Little "problem" with sqlippool

Antonio Modesto modesto at isimples.com.br
Tue Aug 21 18:37:19 CEST 2012


2012/8/21 Phil Mayers <p.mayers at imperial.ac.uk>

> On 21/08/12 16:20, Antonio Modesto wrote:
>
>>
>>
>> Hi,
>>
>> I'm testing sqlippool, so far it's working well, but I'm with a
>> exception that I haven't thought about it before. We use  radius to
>> authenticate the clients on wireless access points and with PPPoE, and
>> now I started using sqlippool to dynamically distribute the IP's and BGP
>> to announce the routes through the NAS'es. The problem is that radius
>> allocates a IP for the client when he associates to an access point,
>> (the wireless authentication is done with the MAC Address as the
>> UserName and Password) and another IP when he connects on PPPoE, of
>> course the IP allocated for the MAC is not used, but the record stays on
>> the radippool table, and cannot be allocated to another user. Is there a
>> way to do a regex or something like that before selecting a pool for the
>> client?
>>
>
> sqlippool only runs if you tell it to. So, you need to conditionally run
> it in post-auth. For example:
>
> post-auth {
>   ...
>   if (Huntgroup-Name == PPPoE) {
>     # only allocate an IP on PPPoE
>     sqlippool
>   }
> }
>
> Alternatively, use virtual servers and client/listen statements to break
> the wireless and PPPoE policies out, and just don't use sqlippool in the
> wireless virtual server.
>
>
Can I test this 'if' statement against a radius attribute, such as
Service-Type?

Anyway, I had another idea, though it doesn't seem to be the best one. As I
have two servers and just one is running  radius 2.X with sqlippool, I
could use one for wireless authentication and another for ppp
authentication. Bad Idea?




> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
> list/users.html <http://www.freeradius.org/list/users.html>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120821/75f08364/attachment.html>


More information about the Freeradius-Users mailing list