[RADIATOR] Assigning IP's directly from the Radius server

Michael ringo at vianet.ca
Thu Feb 3 10:53:11 CST 2011 

I think the AddressPool only populates the sql table with the available ips in that pool.  I guess you're missing a FindQuery definition of an sql query that returns an available ip from the sql db.

my example had this:

         # sql select statement seems to need the ip address in the 2nd returned column in the results to satisfy '%3' for 'AllocateQuery'.
         # this seems to be an undocumented requirement.
         #FindQuery select TIME_STAMP, YIADDR, SUBNETMASK, DNSSERVER from RADPOOL where POOL=? and STATE=0 order by TIME_STAMP limit 1
         FindQuery select NULL, ip, netmask from ip_pools where pool=? and state=0 order by timestamp limit 1
         FindQueryBindVar %0

which selects the ip/netmask and the reply IP/netmask must be the 2nd/3rd returned column in the results, and adds this result into Framed-IP-Address and Framed-IP-Netmask to the reply radius packet needed for the nas.

And of course, you need an AllocateQuery to mark that IP as used, and DeallocateQuery to mark available again after the stop packet.

Michael


On 11-02-03 09:47 AM, Gerard Alcorlo Bofill wrote:
> Hello,
>
> thanks Michael for your good explanation. I checked your configuration
> with mine and it was similar. Well, I only have one Radius so I don't
> use two AddressAllocators like you.
>
> Heikki, thank you too. Now I understand a little more the difference
> between the two different AddressAllocators. I've been experimenting,
> but I'm not able to get an ip address from the Radius server and I
> allways get the address from the DHCP server. I've based my
> configuration with goodies/addressallocator.cfg
>
>
> <AddressAllocator SQL>
>     Identifier myallocator
>     DBSource dbi:mysql:database_name:127.0.0.1
>     DBUsername              user
>     DBAuth                  password
>     FailureBackoffTime      30
>
>     DefaultLeasePeriod      86400
>     LeaseReclaimInterval    300
>
>     <AddressPool pool-eduroam>
>        Subnetmask   255.255.255.128
>        Range        10.0.0.2 10.0.0.127
>        DNSServer    8.8.8.8
>     </AddressPool>
> </AddressAllocator>
>
>
> <Handler TunnelledByTTLS=1, Realm=/(^xaxi$)/i>
>     AuthByPolicy ContinueWhileAccept
>     <AuthBy SQL>
>        DBSource dbi:mysql:database_name:127.0.0.1
>        DBUsername      user
>        DBAuth          password
>        FailureBackoffTime      30
>
>        AuthSelect      select PASSWORD from SUBSCRIBERS where BINARY
> USERNAME=%0
>        AuthColumnDef   0, User-Password, check
>        AuthColumnDef   1, GENERIC, check
>        EAPType MSCHAP-V2, PAP
>     </AuthBy>
>
>     <AuthBy DYNADDRESS>
>        AddressAllocator myallocator
>        PoolHint pool-eduroam
>        AddToReply Framed-Route="10.0.0.0/25  10.0.0.1 1"
>        AddToReply MS-Primary-DNS-Server=84.88.0.3,
> MS-Secondary-DNS-Server=84.88.0.5
>        StripFromReply PoolHint
>     </AuthBy>
> </Realm>
>
>
>
> This is the error I'm getting from de AP:
> 16:27:29.234 GMT: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
> 16:27:29.241 GMT: RADIUS/ENCODE(0000002A):Orig. component type = DOT11
> 16:27:29.241 GMT: RADIUS/ENCODE: No idb found! Framed IP Addr might not
> be included
>
> I thought that my NAS (my AP) would send all the attributes to the wifi
> client but that's not happening.
>
> Are this attributes only for PPP connections or is it possible to use
> them using a wifi AP?
>
> Thanks
>
> --
> Gerard
>
>

More information about the radiator mailing list