error after updating to freeradius 2.0.1
Hi After i found out today that Freeradius 2.0.1 was out i updated my old 1.1.7 release and installed this version. Problem is, that it won't start. I keep getting: ERROR: Failed to open socket: /etc/freeradius/radiusd.conf[182]: Error binding to port for 0.0.0.0 port 1812 All 1.1.x versions have run smoothly on my Ubuntu server, this is the first time I get this problem. Does anyone know how to fix this? Thanks in advance! Joep Ruiter
Joep Ruiter wrote:
ERROR: Failed to open socket: /etc/freeradius/radiusd.conf[182]: Error binding to port for 0.0.0.0 port 1812
This is likely due to the system having IPv6 support. Version 2.0 adds IPv6, and there are issues with binding to IPv4 and IPv6 sockets.
All 1.1.x versions have run smoothly on my Ubuntu server, this is the first time I get this problem. Does anyone know how to fix this?
Check that nothing is listening on port 1812, even for IPv6. Also try posting the full debug log. Maybe there's another "listen" section which is conflicting with the 0.0.0.0:1812. Alan DeKok.
Check that nothing is listening on port 1812, even for IPv6.
Nothing listening except for ssh.
Also try posting the full debug log. Maybe there's another "listen" section which is conflicting with the 0.0.0.0:1812.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This is the full log: FreeRADIUS Version 2.0.1, for host i486-pc-linux-gnu, built on Feb 10 2008 at 19:29:19 Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License. Starting - reading configuration files ... including configuration file /etc/freeradius/radiusd.conf including configuration file /etc/freeradius/proxy.conf including configuration file /etc/freeradius/clients.conf including configuration file /etc/freeradius/snmp.conf including configuration file /etc/freeradius/eap.conf including configuration file /etc/freeradius/sql.conf including configuration file /etc/freeradius/sql/mysql/dialup.conf including configuration file /etc/freeradius/sql/mysql/counter.conf including configuration file /etc/freeradius/policy.conf including files in directory /etc/freeradius/sites-enabled/ including configuration file /etc/freeradius/sites-enabled/default including dictionary file /etc/freeradius/dictionary main { prefix = "/usr" localstatedir = "/var" logdir = "/var/log/freeradius" libdir = "/usr/lib/freeradius" radacctdir = "/var/log/freeradius/radacct" hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 allow_core_dumps = no pidfile = "/var/run/freeradius/freeradius.pid" user = "freerad" group = "freerad" checkrad = "/usr/sbin/checkrad" debug_level = 0 proxy_requests = yes security { max_attributes = 200 reject_delay = 1 status_server = yes } } client localhost { ipaddr = 127.0.0.1 require_message_authenticator = no secret = "insert-pass-here" nastype = "other" } client 192.168.0.1 { require_message_authenticator = no secret = "secret" shortname = "test" } radiusd: #### Loading Realms and Home Servers #### proxy server { retry_delay = 5 retry_count = 3 default_fallback = no dead_time = 120 wake_all_if_all_dead = no } realm LOCAL { } radiusd: #### Instantiating modules #### instantiate { Module: Linked to module rlm_exec Module: Instantiating exec exec { wait = yes input_pairs = "request" shell_escape = yes } Module: Linked to module rlm_expr Module: Instantiating expr Module: Linked to module rlm_expiration Module: Instantiating expiration expiration { reply-message = "Password Has Expired " } Module: Linked to module rlm_logintime Module: Instantiating logintime logintime { reply-message = "You are calling outside your allowed timespan " minimum-timeout = 60 } } radiusd: #### Loading Virtual Servers #### server { modules { Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_pap Module: Instantiating pap pap { encryption_scheme = "auto" auto_header = no } Module: Linked to module rlm_chap Module: Instantiating chap Module: Linked to module rlm_mschap Module: Instantiating mschap mschap { use_mppe = yes require_encryption = no require_strong = no with_ntdomain_hack = no } Module: Linked to module rlm_unix Module: Instantiating unix unix { radwtmp = "/var/log/freeradius/radwtmp" } Module: Linked to module rlm_eap Module: Instantiating eap eap { default_eap_type = "ttls" timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no } Module: Linked to sub-module rlm_eap_md5 Module: Instantiating eap-md5 Module: Linked to sub-module rlm_eap_leap Module: Instantiating