DHCP code in 2.0.4+
Arran Cudbard-Bell
a.cudbard-bell at sussex.ac.uk
Sun Jun 7 18:26:04 CEST 2009
Fajar A. Nugraha wrote:
> On Sun, Jun 7, 2009 at 8:09 PM, Arran
> Cudbard-Bell<a.cudbard-bell at sussex.ac.uk> wrote:
>
>> Karl Auer wrote:
>>
>>> On Sun, 2009-06-07 at 12:22 +0100, Alexander Clouter wrote:
>>>
>>>
>>>> I have been using DHCP with a LDAP patch that is getting harder and
>>>> harder to maintain. FreeRADIUS can pretty much do the same, I get to
>>>> keep my LDAP policy schema stuff (and write a unlang glue to use it) and
>>>> you get proper DHCP load-balancing/failover.
>>>>
>>>>
>>> DHCP failover and load-balancing are not simple *at all*.
>>>
>>>
>> They're trivial once you're storing leases in a transactional database.
>>
>
> Can freeradius also detect "rogue" clients which uses static IP
> address? If yes, this could be THE dhcp server I'm looking for.
>
It'd be possible to implement this functionality with the policy
language... yes. But it won't do it out of the box.
You'd send an ARP-Request for the IP you were allocating, and if you get
a response then you'd log it. You can use the exec module to achieve
such functionality, or link it in with python/perl.
> Last I check ISC's DHCP tries ping first, but newer Windows (with icmp
> echo disabled by default) makes it somewhat less useful.
>
>
I think ARP-Requests would work better than pings in this case; as
almost all client side firewalls will allow them to pass.
Thanks,
Arran
Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 257 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090607/73441331/attachment.pgp>
More information about the Freeradius-Users
mailing list