Static ippool based on NAS source
renator at flash.net.br
renator at flash.net.br
Mon Dec 7 00:15:03 CET 2009
Greetings,
We are using Freeradius v2 to authenticate and give IP to a large group of
mobiles, connected to us via gprs through 2 NAS randomicaly.
We need this group of mobiles to get an IP address based on the NAS where
they authenticate from and keep this IP always it connects from
this same NAS again and other if it connects from the other NAS, the
nearest possible of an static IP served by the Radius server via IPPOOL.
We have a limitation because the gprs operator's demands the same
login/password for all the mobiles.
Today we use, based in what I read in this list and the documentation, the
configuration:
users:
DEFAULT NAS-IP-Address == xxx.xxx.xxx.1, Pool-Name := "pool1"
X-Ascend-Client-Assign-DNS = 1,
X-Ascend-Client-Primary-DNS = xxx.xxx.xxx.4,
X-Ascend-Client-Secondary-DNS = xxx.xxx.xxx.5,
Service-Type = Framed-User,
Simultaneous-Use := 10000,
Framed-Protocol = PPP,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
Fall-Through = Yes
DEFAULT NAS-IP-Address == xxx.xxx.xxx.2, Pool-Name := "pool2"
X-Ascend-Client-Assign-DNS = 1,
X-Ascend-Client-Primary-DNS = xxx.xxx.xxx.4,
X-Ascend-Client-Secondary-DNS = xxx.xxx.xxx.5,
Service-Type = Framed-User,
Simultaneous-Use := 10000,
Framed-Protocol = PPP,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
Fall-Through = Yes
radiusd.conf (ippool):
ippool pool1 {
range-start = xxx.xxx.2.1
range-stop = xxx.xxx.3.254
netmask = 255.255.254.0
cache-size = 510
session-db = ${raddbdir}/db.ippool1
ip-index = ${raddbdir}/db.ipindex1
override = no
maximum-timeout = 0
lease-duration = 86400
key = "%{NAS-IP-Address} %{Calling-Station-Id}"
}
ippool pool2 {
range-start = xxx.xxx.0.1
range-stop = xxx.xxx.1.254
netmask = 255.255.254.0
cache-size = 510
session-db = ${raddbdir}/db.ippool2
ip-index = ${raddbdir}/db.ipindex2
override = no
maximum-timeout = 0
lease-duration = 86400
key = "%{NAS-IP-Address} %{Calling-Station-Id}"
}
With a big "lease-duration" we want the mobiles to get the same IP most of
the time.
The pool1 and pool2 are configured in accounting and post-auth of
sites-enabled/default file...
So, trying to be clear, what we need is:
IF mobile CONNECTS via NAS1 -> Gets IP from pool1
IF mobile CONNECTS via NAS1 again -> Gets THE same IP from pool1
IF mobile CONNECTS via NAS2 -> Gets IP from pool2
IF mobile CONNECTS via NAS2 again -> Gets THE same IP from pool2
Everything seems to work, BUT, the mobiles are getting always 2 ips
instead of 1. I mean:
Mobile CONNECTS via NAS1 -> Gets IP from pool1
Mobile CONNECTS again via NAS1 -> Gets ANOTHER IP from pool1
Mobile CONNECTS via NAS2 -> Gets IP from pool2
Mobile CONNECTS again via NAS2 -> Gets ANOTHER IP from pool2
If I keep reconnecting with this mobile several times, I always get 1 of
these 4 ips.
Is there a better way to do what I need?
Please, forgive me if I am not beeing clear enought, as English is not my
primary language.
I hope you can help me about this issue.
Thank you very much for taking the time to read!
More information about the Freeradius-Users
mailing list