sqlippool not working

Guilherme Franco guilhermefranco at gmail.com
Wed Sep 20 00:46:35 CEST 2006


Yes, that's true.

Unfortunately, the IT area developed a software that creates users in
a GUI and then those users goes to Oracle. The application would also
create and manage ip-pools. (just like a Dialup-up admin).

Because of that, I desperately need sqlippool in oracle. Can't be done
in the BRAS manually then.

Thanks.

On 9/19/06, Peter Nixon <listuser at peternixon.net> wrote:
> If you can (ie. If you control the NAS equipment) then I recommend you create
> your dynamic pools there and only assign static ips from radius as a NAS will
> ALWAYs be better at knowing who is connected to it than RADIUS will.
>
> In the case where you do not control the NAS equipment, then radius based
> IPPools come to the rescue.
>
> Cheers
>
> Peter
>
> On Tue 19 Sep 2006 22:55, you wrote:
> > Thank you.
> >
> > That's the problem, I have 2 RADIUS servers working concurrently. If I
> > set one ippool in server1, server2 needs another ippool with another
> > range, and that's a grand problem.
> >
> > This is why I need sqlippool.
> >
> > I'm going to test freeradius-snapshot-20060920.tar.gz and see if it works.
> >
> > Is there any other way to success with 2 radius servers (other than
> > creating the pool in the BRAS)? I'm kinda stuck here with this.
> >
> > Thank you very much.
> >
> > On 9/19/06, Peter Nixon <listuser at peternixon.net> wrote:
> > > Hi Guilherme
> > >
> > > A couple of things.
> > >
> > > I just updated the cvs so freeradius-snapshot-20060919.tar.gz is not
> > > current enough. You need to get freeradius-snapshot-20060920.tar.gz once
> > > it is rolled latter tonight, or get the latest code from the repository
> > > using "cvs"
> > >
> > > Secondly, Tuyan works together with me. All of our production deployments
> > > of sqlippool are currently on Postgresql although we do plan on deploying
> > > on Oracle for some customers in future (After we have finished code
> > > development on sqlippool)
> > >
> > > Thirdly if you have only one RADIUS server and only one ippool then using
> > > rlm_ippool is probably the way to go. If you have more than one RADIUS
> > > server then you definately need a centralised database (which sqlippool
> > > allows). If you have many ippools then sqlippool also allows you to
> > > modify them on the fly without a service restart.
> > >
> > > Cheers
> > >
> > > Peter
> > >
> > > On Tue 19 Sep 2006 21:58, you wrote:
> > > > Gentlemen,
> > > >
> > > > Thank you very much for lending me your time.
> > > >
> > > > I'm downloading freeradius-snapshot-20060919.tar.gz right now.
> > > >
> > > > Yes, my allocate-clear is configured exactly as Tuyan's and that's why
> > > > I stated before that "regardless of my configuration in sqlippool.conf
> > > > and radiusd.conf" the trace is always empty.
> > > >
> > > > For example, if in sqlippool.conf I set sql-instance-name = "foobar",
> > > > the output of radiusd -X is always:
> > > >
> > > > Module: Loaded SQL IP Pool
> > > > sqlippool: sql-instance-name = "sql"
> > > >
> > > > That's OK, I'm using the regular ippool in radiusd.conf for now and it
> > > > works great when in table radcheck the values of the username are
> > > > "Pool-Name := test_pool".
> > > >
> > > > I'm going to compile the latest build and see if it works.
> > > >
> > > > P.S: Tuyan, do you run sqlippool in production using ORACLE? Because
> > > > I'm using Oracle 10g r2 64-bit and it does not work for now.
> > > >
> > > > Thank you very much!
> > > >
> > > > On 9/19/06, Peter Nixon <listuser at peternixon.net> wrote:
> > > > > It turns out that sqlippool.conf was in the Makefile for 1.1.x but
> > > > > not for CVS head. It didnt affect us because we use an rpm.
> > > > >
> > > > > Guilherme can you please test a new cvs checkout?
> > > > >
> > > > > Also, because sqlippool is still experimental you need to explicitly
> > > > > enable it with
> > > > >
> > > > > ./configure --with-modules="rlm_sqlippool"
> > > > >
> > > > > Cheers
> > > > >
> > > > > Peter
> > > > >
> > > > > On Tue 19 Sep 2006 17:44, Tuyan Ozipek wrote:
> > > > > > Hi Peter,
> > > > > >
> > > > > > When i installed (compiled from source) the
> > > > > > freeradius-snapshot-20060918 tarball, the only missing thing was
> > > > > > the sqlippool.conf file (which i copied from some other test
> > > > > > environment). Since sqlippool module is not(yeah, we run it on
> > > > > > production happily for sometime..) considered stable yet, we do not
> > > > > > build it by default.(Lets check sqlippool.conf file installation in
> > > > > > the makefiles tho.)
> > > > > >
> > > > > > I am running it now on my development machine with no problems.
> > > > > >
> > > > > > The only thing possible is there is some type of typo in the config
> > > > > > file that Guilherme Franco is using.
> > > > > >
> > > > > > also, trace shows that there is no allocate-clear statement set for
