Respond to DHCP Lease Query requests using rlm_cache

Бен Томпсон b.thompson at latera.ru
Thu Aug 27 20:40:08 CEST 2015


Hi Everyone

I have configured FreeRADIUS to as a DHCP server which offers IP addresses
based on the option 82 values added by a DHCP relay. In cases where the
client sends a unicast renew request bypassing the relay, the option 82
values are queried from an instance of rlm_cache which have configured to
keep a record of leases. (This replicates the option 82 "Stash"
functionality in ISC DHCP Server). A bit of unlang is involved to check
that the lease is valid and take care of clearing out the cache, but it is
all fairly simple.

The aformentioned server is working well, but I would also like it to be
able to respond to Lease Query requests, and wondered if it would be
possible to make it work in a similar way using rlm_cache. I would envisage
that configuration might look something like this:

dhcp DHCP-Lease-Query {
        # look in the cache to see if there is an active lease
        cache

        # check to see if we know about this IP
        ...some unlang lookup the IP from our usual auth source/DB

        ...
        ... some unlang to figure out if the lease(s) are valid, etc.
        ...

        # work out which type of reply packet is requred and add the
relevant options
        if (result of above says lease is active) {
                update reply {
                        DHCP-Message-Type := DHCP-Lease-Active
                        ... add some other stuff to the reply...
                }
        }
        elsif (result of above says lease is unassigned) {
                update reply {
                        DHCP-Message-Type := DHCP-Lease-Unassigned
                        ... add some other stuff to the reply...
                }
        }
        elsif (result of above says lease is unknown) {
                update reply {
                        DHCP-Message-Type := DHCP-Lease-Unknown
                        ... add some other stuff to the reply...
                }
        }
}

I am guessing that the source code would need to be modified, and if so, it
may be too much for me as I am not a skilled C programmer. I would be able
to test it however.

If it is possible without editing the code I would be grateful to find out
how.

Thanks

Ben


More information about the Freeradius-Users mailing list