rlm_sqlippool allocating duplicate IPs
Alan DeKok
aland at deployingradius.com
Wed Dec 2 15:54:31 CET 2009
Phil Mayers wrote:
> Ugh. Even worse, it doesn't actually re-authenticate the user; it
> actually just tears down the IPCP layer, and then brings it back up
> again USING THE SAME IP. Of course, since the "stop-clear" query has run
> at that point and re-set the pool_key column to "0", so the 2nd
> accounting start doesn't re-allocate the IP.
Is there a MAC in the Access-Request? If so, the IPPool module
*should* save "last allocated MAC". The preference for allocation
should be:
1) previously unallocated IP (no MAC associated with it)
2) unused (MAC associated with it), ordered by last
time it was released (prefer older IPs)
That will maximize the re-use, and minimize the conflict.
Surprisingly enough, the same algorithm is useful for DHCP, too. :)
Alan DeKok.
More information about the Freeradius-Users
mailing list