Freeradius+CMTS

Suporte2 - TVC Tubarão suporte2 at tvc.tv.br
Mon Feb 22 18:24:08 CET 2016 

Also I am trying to implement the freeradius DHCP with a cable modem
network. What could so far has been listening to port 67, receive the
request of the CMTS have the SQL query and return to the CMTS. Log in to
CMTS in dhcp(d), but in freeradius debug appear as sent to the CMTS. Someone
who has gone through this problem you can help me?

 

I believe that all routing settings are made. I'm getting the requisiçãoe as
debug Freeradius is sending. For testing, before putting on the network, I
am using a BSR2000.

In debug freeradius
Received DHCP-Discover of id 072b475c from 10.250.0.1:68 to 172.18.1.54:67
DHCP-Opcode = Client-Message
DHCP-Hardware-Type = Ethernet
DHCP-Hardware-Address-Length = 6
DHCP-Hop-Count = 1
DHCP-Transaction-Id = 120276828
DHCP-Number-of-Seconds = 0
DHCP-Flags = Broadcast
DHCP-Client-IP-Address = 0.0.0.0
DHCP-Your-IP-Address = 0.0.0.0
DHCP-Server-IP-Address = 0.0.0.0
DHCP-Gateway-IP-Address = 10.250.0.1
DHCP-Client-Hardware-Address = 00:21:43:27:31:5e
DHCP-Message-Type += DHCP-Discover
DHCP-DHCP-Maximum-Msg-Size += 600
DHCP-Vendor-Class-Identifier +=
"docsis2.0:053501010102010203010104010105010106010107010f0801100901000a01010
b01180c01010d0200700e0200100f0101100400000004"
DHCP-Parameter-Request-List += DHCP-TFTP-Server-Name
DHCP-Parameter-Request-List += DHCP-Boot-File-Name
DHCP-Parameter-Request-List += DHCP-Subnet-Mask
DHCP-Parameter-Request-List += DHCP-Router-Address
DHCP-Parameter-Request-List += DHCP-Time-Offset
DHCP-Parameter-Request-List += DHCP-Time-Server
DHCP-Parameter-Request-List += DHCP-Log-Server
DHCP-Parameter-Request-List += DHCP-CCC
DHCP-Client-Identifier += 00:21:43:27:31:5e
DHCP-Vendor +=
0x020345434d030845434d3a454d54410503312e30061e534256353132312d5349502d312e30
2e372d53434d2d30352d53485043200703382e3508063030323034300907534256353132310a
144d6f746f726f6c6120436f72706f726174696f6e0418313538333630383134373035303935
343031303131303238
DHCP-Relay-Remote-Id = 0x00214327315e
server dhcp {
Trying sub-section dhcp DHCP-Discover {...}
+group DHCP-Discover {
++update reply {
++} # update reply = noop
++update reply {
expand: %{Packet-Dst-IP-Address} -> 172.18.1.54
++} # update reply = noop
[sql] expand: %{DHCP-Client-Hardware-Address} -> 00:21:43:27:31:5e
[sql] sql_set_user escaped user --> '00:21:43:27:31:5e'
rlm_sql (sql): Reserving sql socket id: 25
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE
username = '%{SQL-User-Name}' ORDER BY id; -> SELECT id, username,
attribute, value, op FROM radcheck WHERE username = '00:21:43:27:31:5e'
ORDER BY id;
rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '00:21:43:27:31:5e' ORDER BY id;
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE
username = '%{SQL-User-Name}' ORDER BY id; -> SELECT id, username,
attribute, value, op FROM radreply WHERE username = '00:21:43:27:31:5e'
ORDER BY id;
rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM
radreply WHERE username = '00:21:43:27:31:5e' ORDER BY id;
[sql] expand: SELECT groupname FROM radusergroup WHERE username =
