[RADIATOR] Assigning IP's directly from the Radius server
Michael
ringo at vianet.ca
Thu Feb 3 10:55:30 CST 2011
oh and keep in mind, when you restart radiator, or even maybe reload radiator, the AddressPool may re-mark all ips as available, therefore it may hand out an IP that is already in use. Maybe someone else can confirm that is correct?
On 11-02-03 11:53 AM, Michael wrote:
> I think the AddressPool only populates the sql table with the available ips in that pool. I guess you're missing a FindQuery definition of an sql query that returns an available ip from the sql db.
>
> my example had this:
>
> # sql select statement seems to need the ip address in the 2nd returned column in the results to satisfy '%3' for 'AllocateQuery'.
> # this seems to be an undocumented requirement.
> #FindQuery select TIME_STAMP, YIADDR, SUBNETMASK, DNSSERVER from RADPOOL where POOL=? and STATE=0 order by TIME_STAMP limit 1
> FindQuery select NULL, ip, netmask from ip_pools where pool=? and state=0 order by timestamp limit 1
> FindQueryBindVar %0
>
> which selects the ip/netmask and the reply IP/netmask must be the 2nd/3rd returned column in the results, and adds this result into Framed-IP-Address and Framed-IP-Netmask to the reply radius packet needed for the nas.
>
> And of course, you need an AllocateQuery to mark that IP as used, and DeallocateQuery to mark available again after the stop packet.
>
> Michael
>
>
> On 11-02-03 09:47 AM, Gerard Alcorlo Bofill wrote:
>> Hello,
>>
>> thanks Michael for your good explanation. I checked your configuration
>> with mine and it was similar. Well, I only have one Radius so I don't
>> use two AddressAllocators like you.
>>
>> Heikki, thank you too. Now I understand a little more the difference
>> between the two different AddressAllocators. I've been experimenting,
>> but I'm not able to get an ip address from the Radius server and I
>> allways get the address from the DHCP server. I've based my
>> configuration with goodies/addressallocator.cfg
>>
>>
>> <AddressAllocator SQL>
>> Identifier myallocator
>> DBSource dbi:mysql:database_name:127.0.0.1
>> DBUsername user
>> DBAuth password
>> FailureBackoffTime 30
>>
>> DefaultLeasePeriod 86400
>> LeaseReclaimInterval 300
>>
>> <AddressPool pool-eduroam>
>> Subnetmask 255.255.255.128
>> Range 10.0.0.2 10.0.0.127
>> DNSServer 8.8.8.8
>> </AddressPool>
>> </AddressAllocator>
>>
>>
>> <Handler TunnelledByTTLS=1, Realm=/(^xaxi$)/i>
>> AuthByPolicy ContinueWhileAccept
>> <AuthBy SQL>
>> DBSource dbi:mysql:database_name:127.0.0.1
>> DBUsername user
>> DBAuth password
>> FailureBackoffTime 30
>>
>> AuthSelect select PASSWORD from SUBSCRIBERS where BINARY
>> USERNAME=%0
>> AuthColumnDef 0, User-Password, check
>> AuthColumnDef 1, GENERIC, check
>> EAPType MSCHAP-V2, PAP
>> </AuthBy>
>>
>> <AuthBy DYNADDRESS>
>> AddressAllocator myallocator
>> PoolHint pool-eduroam
>> AddToReply Framed-Route="10.0.0.0/25 10.0.0.1 1"
>> AddToReply MS-Primary-DNS-Server=84.88.0.3,
>> MS-Secondary-DNS-Server=84.88.0.5
>> StripFromReply PoolHint
>> </AuthBy>
>> </Realm>
>>
>>
>>
>> This is the error I'm getting from de AP:
>> 16:27:29.234 GMT: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
>> 16:27:29.241 GMT: RADIUS/ENCODE(0000002A):Orig. component type = DOT11
>> 16:27:29.241 GMT: RADIUS/ENCODE: No idb found! Framed IP Addr might not
>> be included
>>
>> I thought that my NAS (my AP) would send all the attributes to the wifi
>> client but that's not happening.
>>
>> Are this attributes only for PPP connections or is it possible to use
>> them using a wifi AP?
>>
>> Thanks
>>
>> --
>> Gerard
>>
>>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
>
More information about the radiator
mailing list