Respond to DHCP Lease Query requests using rlm_cache

Бен Томпсон b.thompson at latera.ru
Mon Aug 31 08:48:19 CEST 2015


Hi Alan

Many thanks for the patches. It seems to generally work, although I noticed
that in Tshark/Wireshark is not displaying the client MAC address in the
reply. I also noticed that FreeRADIUS is not displaying the
DHCP-Relay-Remote-Id option in the debug:

FreeRADIUS debug output:
##########################
Encoding DHCP-Lease-Active of id 7474793f from 10.200.0.1:67 to
10.211.0.1:67
        DHCP-Opcode = Server-Message
        DHCP-Hardware-Type = 0
        DHCP-Hardware-Address-Length = 0
        DHCP-Hop-Count = 0
        DHCP-Transaction-Id = 1953790271
        DHCP-Number-of-Seconds = 0
        DHCP-Flags = 0
        DHCP-Client-IP-Address = 10.211.0.2
        DHCP-Your-IP-Address = 0.0.0.0
        DHCP-Server-IP-Address = 0.0.0.0
        DHCP-Gateway-IP-Address = 10.211.0.1
        DHCP-Client-Hardware-Address = 4c:00:10:74:94:7e   <--- MAC address
here
        DHCP-Server-Host-Name = ""
        DHCP-Boot-Filename = ""
        DHCP-IP-Address-Lease-Time := 300
        DHCP-Relay-Circuit-Id := 0x00000012                        <--- No
Remote ID here
DHCP Sending 300 bytes
0: 02 00 00 00 74 74 79 3f 00 00 00 00 0a d3 00 02
16: 00 00 00 00 00 00 00 00 0a d3 00 01 4c 00 10 74   <-- MAC address here
32: 94 7e 00 00 00 00 00 00 00 00 00 00 00 00 00 00
48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
64: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
112: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
128: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
144: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
176: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
192: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
208: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
224: 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63
240: 35 01 0d 33 04 00 00 01 2c 52 0e 01 04 00 00 00
256: 12 02 06 00 26 24 95 bc be ff 00 00 00 00 00 00      <--- Remote ID
here (00262495bcbe)
272: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
288: 00 00 00 00 00 00 00 00 00 00 00 00
##########################

Tshark capture output:
##########################
Bootstrap Protocol
    Message type: Boot Reply (2)
    Hardware type: NET/ROM pseudo
    Hardware address length: 0
    Hops: 0
    Transaction ID: 0x7474793f
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
        0... .... .... .... = Broadcast flag: Unicast
        .000 0000 0000 0000 = Reserved flags: 0x0000
    Client IP address: 10.211.0.2 (10.211.0.2)
    Your (client) IP address: 0.0.0.0 (0.0.0.0)
    Next server IP address: 0.0.0.0 (0.0.0.0)
    Relay agent IP address: 10.211.0.1 (10.211.0.1)
    Client address not given                                        <----
No MAC address here
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type
        Length: 1
        DHCP: Lease Active (13)
    Option: (51) IP Address Lease Time
        Length: 4
        IP Address Lease Time: (300s) 5 minutes
    Option: (82) Agent Information Option
        Length: 14
        Option 82 Suboption: (1) Agent Circuit ID
            Length: 4
            Agent Circuit ID: 00000012
        Option 82 Suboption: (2) Agent Remote ID
            Length: 6
            Agent Remote ID: 00262495bcbe                      <---- Remote
ID here
    Option: (255) End
        Option End: 255
    Padding

0000  00 13 11 e9 c6 36 00 0c 29 bc 73 a9 08 00 45 00   .....6..).s...E.
0010  01 48 94 2b 00 00 40 11 cf dd 0a c8 00 01 0a d3   .H.+.. at .........
0020  00 01 00 43 00 43 01 34 16 e2 02 00 00 00 74 74   ...C.C.4......tt
0030  79 3f 00 00 00 00 0a d3 00 02 00 00 00 00 00 00   y?..............
0040  00 00 0a d3 00 01 4c 00 10 74 94 7e 00 00 00 00
......L..t.~....       <---- MAC address here
0050  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0070  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0080  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0090  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00a0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00b0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00c0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00d0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00e0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00f0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0100  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0110  00 00 00 00 00 00 63 82 53 63 35 01 0d 33 04 00   ......c.Sc5..3..
0120  00 01 2c 52 0e 01 04 00 00 00 12 02 06 00 26 24   ..,R..........&$
0130  95 bc be ff 00 00 00 00 00 00 00 00 00 00 00 00
................             <---- Remote ID here
0140  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0150  00 00 00 00 00 00                                 ......

##########################

Thanks

Ben


On 30 August 2015 at 19:22, Alan DeKok <aland at deployingradius.com> wrote:

> On Aug 30, 2015, at 11:14 AM, Arran Cudbard-Bell <
> a.cudbardb at freeradius.org> wrote:
> >> I've pushed changes to the v3.0.x
> >
> > and v3.1.x?
>
>   Once I clean up my v3.1.x branch.
>
> >> I think that should now work.
> >
> > Neat.
>
>   After testing (and a few more patches), it works.
>
> > I'll add a Pool-Action Status to the new rlm_redis_ippool (which will
> become the new rlm_ippool), then we can abstract getting the lease
> information back.
>
>   Nice.
>
>   The DHCP lease query allows querying by MAC, client IP, or by client
> identifier.  Which one is being used in the packet?  <laughs>  You've got
> to look for the non-empty field, and use that.  What if there are two
> non-empty fields?  The DHCP people laugh at you... that's not supposed to
> happen, so we'll ignore it!
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


More information about the Freeradius-Users mailing list