Handing out duplicate IP addresses
Alan DeKok
aland at deployingradius.com
Mon Jan 19 14:54:01 CET 2009
tnt at kalik.net wrote:
> When multiple threads ask for an IP at the same time it is possible for
> same IP to be issued to different users. That's because allocate-find
> works 10 or more times faster than allocate-update. There is a chance
> that several allocate-finds will complete before first allocate-update
> makes the IP unavailable.
But the whole thing *should* be wrapped in a transactional block. See
the source code to rlm_sqlippool.
If mysql doesn't respect transactional boundaries, that's another issue.
> I think that best thing to do is to prevent subsequent updates by
> altering the allocate-update (adding "AND expiry_time IS NULL" at the
> end should do it). That way only first one will update the row while
> others will fail (update 0 rows). It should be possible for logic to
> detect that no rows were updated and fail the module.
OK. I've added that to the default MySQL query.
I'd like to know if this is a problem for Postgresql, too.
Alan DeKok.
More information about the Freeradius-Users
mailing list