Freeradius DHCP problem

Csőke János csovike10 at hotmail.com
Sat Nov 30 22:27:28 CET 2013


Hi Everybody!

I would like to use Freeradius as a DHCP server, but it's not working.

I'm seen this in debug mode:
=======================================================================
Received DHCP-Discover of id c38d6dab from 0.0.0.0:68 to 255.255.255.255:67
        DHCP-Opcode = Client-Message
        DHCP-Hardware-Type = Ethernet
        DHCP-Hardware-Address-Length = 6
        DHCP-Hop-Count = 0
        DHCP-Transaction-Id = 3280825771
        DHCP-Number-of-Seconds = 7424
        DHCP-Flags = Broadcast
        DHCP-Client-IP-Address = 0.0.0.0
        DHCP-Your-IP-Address = 0.0.0.0
        DHCP-Server-IP-Address = 0.0.0.0
        DHCP-Gateway-IP-Address = 0.0.0.0
        DHCP-Client-Hardware-Address = 14:da:e9:bf:1c:da
        DHCP-Message-Type += DHCP-Discover
        DHCP-Client-Identifier += 14:da:e9:bf:1c:da
        DHCP-Hostname += "csovike10pc"
        DHCP-Vendor-Class-Identifier += "MSFT 5.0"
        DHCP-Parameter-Request-List += DHCP-Subnet-Mask
        DHCP-Parameter-Request-List += DHCP-Domain-Name
        DHCP-Parameter-Request-List += DHCP-Router-Address
        DHCP-Parameter-Request-List += DHCP-Domain-Name-Server
        DHCP-Parameter-Request-List += DHCP-NETBIOS-Name-Servers
        DHCP-Parameter-Request-List += DHCP-NETBIOS-Node-Type
        DHCP-Parameter-Request-List += DHCP-NETBIOS
        DHCP-Parameter-Request-List += DHCP-Perform-Router-Discovery
        DHCP-Parameter-Request-List += DHCP-Static-Routes
        DHCP-Parameter-Request-List += DHCP-Classless-Static-Route
        DHCP-Parameter-Request-List += 249
        DHCP-Parameter-Request-List += DHCP-Vendor
server dhcp {
Trying sub-section dhcp DHCP-Discover {...}
+group DHCP-Discover {
++update reply {
++} # update reply = noop
++update reply {
sql_xlat
        expand: %{User-Name} ->
sql_set_user escaped user --> ''
        expand: SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask' -> SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'
rlm_sql (sql): Reserving sql socket id: 9
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 9
        expand: %{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'} -> 255.255.255.0
sql_xlat
        expand: %{User-Name} ->
sql_set_user escaped user --> ''
        expand: SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address' -> SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'
rlm_sql (sql): Reserving sql socket id: 8
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 8
        expand: %{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'} -> 152.66.235.254
sql_xlat
        expand: %{User-Name} ->
sql_set_user escaped user --> ''
        expand: SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name' -> SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'
rlm_sql (sql): Reserving sql socket id: 7
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 7
        expand: %{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'} -> teteny.bme.hu
sql_xlat
        expand: %{User-Name} ->
sql_set_user escaped user --> ''
        expand: SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) -> SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)
rlm_sql (sql): Reserving sql socket id: 6
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 6
        expand: %{sql:SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)} -> csovike10pc
sql_xlat
        expand: %{User-Name} ->
sql_set_user escaped user --> ''
        expand: SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) -> SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)
rlm_sql (sql): Reserving sql socket id: 5
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 5
        expand: %{sql:SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)} -> 152.66.235.32
++} # update reply = noop
++[ok] = ok
+} # group DHCP-Discover = ok
DHCP: Reply will be broadcast
} # server dhcp
Encoding DHCP-Offer of id c38d6dab from 10.42.128.0:67 to 255.255.255.255:68
        DHCP-Opcode = Server-Message
        DHCP-Hardware-Type = Ethernet
        DHCP-Hardware-Address-Length = 6
        DHCP-Hop-Count = 0
        DHCP-Transaction-Id = 3280825771
        DHCP-Number-of-Seconds = 0
        DHCP-Flags = Broadcast
        DHCP-Client-IP-Address = 0.0.0.0
        DHCP-Your-IP-Address = 152.66.235.32
        DHCP-Server-IP-Address = 10.42.128.0
        DHCP-Gateway-IP-Address = 0.0.0.0
        DHCP-Client-Hardware-Address = 14:da:e9:bf:1c:da
        DHCP-Server-Host-Name = ""
        DHCP-Boot-Filename = ""
        DHCP-Subnet-Mask = 255.255.255.0
        DHCP-Router-Address = 152.66.235.254
        DHCP-Domain-Name-Server = 10.42.128.0
        DHCP-Domain-Name-Server = 10.42.128.2
        DHCP-Hostname = "csovike10pc"
        DHCP-Domain-Name = "teteny.bme.hu"
        DHCP-Interface-MTU-Size = 1400
        DHCP-NTP-Servers = 10.42.128.0
        DHCP-NETBIOS-Name-Servers = 10.42.128.15
        DHCP-IP-Address-Lease-Time = 14400
        DHCP-DHCP-Server-Identifier = 10.42.128.0
        DHCP-Renewal-Time = 7200
        DHCP-Rebinding-Time = 12600
Sending DHCP-Offer of id c38d6dab from 10.42.128.0:67 to 255.255.255.255:68
Finished request 2.
Cleaning up request 2 ID -1014141525 with timestamp +35
Going to the next request
Ready to process requests.
=======================================================================

