Petre Bandac wrote:
pool ip's are allocated correctly, but after the lease-duration is reached, they are deleted from the radippool table.
That's how IP pools work.
This causes the ip to be once again assigned to another user, who in turn requires a new login, since this ip won't work
Umm... *why* won't it work? You should really figure that out.
I have tried to enforce a "keep-alive" with acct-interim, but it doesn't work, the ip's are deleted from radippool when the lease time is up ?
how can I prevent this ?
You can't. IP's are no longer valid when the lease time is up.
root@core-router:/etc/freeradius# radtest -x petreb petreb localhost 1980 radiuspass Sending Access-Request of id 7 to 127.0.0.1 port 1812 User-Name = "petreb" User-Password = "petreb" NAS-IP-Address = 1.1.1.1 NAS-Port = 1980 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=7, length=38 Acct-Interim-Interval = 120 Session-Timeout = 1195235 Framed-IP-Address = 1.1.1.2
You'll note the Session-Timeout. When IP's are assigned through RADIUS, they get sent to the NAS. The NAS is then responsible for enforcing session expiry. And when the session expires, so does the IP. If the NAS allows the IP to still be used after session expiry, then the NAS is wrong and broken. It needs to be thrown in the garbage, and replaced with a NAS that works. No amount of poking FreeRADIUS will fix a broken NAS. Alan DeKok.