum-timeout = 0 } ... and something like this on users (or db, wherever your users data is) testuser Cleartext-Password := testpass, Pool-Name := redundant-pool ... and something this in post-auth if (%{control:Pool-Name} == redundant-pool) { update control { Pool-Name := ippool-test1 } ippool-test1 if (notfound) { update control { Pool-Name := ippool-test2 } ippool-test2 } } -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html