It's great, because all sql query run succesful, found my client's IP address and sent correct DHCP-Offer message. But the DHCP request failed in my Windows 7 client.

My dhcp configuration file:
=======================================================================
server dhcp {

listen {
broadcast = yes
ipaddr = 255.255.255.255
port = 67
interface = eth0.42
type = dhcp
}

dhcp DHCP-Discover {
update reply {
      DHCP-Message-Type = DHCP-Offer
}

update reply {
DHCP-Domain-Name-Server = 10.42.128.0
DHCP-Domain-Name-Server = 10.42.128.2
DHCP-Subnet-Mask = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'}"
DHCP-Router-Address = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'}"
DHCP-Domain-Name = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'}"
DHCP-IP-Address-Lease-Time = 14400
DHCP-Renewal-Time = 7200
DHCP-Rebinding-Time = 12600
DHCP-Hardware-Type = Ethernet
DHCP-DHCP-Server-Identifier = 10.42.128.0
DHCP-Interface-MTU-Size = 1400
DHCP-NETBIOS-Name-Servers = 10.42.128.15
DHCP-NTP-Servers = 10.42.128.0
DHCP-Hostname = "%{sql:SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
DHCP-Your-IP-Address = "%{sql:SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
}

ok
}

dhcp DHCP-Request {
update reply {
      DHCP-Message-Type = DHCP-Ack
}

update reply {
DHCP-Domain-Name-Server = 10.42.128.0
DHCP-Domain-Name-Server = 10.42.128.2
DHCP-Subnet-Mask = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'}"
DHCP-Router-Address = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'}"
DHCP-Domain-Name = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'}"
DHCP-IP-Address-Lease-Time = 14400
DHCP-Renewal-Time = 7200
DHCP-Rebinding-Time = 12600
DHCP-Hardware-Type = Ethernet
DHCP-DHCP-Server-Identifier = 10.42.128.0
DHCP-Interface-MTU-Size = 1400
DHCP-NETBIOS-Name-Servers = 10.42.128.15
DHCP-NTP-Servers = 10.42.128.0
DHCP-Hostname = "%{sql:SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
DHCP-Your-IP-Address = "%{sql:SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
}

ok
}

#  If there's no named section for the packet type, then the packet
#  is processed through this section.
dhcp {
# send a DHCP NAK.
reject
}


}
=======================================================================

Freeradius version:
freeradius: FreeRADIUS Version 2.2.3 (git #077a373), for host x86_64-pc-linux-gnu, built on Nov 25 2013 at 09:17:09
=======================================================================

Operating System:
Debian 7
=======================================================================

Can you help me?

Thanks,
János 		 	   		  


More information about the Freeradius-Users mailing list