> > > > > > sqlippool to use.
> > > > > >
> > > > > >
> > > > > > here is the allocate-clear statement that i used for my test..
> > > > > >
> > > > > >  allocate-clear = "UPDATE radippool \
> > > > > >   SET nasipaddress = '', pool_key = 0, callingstationid = '', \
> > > > > >   expiry_time = 'now'::timestamp(0) - '1 second'::interval \
> > > > > >   WHERE pool_key = '${pool-key}'"
> > > > > >
> > > > > >
> > > > > >
> > > > > > Regards
> > > > > >
> > > > > > On Tue, 2006-09-19 at 00:27 +0300, Peter Nixon wrote:
> > > > > > > ----------  Forwarded Message  ----------
> > > > > > >
> > > > > > > Subject: sqlippool not working
> > > > > > > Date: Mon 18 Sep 2006 23:40
> > > > > > > From: "Guilherme Franco" <guilhermefranco at gmail.com>
> > > > > > > To: "FreeRadius users mailing list"
> > > > > > > <freeradius-users at lists.freeradius.org>
> > > > > > >
> > > > > > > Hi Peter,
> > > > > > >
> > > > > > > Like you told me before, you did some cleanups in the
> > > > > > > sqlippool.conf.
> > > > > > >
> > > > > > > Well, I've tried to install todays freeradius CVS, and it
> > > > > > > installed without the sqlippool module, don't know why.
> > > > > > >
> > > > > > > So, I've compiled it manually from
> > > > > > > freeradius-snapshot-20060918/src/modules/rlm_sqlippool/
> > > > > > >
> > > > > > > OK, but when I run radiusd -X, I got this in the end, regardless
> > > > > > > of my configuration in sqlippool.conf and radiusd.conf:
> > > > > > >
> > > > > > > Module: Loaded SQL IP Pool
> > > > > > >   sqlippool: sql-instance-name = "sql"
> > > > > > >   sqlippool: lease-duration = 86400
> > > > > > >   sqlippool: pool-name = ""
> > > > > > >   sqlippool: allocate-begin = "BEGIN"
> > > > > > >   sqlippool: allocate-clear = ""
> > > > > > >   sqlippool: allocate-find = ""
> > > > > > >   sqlippool: allocate-update = ""
> > > > > > >   sqlippool: allocate-commit = "COMMIT"
> > > > > > >   sqlippool: allocate-rollback = "ROLLBACK"
> > > > > > >   sqlippool: start-begin = "BEGIN"
> > > > > > >   sqlippool: start-update = ""
> > > > > > >   sqlippool: start-commit = "COMMIT"
> > > > > > >   sqlippool: start-rollback = "ROLLBACK"
> > > > > > >   sqlippool: alive-begin = "BEGIN"
> > > > > > >   sqlippool: alive-update = ""
> > > > > > >   sqlippool: alive-commit = "COMMIT"
> > > > > > >   sqlippool: alive-rollback = "ROLLBACK"
> > > > > > >   sqlippool: stop-begin = "BEGIN"
> > > > > > >   sqlippool: stop-clear = ""
> > > > > > >   sqlippool: stop-commit = "COMMIT"
> > > > > > >   sqlippool: stop-rollback = "ROLLBACK"
> > > > > > >   sqlippool: on-begin = "BEGIN"
> > > > > > >   sqlippool: on-clear = ""
> > > > > > >   sqlippool: on-commit = "COMMIT"
> > > > > > >   sqlippool: on-rollback = "ROLLBACK"
> > > > > > >   sqlippool: off-begin = "BEGIN"
> > > > > > >   sqlippool: off-clear = ""
> > > > > > >   sqlippool: off-commit = "COMMIT"
> > > > > > >   sqlippool: off-rollback = "ROLLBACK"
> > > > > > > rlm_sqlippool: the 'allocate-clear' statement must be set.
> > > > > > >
> > > > > > > It's not even trying to access the Oracle server.
> > > > > > >
> > > > > > > What can it be?
> > > > > > >
> > > > > > > Thanks!
> > > > > > >
> > > > > > > -------------------------------------------------------
> > > > >
> > > > > --
> > > > > Peter Nixon     mailto:peter at suntel.com.tr     Chief Technologist
> > > > > Suntel Communications                    http://www.suntel.com.tr
> > > > > TR tel:+902123369299   US tel:+13103177825   UK tel:+448700685002
> > > > > VoIP sip:pbx at suntel.com.tr          IM jabber:peter at suntel.com.tr
> > > > >
> > > > > Absolutum obsoletum. (If it works, it's out of date.) -- Stafford
> > > > > Beer --
> > > > >
> > > > > Peter Nixon
> > > > > http://www.peternixon.net/
> > > > > PGP Key: http://www.peternixon.net/public.asc
> > >
> > > --
> > > Peter Nixon     mailto:peter at suntel.com.tr     Chief Technologist
> > > Suntel Communications                    http://www.suntel.com.tr
> > > TR tel:+902123369299   US tel:+13103177825   UK tel:+448700685002
> > > VoIP sip:pbx at suntel.com.tr          IM jabber:peter at suntel.com.tr
> > >
> > > Absolutum obsoletum. (If it works, it's out of date.) -- Stafford Beer
> > > --
> > >
> > > Peter Nixon
> > > http://www.peternixon.net/
> > > PGP Key: http://www.peternixon.net/public.asc
>
> --
> Peter Nixon     mailto:peter at suntel.com.tr     Chief Technologist
> Suntel Communications                    http://www.suntel.com.tr
> TR tel:+902123369299   US tel:+13103177825   UK tel:+448700685002
> VoIP sip:pbx at suntel.com.tr          IM jabber:peter at suntel.com.tr
>
> Absolutum obsoletum. (If it works, it's out of date.) -- Stafford Beer
> --
>
> Peter Nixon
> http://www.peternixon.net/
> PGP Key: http://www.peternixon.net/public.asc
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>



More information about the Freeradius-Users mailing list