redundant ippools using rlm_ippool in v1.1.3

Michael Chernyakhovsky magmike at mail.ru
Mon Sep 15 21:30:36 CEST 2008 

there is strict condition in rlm_ippool.c

    if ((vp = pairfind(request->config_items, PW_POOL_NAME)) != NULL){
       if (data->name == NULL || strcmp(data->name,vp->strvalue))

so pool_name should be equal to config's name of pool

although, 01 Jul 2004 Kostas Kalevras wrote
( http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg06686.html )

> Do a cvs update on the ippool module or wait for tomorrow's CVS snapshot. Then
> you can set Pool-Name to DEFAULT and it will match all of the ippool module
> instances.

there is no other comparison of pool name with any other strings, so i
apply my own patch for my own radius-server.
it works.

You should to set Pool-Name to "DEFAULT" in 'users'. like this

>         DEFAULT Huntgroup-Name == "lns0x", Pool-Name := DEFAULT, Post-Auth-Type := LNS0X
>                 Fall-Through = Yes

>         DEFAULT Huntgroup-Name == "lns0y", Pool-Name := DEFAULT, Post-Auth-Type := LNS0Y
>                 Fall-Through = Yes



patch are:

--8<---------------------------------------------------------------------
--- rlm_ippool.c-orig   2008-09-01 12:43:53.000000000 +0600
+++ rlm_ippool.c    2008-09-01 12:44:13.000000000 +0600
@@ -480,7 +480,10 @@
     * run only if they match
     */
    if ((vp = pairfind(request->config_items, PW_POOL_NAME)) != NULL){
-       if (data->name == NULL || strcmp(data->name,vp->strvalue))
+       if (data->name == NULL || (strcmp(data->name,vp->strvalue) && strcmp("DEFAULT", vp->strvalue)))
            return RLM_MODULE_NOOP;
    } else {
        DEBUG("rlm_ippool: Could not find Pool-Name attribute.");
--8<---------------------------------------------------------------------


May be i made it wrong, but it works.
2Kostas: Is there another way to create redundant ippools?
why current version of rlm_ippools does not work with DEFAULT name?
we do something wrong?


> I am stuck with v1.1.3 in this case, otherwise I would use
> rlm_sqlippool.

> I need to assign IP addresses depending on the NAS the user comes in:

> 'huntgroups' contains 

>         lns0x           NAS-IP-Address == a.b.c.x
>         lns0y           NAS-IP-Address == a.b.c.y

> In 'users' I set 'Post-Auth-Type' depending on
> 'Huntgroup-Name' (Userdata are in a MySQL database):

>         DEFAULT Huntgroup-Name == "lns0x", Post-Auth-Type := LNS0X
>                 Fall-Through = Yes

>         DEFAULT Huntgroup-Name == "lns0y", Post-Auth-Type := LNS0Y
>                 Fall-Through = Yes

> The modules section in radiusd.conf has the ippool definitions like

>                 # subnets on lns0x
>         ippool lns0x-00 {
>                 range-start = 192.168.111.1
>                 range-stop =  192.168.111.6
>                 netmask = 255.255.255.248
>                 cache-size = 6
>                 session-db = /var/cache/freeradius/db.pool_lns0x_00
>                 ip-index = /var/cache/freeradius/db.index_lns0x_00
>                 override = yes
>                 maximum-timeout = 0
>         }

>         ippool lns0x-01 {
>                 range-start = 192.168.111.9
>                 range-stop =  192.168.111.14
>                 netmask = 255.255.255.248
>                 cache-size = 6
>                 session-db = /var/cache/freeradius/db.pool_lns0x_01
>                 ip-index = /var/cache/freeradius/db.index_lns0x_01
>                 override = yes
>                 maximum-timeout = 0
>         }

>                 # subnets on lns0y
>         ippool lns0x-00 {
>                 range-start = 192.168.112.1
>                 range-stop =  192.168.112.6
>                 netmask = 255.255.255.248
>                 cache-size = 6
>                 session-db = /var/cache/freeradius/db.pool_lns0y_00
>                 ip-index = /var/cache/freeradius/db.index_lns0y_00
>                 override = yes
>                 maximum-timeout = 0
>         }

>         ippool lns0x-01 {
>                 range-start = 192.168.112.9
>                 range-stop =  192.168.112.14
>                 netmask = 255.255.255.248
>                 cache-size = 6
>                 session-db = /var/cache/freeradius/db.pool_lns0y_01
>                 ip-index = /var/cache/freeradius/db.index_lns0y_01
>                 override = yes
>                 maximum-timeout = 0
>         }

> My first attempt on the post-auth Section looked like

>         Post-Auth-Type LNS0X {
>                 redundant {
>                         lns0x-00
>                         lns0x-01
>                 }
>         }

>         Post-Auth-Type LNS0Y {
>                 redundant {
>                         lns0y-00
>                         lns0y-01
>                 }
>         }

> This does not work because the 'Pool-Name' check attribute is missing in users.

> If I set Pool-Name in users, addresses are only returned from the
> matching poolname module until it is depleted, the alternative pool
> module is not called.

> Is it possible to achieve the intended setup with rlm_ippool or is this
> only possible with rlm_sqlippool?

> Mit freundlichem Gru?,




-- 
С уважением,
Михаил Черняховский,
НП "Магинфоцентр",
г. Магнитогорск.
(3519) 212-474.

More information about the Freeradius-Users mailing list