FreeRADIUS sends proxy packets out the proper interface, but with the wrong source IP (simple udpfromto problem?)
Alan DeKok
aland at deployingradius.com
Wed Oct 19 08:02:09 CEST 2011
Adam Bultman wrote:
> Problem: The detail reader, when sending the accounting packets, sends
> them out the *correct* interface, but with the *wrong* source IP
> address. (It will send out eth2, but have the source IP of eth0.)
You're running Linux, right? And both interfaces are on the same network?
It's a Linux bug. The Linux people think it isn't a bug, so it hasn't
been fixed for 10+ years.
As a hint, FreeRADIUS uses the standard socket calls to send/recv
packets. There's no magic "send packets out the wrong interface" code
in it. All of the routing is handled by the kernel. So... blame the
kernel for routng problems.
> I
> proxy to other hosts as well, so I cannot simply force a single proxy ip
> address, since that will break other things. (As far as I can tell.) All
> my routing is good, no firewalls are in the way, etc.
You can set "src_ipaddr" for each home server. See raddb/proxy.conf.
This is documented.
> The mailing list shows some results, but not quite what I'm looking for.
> Is my problem a simple lack of 'udpfromto'?
No.
Alan DeKok.
More information about the Freeradius-Users
mailing list