Little "problem" with sqlippool

Phil Mayers p.mayers at
Tue Aug 21 17:33:26 CEST 2012

On 21/08/12 16:20, Antonio Modesto wrote:
> Hi,
> I'm testing sqlippool, so far it's working well, but I'm with a
> exception that I haven't thought about it before. We use  radius to
> authenticate the clients on wireless access points and with PPPoE, and
> now I started using sqlippool to dynamically distribute the IP's and BGP
> to announce the routes through the NAS'es. The problem is that radius
> allocates a IP for the client when he associates to an access point,
> (the wireless authentication is done with the MAC Address as the
> UserName and Password) and another IP when he connects on PPPoE, of
> course the IP allocated for the MAC is not used, but the record stays on
> the radippool table, and cannot be allocated to another user. Is there a
> way to do a regex or something like that before selecting a pool for the
> client?

sqlippool only runs if you tell it to. So, you need to conditionally run 
it in post-auth. For example:

post-auth {
   if (Huntgroup-Name == PPPoE) {
     # only allocate an IP on PPPoE

Alternatively, use virtual servers and client/listen statements to break 
the wireless and PPPoE policies out, and just don't use sqlippool in the 
wireless virtual server.

More information about the Freeradius-Users mailing list