eap-leap Module: Linked to sub-module rlm_eap_gtc Module: Instantiating eap-gtc gtc { challenge = "Password: " auth_type = "PAP" } Module: Linked to sub-module rlm_eap_tls Module: Instantiating eap-tls tls { rsa_key_exchange = no dh_key_exchange = yes rsa_key_length = 512 dh_key_length = 512 verify_depth = 0 pem_file_type = yes private_key_file = "path here" certificate_file = "path here" CA_file = "/path herem" private_key_password = "secret" dh_file = "/etc/freeradius/certs/dh" random_file = "/etc/freeradius/certs/random" fragment_size = 1024 include_length = yes check_crl = no cipher_list = "DEFAULT" make_cert_command = "/etc/freeradius/certs/bootstrap" } Module: Linked to sub-module rlm_eap_ttls Module: Instantiating eap-ttls ttls { default_eap_type = "gtc" copy_request_to_tunnel = no use_tunneled_reply = no } Module: Linked to sub-module rlm_eap_peap Module: Instantiating eap-peap peap { default_eap_type = "mschapv2" copy_request_to_tunnel = no use_tunneled_reply = no proxy_tunneled_request_as_eap = yes } Module: Linked to sub-module rlm_eap_mschapv2 Module: Instantiating eap-mschapv2 mschapv2 { with_ntdomain_hack = no } Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: Instantiating preprocess preprocess { huntgroups = "/etc/freeradius/huntgroups" hints = "/etc/freeradius/hints" with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no with_alvarion_vsa_hack = no } Module: Linked to module rlm_realm Module: Instantiating suffix realm suffix { format = "suffix" delimiter = "@" ignore_default = no ignore_null = no } Module: Linked to module rlm_files Module: Instantiating files files { usersfile = "/etc/freeradius/users" acctusersfile = "/etc/freeradius/acct_users" preproxy_usersfile = "/etc/freeradius/preproxy_users" compat = "no" } Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating acct_unique acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" } Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_detail Module: Instantiating detail detail { detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Linked to module rlm_radutmp Module: Instantiating radutmp radutmp { filename = "/var/log/freeradius/radutmp" username = "%{User-Name}" case_sensitive = yes check_with_nas = yes perm = 384 callerid = yes } Module: Linked to module rlm_attr_filter Module: Instantiating attr_filter.accounting_response attr_filter attr_filter.accounting_response { attrsfile = "/etc/freeradius/attrs.accounting_response" key = "%{User-Name}" } Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Instantiating attr_filter.access_reject attr_filter attr_filter.access_reject { attrsfile = "/etc/freeradius/attrs.access_reject" key = "%{User-Name}" } } } radiusd: #### Opening IP addresses and Ports #### listen { type = "auth" ipaddr = * port = 0 ERROR: Failed to open socket: /etc/freeradius/radiusd.conf[182]: Error binding to port for 0.0.0.0 port 1812 Thanks for the help :) Joep Ruiter
Check that nothing is listening on port 1812, even for IPv6.
Nothing listening except for ssh.
Since ssh is TCP, you know that radius is UDP and you need to check with "netstat -ulnp"
ERROR: Failed to open socket: /etc/freeradius/radiusd.conf[182]: Error binding to port for 0.0.0.0 port 1812
BTW If you are using some virtualization or similar software, I've heard some of them don't support binding to 0.0.0.0 so you'll have to bind to the specific ip address. -- damjan | дамјан This is my jabber ID --> damjan@bagra.net.mk -- not my mail address, it's a Jabber ID --^ :)
Check that nothing is listening on port 1812, even for IPv6.
Nothing listening except for ssh.
Since ssh is TCP, you know that radius is UDP and you need to check with "netstat -ulnp"
Oops, thanks! There was indeed another radius-service running. Killed it and the error's gone :) (I now have another error, but I should be able to work that one out myself) Thanks again, Joep Ruiter
Joep Ruiter wrote: ...
This is the full log: ... radiusd: #### Opening IP addresses and Ports #### listen { type = "auth" ipaddr = * port = 0 ERROR: Failed to open socket: /etc/freeradius/radiusd.conf[182]: Error binding to port for 0.0.0.0 port 1812
There's a call to "getsockname" which tries to get the *real* IP address that the server is listening on. That call is failing. I'm not sure why. I've added a little more logging in CVS head (2.0.2) which may give some insight, but it won't fix the problem. Alan DeKok.
participants (3)
-
Alan DeKok -
Damjan -
Joep Ruiter