Freeradius DHCP IP pool and not correct port for DHCP reply - Re: Freeradius-Users Digest, Vol 108, Issue 6
Rui Ribeiro
ruyrybeyro at gmail.com
Wed Apr 2 07:07:32 CEST 2014
Hi,
1) Could it be some problem with internal firewall, AppArmor or SELinux?
2) How you are doing the relay? I was auditing our relay with our Cisco
Firewall recently and found some nasty side effects due to some lack of
understanding of the relay process when configuring the firewall.
3) This packet trace is not evidently the first requests, but a renewal?
Regards,
Rui Ribeiro
> Message: 4
> Date: Tue, 01 Apr 2014 14:32:52 -0400
> From: Alan DeKok <aland at deployingradius.com>
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Subject: Re: Freeradius DHCP IP pool and not correct port for DHCP
> reply
> Message-ID: <533B0654.8060306 at deployingradius.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Thomas Bru wrote:
> > On the Bug fixes list , I see the problem was solved using Freeradius
> 3.0.4 (http://freeradius.org/version3.html, Use correct port when DHCP
> relaying, )
> > So I reinstall the Freeradius 3.0.4 on my server but the problem is
> still present and my server dropped the packets.
> >
> > 17:42:23.875867 IP 10.239.0.2.55175 > 10.225.2.8.67: BOOTP/DHCP, Request
> from c9:31:cf:d8:af:ec, length 308
> > 17:42:23.932246 IP 10.225.2.8.67 > 10.239.0.2.67: BOOTP/DHCP, Reply,
> length 300
> >
> > AS you can see, the request packet from 10.239.0.2 with source port
> 55175 but will go back to 10.239.0.2 BUT with 67 port.
>
> The correct destination port for DHCP relay packets is 67.
>
> What exactly do you think the problem is?
>
> Alan DeKok.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/mailman/private/freeradius-users/attachments/20140402/6d8654f2/attachment.html>
More information about the Freeradius-Users
mailing list