sqlippool not working

Peter Nixon listuser at peternixon.net
Tue Sep 19 22:32:24 CEST 2006 

If you can (ie. If you control the NAS equipment) then I recommend you create 
your dynamic pools there and only assign static ips from radius as a NAS will 
ALWAYs be better at knowing who is connected to it than RADIUS will.

In the case where you do not control the NAS equipment, then radius based 
IPPools come to the rescue.

Cheers

Peter

On Tue 19 Sep 2006 22:55, you wrote:
> Thank you.
>
> That's the problem, I have 2 RADIUS servers working concurrently. If I
> set one ippool in server1, server2 needs another ippool with another
> range, and that's a grand problem.
>
> This is why I need sqlippool.
>
> I'm going to test freeradius-snapshot-20060920.tar.gz and see if it works.
>
> Is there any other way to success with 2 radius servers (other than
> creating the pool in the BRAS)? I'm kinda stuck here with this.
>
> Thank you very much.
>
> On 9/19/06, Peter Nixon <listuser at peternixon.net> wrote:
> > Hi Guilherme
> >
> > A couple of things.
> >
> > I just updated the cvs so freeradius-snapshot-20060919.tar.gz is not
> > current enough. You need to get freeradius-snapshot-20060920.tar.gz once
> > it is rolled latter tonight, or get the latest code from the repository
> > using "cvs"
> >
> > Secondly, Tuyan works together with me. All of our production deployments
> > of sqlippool are currently on Postgresql although we do plan on deploying
> > on Oracle for some customers in future (After we have finished code
> > development on sqlippool)
> >
> > Thirdly if you have only one RADIUS server and only one ippool then using
> > rlm_ippool is probably the way to go. If you have more than one RADIUS
> > server then you definately need a centralised database (which sqlippool
> > allows). If you have many ippools then sqlippool also allows you to
> > modify them on the fly without a service restart.
> >
> > Cheers
> >
> > Peter
> >
> > On Tue 19 Sep 2006 21:58, you wrote:
> > > Gentlemen,
> > >
> > > Thank you very much for lending me your time.
> > >
> > > I'm downloading freeradius-snapshot-20060919.tar.gz right now.
> > >
> > > Yes, my allocate-clear is configured exactly as Tuyan's and that's why
> > > I stated before that "regardless of my configuration in sqlippool.conf
> > > and radiusd.conf" the trace is always empty.
> > >
> > > For example, if in sqlippool.conf I set sql-instance-name = "foobar",
> > > the output of radiusd -X is always:
> > >
> > > Module: Loaded SQL IP Pool
> > > sqlippool: sql-instance-name = "sql"
> > >
> > > That's OK, I'm using the regular ippool in radiusd.conf for now and it
> > > works great when in table radcheck the values of the username are
> > > "Pool-Name := test_pool".
> > >
> > > I'm going to compile the latest build and see if it works.
> > >
> > > P.S: Tuyan, do you run sqlippool in production using ORACLE? Because
> > > I'm using Oracle 10g r2 64-bit and it does not work for now.
> > >
> > > Thank you very much!
> > >
> > > On 9/19/06, Peter Nixon <listuser at peternixon.net> wrote:
> > > > It turns out that sqlippool.conf was in the Makefile for 1.1.x but
> > > > not for CVS head. It didnt affect us because we use an rpm.
> > > >
> > > > Guilherme can you please test a new cvs checkout?
> > > >
> > > > Also, because sqlippool is still experimental you need to explicitly
> > > > enable it with
> > > >
> > > > ./configure --with-modules="rlm_sqlippool"
> > > >
> > > > Cheers
> > > >
> > > > Peter
> > > >
> > > > On Tue 19 Sep 2006 17:44, Tuyan Ozipek wrote:
> > > > > Hi Peter,
> > > > >
> > > > > When i installed (compiled from source) the
> > > > > freeradius-snapshot-20060918 tarball, the only missing thing was
> > > > > the sqlippool.conf file (which i copied from some other test
> > > > > environment). Since sqlippool module is not(yeah, we run it on
> > > > > production happily for sometime..) considered stable yet, we do not
> > > > > build it by default.(Lets check sqlippool.conf file installation in
> > > > > the makefiles tho.)
> > > > >
> > > > > I am running it now on my development machine with no problems.
> > > > >
> > > > > The only thing possible is there is some type of typo in the config
> > > > > file that Guilherme Franco is using.
> > > > >
> > > > > also, trace shows that there is no allocate-clear statement set for
> > > > > sqlippool to use.
> > > > >
> > > > >
> > > > > here is the allocate-clear statement that i used for my test..
> > > > >
