Questions about proxy radius on multihomed host
Kostas Zorbadelos
kzorba at otenet.gr
Mon Dec 4 09:47:01 CET 2006
On Sun, Dec 03, 2006 at 09:15:54PM -0800, Alan DeKok wrote:
> Kostas Zorbadelos wrote:
> > on a multihomed Solaris host when radius packets are proxied what is
> > their source IP? Is it IP1 or it could also be IP2?
>
> Uh... that's up to the OS.
That's what I also thought. This would have to do with the TCP/IP
implementation in the kernel...
> There are patches pending against CVS head
> that should fix this.
>
In a portable way?
> > I took a look at the sources where I see that in proxy.c a rad_send()
> > is used to actually send the packet. rad_send() uses sendto() unless
> > WITH_UDPFROMTO is defined in which case sendfromto() is used. In my
> > case, WITH_UDPFROMTO is undefined.
>
> That only matters for packets being received by the server, not
> packets it's sending.
>
I am reffering to proxy_send in proxy.c
/*
* Relay the request to a remote server.
* Returns:
*
* RLM_MODULE_FAIL: we don't reply, caller returns without replying
* RLM_MODULE_NOOP: caller falls through to normal processing
* RLM_MODULE_HANDLED : we reply, caller returns without replying
*/
int proxy_send(REQUEST *request)
>From what I can see it has to do with the packets relayed by the
server to the remote home server in proxy mode.
> > Can I assume that outgoing packets use as source address the one
> > listed in the listen directive?
>
> If that's the only IP used, yes. Otherwise, it's up to the OS to
> determine the best source IP for an outgoing packet.
>
Thanks Alan.
--
Kostas Zorbadelos
m at il contact: kzorba (at) otenet.gr
Out there in the darkness, out there in the night
out there in the starlight, one soul burns brighter
than a thousand suns.
More information about the Freeradius-Users
mailing list