[RADIATOR] Assigning IP's directly from the Radius server

Michael ringo at vianet.ca
Thu Feb 3 10:55:30 CST 2011


oh and keep in mind, when you restart radiator, or even maybe reload radiator, the AddressPool may re-mark all ips as available, therefore it may hand out an IP that is already in use.  Maybe someone else can confirm that is correct?


On 11-02-03 11:53 AM, Michael wrote:
> I think the AddressPool only populates the sql table with the available ips in that pool.  I guess you're missing a FindQuery definition of an sql query that returns an available ip from the sql db.
>
> my example had this:
>
>           # sql select statement seems to need the ip address in the 2nd returned column in the results to satisfy '%3' for 'AllocateQuery'.
>           # this seems to be an undocumented requirement.
>           #FindQuery select TIME_STAMP, YIADDR, SUBNETMASK, DNSSERVER from RADPOOL where POOL=? and STATE=0 order by TIME_STAMP limit 1
>           FindQuery select NULL, ip, netmask from ip_pools where pool=? and state=0 order by timestamp limit 1
>           FindQueryBindVar %0
>
> which selects the ip/netmask and the reply IP/netmask must be the 2nd/3rd returned column in the results, and adds this result into Framed-IP-Address and Framed-IP-Netmask to the reply radius packet needed for the nas.
>
> And of course, you need an AllocateQuery to mark that IP as used, and DeallocateQuery to mark available again after the stop packet.
>
> Michael
>
>
> On 11-02-03 09:47 AM, Gerard Alcorlo Bofill wrote:
>> Hello,
>>
>> thanks Michael for your good explanation. I checked your configuration
>> with mine and it was similar. Well, I only have one Radius so I don't
>> use two AddressAllocators like you.
>>
>> Heikki, thank you too. Now I understand a little more the difference
>> between the two different AddressAllocators. I've been experimenting,
>> but I'm not able to get an ip address from the Radius server and I
>> allways get the address from the DHCP server. I've based my
>> configuration with goodies/addressallocator.cfg
>>
>>
>> <AddressAllocator SQL>
>>      Identifier myallocator
>>      DBSource dbi:mysql:database_name:127.0.0.1
>>      DBUsername              user
>>      DBAuth                  password
>>      FailureBackoffTime      30
>>
>>      DefaultLeasePeriod      86400
>>      LeaseReclaimInterval    300
>>
>>      <AddressPool pool-eduroam>
>>         Subnetmask   255.255.255.128
>>         Range        10.0.0.2 10.0.0.127
>>         DNSServer    8.8.8.8
>>      </AddressPool>
>> </AddressAllocator>
>>
>>
>> <Handler TunnelledByTTLS=1, Realm=/(^xaxi$)/i>
>>      AuthByPolicy ContinueWhileAccept
>>      <AuthBy SQL>
>>         DBSource dbi:mysql:database_name:127.0.0.1
>>         DBUsername      user
>>         DBAuth          password
>>         FailureBackoffTime      30
>>
>>         AuthSelect      select PASSWORD from SUBSCRIBERS where BINARY
>> USERNAME=%0
>>         AuthColumnDef   0, User-Password, check
>>         AuthColumnDef   1, GENERIC, check
>>         EAPType MSCHAP-V2, PAP
>>      </AuthBy>
>>
>>      <AuthBy DYNADDRESS>
>>         AddressAllocator myallocator
>>         PoolHint pool-eduroam
>>         AddToReply Framed-Route="10.0.0.0/25  10.0.0.1 1"
>>         AddToReply MS-Primary-DNS-Server=84.88.0.3,
>> MS-Secondary-DNS-Server=84.88.0.5
>>         StripFromReply PoolHint
>>      </AuthBy>
>> </Realm>
>>
>>
>>
>> This is the error I'm getting from de AP:
>> 16:27:29.234 GMT: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
>> 16:27:29.241 GMT: RADIUS/ENCODE(0000002A):Orig. component type = DOT11
>> 16:27:29.241 GMT: RADIUS/ENCODE: No idb found! Framed IP Addr might not
>> be included
>>
>> I thought that my NAS (my AP) would send all the attributes to the wifi
>> client but that's not happening.
>>
>> Are this attributes only for PPP connections or is it possible to use
>> them using a wifi AP?
>>
>> Thanks
>>
>> --
>> Gerard
>>
>>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
>


More information about the radiator mailing list