> > > > >  allocate-clear = "UPDATE radippool \
> > > > >   SET nasipaddress = '', pool_key = 0, callingstationid = '', \
> > > > >   expiry_time = 'now'::timestamp(0) - '1 second'::interval \
> > > > >   WHERE pool_key = '${pool-key}'"
> > > > >
> > > > >
> > > > >
> > > > > Regards
> > > > >
> > > > > On Tue, 2006-09-19 at 00:27 +0300, Peter Nixon wrote:
> > > > > > ----------  Forwarded Message  ----------
> > > > > >
> > > > > > Subject: sqlippool not working
> > > > > > Date: Mon 18 Sep 2006 23:40
> > > > > > From: "Guilherme Franco" <guilhermefranco at gmail.com>
> > > > > > To: "FreeRadius users mailing list"
> > > > > > <freeradius-users at lists.freeradius.org>
> > > > > >
> > > > > > Hi Peter,
> > > > > >
> > > > > > Like you told me before, you did some cleanups in the
> > > > > > sqlippool.conf.
> > > > > >
> > > > > > Well, I've tried to install todays freeradius CVS, and it
> > > > > > installed without the sqlippool module, don't know why.
> > > > > >
> > > > > > So, I've compiled it manually from
> > > > > > freeradius-snapshot-20060918/src/modules/rlm_sqlippool/
> > > > > >
> > > > > > OK, but when I run radiusd -X, I got this in the end, regardless
> > > > > > of my configuration in sqlippool.conf and radiusd.conf:
> > > > > >
> > > > > > Module: Loaded SQL IP Pool
> > > > > >   sqlippool: sql-instance-name = "sql"
> > > > > >   sqlippool: lease-duration = 86400
> > > > > >   sqlippool: pool-name = ""
> > > > > >   sqlippool: allocate-begin = "BEGIN"
> > > > > >   sqlippool: allocate-clear = ""
> > > > > >   sqlippool: allocate-find = ""
> > > > > >   sqlippool: allocate-update = ""
> > > > > >   sqlippool: allocate-commit = "COMMIT"
> > > > > >   sqlippool: allocate-rollback = "ROLLBACK"
> > > > > >   sqlippool: start-begin = "BEGIN"
> > > > > >   sqlippool: start-update = ""
> > > > > >   sqlippool: start-commit = "COMMIT"
> > > > > >   sqlippool: start-rollback = "ROLLBACK"
> > > > > >   sqlippool: alive-begin = "BEGIN"
> > > > > >   sqlippool: alive-update = ""
> > > > > >   sqlippool: alive-commit = "COMMIT"
> > > > > >   sqlippool: alive-rollback = "ROLLBACK"
> > > > > >   sqlippool: stop-begin = "BEGIN"
> > > > > >   sqlippool: stop-clear = ""
> > > > > >   sqlippool: stop-commit = "COMMIT"
> > > > > >   sqlippool: stop-rollback = "ROLLBACK"
> > > > > >   sqlippool: on-begin = "BEGIN"
> > > > > >   sqlippool: on-clear = ""
> > > > > >   sqlippool: on-commit = "COMMIT"
> > > > > >   sqlippool: on-rollback = "ROLLBACK"
> > > > > >   sqlippool: off-begin = "BEGIN"
> > > > > >   sqlippool: off-clear = ""
> > > > > >   sqlippool: off-commit = "COMMIT"
> > > > > >   sqlippool: off-rollback = "ROLLBACK"
> > > > > > rlm_sqlippool: the 'allocate-clear' statement must be set.
> > > > > >
> > > > > > It's not even trying to access the Oracle server.
> > > > > >
> > > > > > What can it be?
> > > > > >
> > > > > > Thanks!
> > > > > >
> > > > > > -------------------------------------------------------
> > > >
> > > > --
> > > > Peter Nixon     mailto:peter at suntel.com.tr     Chief Technologist
> > > > Suntel Communications                    http://www.suntel.com.tr
> > > > TR tel:+902123369299   US tel:+13103177825   UK tel:+448700685002
> > > > VoIP sip:pbx at suntel.com.tr          IM jabber:peter at suntel.com.tr
> > > >
> > > > Absolutum obsoletum. (If it works, it's out of date.) -- Stafford
> > > > Beer --
> > > >
> > > > Peter Nixon
> > > > http://www.peternixon.net/
> > > > PGP Key: http://www.peternixon.net/public.asc
> >
> > --
> > Peter Nixon     mailto:peter at suntel.com.tr     Chief Technologist
> > Suntel Communications                    http://www.suntel.com.tr
> > TR tel:+902123369299   US tel:+13103177825   UK tel:+448700685002
> > VoIP sip:pbx at suntel.com.tr          IM jabber:peter at suntel.com.tr
> >
> > Absolutum obsoletum. (If it works, it's out of date.) -- Stafford Beer
> > --
> >
> > Peter Nixon
> > http://www.peternixon.net/
> > PGP Key: http://www.peternixon.net/public.asc

-- 
Peter Nixon     mailto:peter at suntel.com.tr     Chief Technologist
Suntel Communications                    http://www.suntel.com.tr
TR tel:+902123369299   US tel:+13103177825   UK tel:+448700685002
VoIP sip:pbx at suntel.com.tr          IM jabber:peter at suntel.com.tr

Absolutum obsoletum. (If it works, it's out of date.) -- Stafford Beer
-- 

Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060919/528fbc8a/attachment.pgp>

More information about the Freeradius-Users mailing list