'%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup
WHERE username = '00:21:43:27:31:5e' ORDER BY priority
rlm_sql_mysql: query: SELECT groupname FROM radusergroup WHERE username =
'00:21:43:27:31:5e' ORDER BY priority
rlm_sql (sql): Released sql socket id: 25
++[sql.authorize] = ok
++policy dhcp_sqlippool.post-auth {
+++update request {
expand: DHCP-%{DHCP-Client-Hardware-Address} -> DHCP-00:21:43:27:31:5e
expand: %{DHCP-Client-Hardware-Address} -> 00:21:43:27:31:5e
expand: %{DHCP-Gateway-IP-Address} -> 10.250.0.1
expand: %{%{DHCP-Gateway-IP-Address}:-127.0.0.1} -> 10.250.0.1
+++} # update request = noop
[sqlippool] No Pool-Name defined.
[sqlippool] expand: No Pool-Name defined (did %{Called-Station-Id} cli
%{Calling-Station-Id} port %{NAS-Port} user %{User-Name}) -> No Pool-Name
defined (did cli 00:21:43:27:31:5e port user DHCP-00:21:43:27:31:5e)
No Pool-Name defined (did cli 00:21:43:27:31:5e port user
DHCP-00:21:43:27:31:5e)
+++[sqlippool] = noop
+++? if (ok)
? Evaluating (ok) -> FALSE
+++? if (ok) -> FALSE
++} # policy dhcp_sqlippool.post-auth = noop
++[ok] = ok
+} # group DHCP-Discover = ok
DHCP: Reply will be unicast to giaddr from original packet
} # server dhcp
DHCP-Opcode = Server-Message
DHCP-Hardware-Type = Ethernet
DHCP-Hardware-Address-Length = 6
DHCP-Hop-Count = 1
DHCP-Transaction-Id = 120276828
DHCP-Number-of-Seconds = 0
DHCP-Flags = Broadcast
DHCP-Client-IP-Address = 10.250.0.100
DHCP-Your-IP-Address = 10.250.0.101
DHCP-Server-IP-Address = 172.18.1.54
DHCP-Gateway-IP-Address = 10.250.0.1
DHCP-Client-Hardware-Address = 00:21:43:27:31:5e
DHCP-Server-Host-Name = ""
DHCP-Boot-Filename = "cm_mta_5121_10m.bin"
DHCP-Subnet-Mask = 255.255.255.0
DHCP-Time-Offset = 4294956496
DHCP-Router-Address = 10.250.0.1
DHCP-Time-Server = 172.18.1.3
DHCP-Domain-Name-Server = 177.125.104.15
DHCP-Log-Server = 172.18.1.3
DHCP-IP-Address-Lease-Time = 7200
DHCP-DHCP-Server-Identifier = 172.18.1.54
DHCP-DHCP-Server-Identifier = 172.18.1.54
DHCP-DHCP-Maximum-Msg-Size = 600
DHCP-TFTP-Server-Name = "172.18.1.3"
DHCP-CCC = 0x3137322e31382e312e35
Sending DHCP-Offer of id 072b475c from 172.18.1.54:67 to 10.250.0.1:68
Finished request 5.
Cleaning up request 5 ID 120276828 with timestamp +193
Going to the next request
Ready to process requests.

IN CMTS
show cable modem
Interface Prim Connect Timing Rec Ip Address Mac Address
Sid State Offset Power
Cable 0/0/D0/U0/C0 0 offline 0 0.0.0.0 0024.a081.b618
Cable 0/0/D0/U0/C0 2011 dhcp(d) 1435 -.2 0.0.0.0 0021.4327.315e

I can run the 'ping' command BSR2K to the DHCP server and the DHCP server to
BSR2K. The 'ip-helper-address' parameter is set to my DHCP server. I see the
logs that the DHCP request comes to the server, the server handles this
request and delivery to the CMTS (BSR2K). I believe that the CMTS is not
delivering the IP to the CM. Has anyone used the Freeradius DHCP server? Can
pass the parameters in the configuration file Freeradius?
I appreciate any help!

 



---
Este email foi escaneado pelo Avast antivírus.
https://www.avast.com/antivirus

More information about the Freeradius-Users mailing list