proxy.conf src_ipaddr ignored
Edgar Fuß
ef at math.uni-bonn.de
Thu Nov 4 22:24:07 CET 2010
> Your configuration must be doing something odd.
Yes. As specifying multiple identical src_ipaddr values for several home servers resulted in 2.1.7 not to start up properly, I (mis)understood the comment
# The rest of the configuration items listed here are optional,
# and do not have to appear in every home server definition.
as if you could specify the values in the "localhost" home_server definition and then every other home_server section would pick up them as default.
No, that's not what the wording suggests, but apperantly, it's how 2.1.7 worked -- at least in case of src_ipaddr and -X.
I thought I had tried moving the src_ipaddr definitions to the individual home server sections earlier the day after I upgraded to 2.1.10, but I must have made some mistake I cannot reproduce.
As you already pointed out further up in this thread, I like to debug things myself. So at least, there is a patch attached adding more debug output to proxy listener allocation and home server selection so the day I wasted on the subject may serve somebody else.
-------------- next part --------------
--- src/main/event.c.orig 2010-09-28 13:03:56.000000000 +0200
+++ src/main/event.c 2010-11-04 17:37:19.000000000 +0100
@@ -1867,7 +1867,7 @@
static int proxy_request(REQUEST *request)
{
struct timeval when;
- char buffer[128];
+ char buffer[128], buffer2[128];
#ifdef WITH_COA
if (request->coa) {
@@ -1903,12 +1903,15 @@
}
request->next_callback = no_response_to_proxied_request;
- RDEBUG2("Proxying request %u to home server %s port %d",
+ RDEBUG2("Proxying request %u to home server %s port %d using source addr %s",
request->number,
inet_ntop(request->proxy->dst_ipaddr.af,
&request->proxy->dst_ipaddr.ipaddr,
buffer, sizeof(buffer)),
- request->proxy->dst_port);
+ request->proxy->dst_port,
+ inet_ntop(request->proxy->src_ipaddr.af,
+ &request->proxy->src_ipaddr.ipaddr,
+ buffer2, sizeof(buffer2)));
/*
* Note that we set proxied BEFORE sending the packet.
--- src/main/listen.c.orig 2010-09-28 13:03:56.000000000 +0200
+++ src/main/listen.c 2010-11-04 18:34:41.000000000 +0100
@@ -1718,6 +1718,7 @@
{
rad_listen_t *this, *tmp, **last;
listen_socket_t *sock, *old;
+ char buffer[128];
/*
* Find an existing proxy socket to copy.
@@ -1778,6 +1779,11 @@
sock->port = 0;
if (listen_bind(this) >= 0) {
+ DEBUG("Adding listener on address %s, port %u",
+ inet_ntop(sock->ipaddr.af,
+ &sock->ipaddr.ipaddr,
+ buffer, sizeof(buffer)),
+ sock->port);
/*
* Add the new listener to the list of
* listeners.
--- src/main/realms.c.orig 2010-09-28 13:03:56.000000000 +0200
+++ src/main/realms.c 2010-11-04 21:34:44.000000000 +0100
@@ -1872,6 +1872,7 @@
home_server *found = NULL;
home_server *zombie = NULL;
VALUE_PAIR *vp;
+ char buffer1[128], buffer2[128];
/*
* Determine how to pick choose the home server.
@@ -2098,6 +2099,15 @@
request->proxy->vps = paircopy(request->packet->vps);
}
+ DEBUG("Found home server %s, address %s, port %u, source address %s",
+ found->name,
+ inet_ntop(found->ipaddr.af,
+ &found->ipaddr.ipaddr,
+ buffer1, sizeof(buffer1)),
+ found->port,
+ inet_ntop(found->src_ipaddr.af,
+ &found->src_ipaddr.ipaddr,
+ buffer2, sizeof(buffer2)));
/*
* Update the various fields as appropriate.
*/
@@ -2232,12 +2242,19 @@
{
home_server *home = data;
rad_listen_t *this;
+ char buffer[128];
/*
* If there WAS a src address defined, ensure that a
* proxy listener has been defined.
*/
if (home->src_ipaddr.af != AF_UNSPEC) {
+ DEBUG("Allocating proxy listener for %s using source address %s",
+ home->name,
+ inet_ntop(home->src_ipaddr.af,
+ &home->src_ipaddr.ipaddr,
+ buffer, sizeof(buffer)));
+
this = proxy_new_listener(&home->src_ipaddr, TRUE);
/*
More information about the Freeradius-Users
mailing list