Handing out duplicate IP addresses
tnt at kalik.net
tnt at kalik.net
Thu Jan 15 21:08:10 CET 2009
Change this in ippool.conf:
allocate-update = "UPDATE ${ippool_table} \
SET nasipaddress = '%{NAS-IP-Address}', pool_key = '${pool-key}', \
callingstationid = '%{Calling-Station-Id}', username =
'%{User-Name}', \
expiry_time = NOW() + INTERVAL ${lease-duration} SECOND \
WHERE framedipaddress = '%I'" AND expiry_time IS NULL
^^^^^^^^^^^^^^^
this is new
That should cause module to fail if another thread has updated wth this
IP address while update was being executed.
Ivan Kalik
Kalik Informatika ISP
Dana 15/1/2009, "Dave" <dave at optionsdsl.ca> piše:
>
>I dont know if this means anything, but Im not using DHCP, Im using
>PPPoE. I didnt know FR could even be a dhcp server.
>
>Im just throwing out ideas, but is there a way to not thread the
>sqlippool module ? Let one request at a time for an IP, sure it would
>be slower, but for my use would be fine.
>
>
>Ben Wiechman wrote:
>>
>> Can�t you do the select and update as part of one transaction?
>>
>>
>>
>> For example with MySQL:
>>
>> START TRANSACTION;
>>
>> SELECT @A:=SUM(salary) FROM table1 WHERE type=1;
>>
>> UPDATE table2 SET summary=@A WHERE type=1;
>>
>> COMMIT;
>>
>>
>>
>> The transaction may need to be changed to serializable as well. I
>> don�t know how the DHCP RFC handles preallocations.
>>
>>
>>
>> You could probably use Repeatable Read level if it is acceptable to
>> mark an address as taken when a DHCPOFFER is sent while waiting for a
>> DHCPREQUEST from the client, so long as the address if confirmed to be
>> free before the DHCPACK is sent, or a DHCPNAK in the case that the
>> address was offered to multiple clients.
>>
>> Ben Wiechman
>>
>>
>>
>>
>>
>> *From:*
>> freeradius-users-bounces+ben=wisper-wireless.com at lists.freeradius.org
>> [mailto:freeradius-users-bounces+ben=wisper-wireless.com at lists.freeradius.org]
>> *On Behalf Of *Padam J Singh
>> *Sent:* Thursday, January 15, 2009 9:39 AM
>> *To:* FreeRadius users mailing list
>> *Subject:* Re: Handing out duplicate IP addresses
>>
>>
>>
>> Hello Ivan,
>>
>> Would adding a mutex around the select-update code in the sqlippool
>> module solve this issue?
>>
>> Padam
>>
>> tnt at kalik.net <mailto:tnt at kalik.net> wrote:
>>
>> The requests all came in at the same time, to the second (among others),
>>
>> its like FR took 3 requests and looked at the database at the exact same
>>
>> time, saw it was an available IP and all those 3 requests assigned it.
>>
>>
>>
>>
>> That can't be avoided. SELECT (allocate-find) will always work much
>> faster than UPDATE (allocate-update).
>>
>>
>>
>> My NAS rejects two of the 3 because the IP is assigned,
>>
>>
>>
>>
>> I think that you make a good point here. If the allocate-update query was
>> made to fail in the case that the IP address was already issued to
>> another thread between allocate-find and allocate-update (by expanding
>> it with AND expiry_time IS NULL in WHERE), point of failure will be in
>> sqlippool module and not on the NAS. Logic can then perhaps try to issue
>> a new IP address (best just once more in order not to create a loop).
>> That way issuing same IP address to multiple threads can be handled by
>> the sqlippool module.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>
>>
>>
>>
>> --
>> PGP Id 9EED2E09
>> ------------------------------------------------------------------------
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list