(RADIATOR) DYNADDRESS

Hugh Irvine hugh at open.com.au
Fri Apr 11 01:34:08 CDT 2003


Hello Chris -

The answer is "it depends" on what your overall requirements are.

If you want to use a single address pool, there is no requirement for a 
PoolHint for every user, and you can just use a hardwired value in the 
Handler as you are doing.

In the example below, you have defined an AddressPool called "Denver", 
but your AuthBy DYNADDRESS is using "Hint", which obviously won't work. 
You should use "PoolHint Denver" if that's what you want to do.

BTW - this topic has also been discussed numerous times on the mailing 
list, so check the archive:

	www.open.com.au/archives/radiator

regards

Hugh


On Friday, Apr 11, 2003, at 09:45 Australia/Melbourne, Chris Fedde 
wrote:

> I'm still having trouble wrapping my brain around <AuthBy DYNADDRESS>
> Must I have a PoolHint attribute for each user?  Or may I supply a
> a PoolHint for all requests that come in through a specific handler?
>
> Using radpwtst I get records in the logs that indicate that
> Radius::AuthDYNADDRESS is being used but the Access-Accept
> packet does not have Framed-IP-Address or Framed-IP-Netmask entries
> from the pool. nether does it appear that the
>
>> From my reading of the doc it appears that I can accept
> the defaults for MapAttribute. My RADPOOL table matches the spec
> in the buildsql file.
>
> using Radiator 3.4
>
> <AddressAllocator SQL>
>     Identifier mySQLAllocator
>
>     DBSource        dbi:mysql:radius:db.me.net
>     DBUsername      radius
>     DBAuth          XXXXXX
>
>     FindQuery select TIME_STAMP, YIADDR, SUBNETMASK, DNSSERVER \
>               from RADPOOL \
>               where POOL='%0' and STATE=0 order by TIME_STAMP\
>               limit 1
>
>     <AddressPool Denver>
>          Range 10.0.4.0/23
>     </AddressPool>
>
> </AddressAllocator>
>
> <Handler Realm = me.net>
>
>     AuthByPolicy ContinueWhileAccept
>
>     AuthBy meLDAP2
>     <AuthBy DYNADDRESS>
>         PoolHint Hint
>         AddressAllocator  mySQLAllocator
>     </AuthBy>
>
>     AuthLog resultlog
>
> </Handler>
>
>
> --
>     Chris Fedde
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list