how to add two ip pool

Fajar A. Nugraha list at fajar.net
Thu Sep 13 14:39:32 CEST 2012


On Thu, Sep 13, 2012 at 7:25 PM, ranjan kumar <ranjankumar077 at gmail.com> wrote:
> Hi All,
>
> I am trying to add two default entries in users file for two ip pool.

Why?

Most likely you're trying to solve a problem the wrong way.

What EXACTLY do you want to do? Allocate IPs from two range of
noncontiguous IP address? or what?

> can it is possible to add two entries of default in users file ? If yes then

Yes, as long as they don't conflict each other.

> Please help me its very critical.

(sigh)

No, it's not.

If it's THAT critical, you would've either:

(1) get support from someone who knows what they're doing, or
(2) learn how to do it yourself, and ONLY implement what you've tested

You've done neither, so IMO it's not critical enough for you.


>
> I have configured two ippool which looks like:
> ===================================================================
> In Users file:
>
> DEFAULT Auth-Type := aag, Service-Type == Framed-User, Framed-Protocol == 7,
> Pool-Name := myippool

> DEFAULT Auth-Type := aag, Service-Type == Framed-User, Framed-Protocol == 7,
> Pool-Name := my_sec_ippool

I'm pretty sure that roughly means the second entry would never be
used. Did you read the docs (e.g. "man 5 users")?

Especially, look for "Fall-Through" and "operators".


> In radiusd.conf
>
> ippool myippool {

>                  session-db = ${raddbdir}/db.ippool
>                  ip-index = ${raddbdir}/db.ipindex

> ippool my_sec_ippool {

>                  session-db = ${raddbdir}/db.ippool1
>                  ip-index = ${raddbdir}/db.ipindex1

Did you read my earlier reply?

> When i am executing ./radiusd -X always getting IPs for only one ggsn.

At this point I usually ask "and the full output of debug log is ....?",

... but in this case it'd probably be useless since it looks like
you're trying to solve your problems the wrong way.

Again, What EXACTLY do you want to do?

>
> Please help me its very critical.

No, it's not. And saying it over and over again won't get you faster
response. Instead, it will only annoy others, and discourage them from
trying to help you.

-- 
Fajar


More information about the Freeradius-Users mailing list