freeradius2 Proxy fail-over issues

[Emmett Culley]

Alan DeKok wrote:
> Emmett Culley wrote:
>>> It's not a bug. Hostname lookups are disabled by default in radiusd.conf.
>>> Along with explanation why enabling it is a bad idea.
> ...
>> Ah, I didn't occur to me that host name look ups off would prevent the
>> server from looking up hosts defined in the configuration files.  Well,
>> now I know.
> 
>   No... if you give it a hostname in the config files, it always looks
> it up to find the IP.  That configuration controls whether or not it
> *prints* hostnames.
> 
>   i.e. If it sees an IP address in a RADIUS packet, the default is to
> print it as an IP address.  If you turn hostname lookups on, it will try
> to look up that IP to find a host name.
> 
>   Alan DeKok.
> -

As I at first assumed...So, this is a bug after all.  If I put ipaddr = localhost in a home_server definition I get the failed authentication I described in my first note.  You can see in proxy.conf configuration lines I included, where ipaddr is set to localhost for all four home_server definitions.

As soon as I changed the ipaddr parameter in all four home_server definitions, and reset the server, I was able to properly authenticate.  Nothing else was changed.

I'll write a bug report on the freeradius.org site.

BTW,  I found a similar issue in the radius client library.  Using a host name in the configuration file causes a crash.  I need to report that as well.  I've run it in a debugger and can tell you where it fails.

Emmett