Freeradius DHCP problem
Csőke János
csovike10 at hotmail.com
Sat Nov 30 22:27:28 CET 2013
Hi Everybody!
I would like to use Freeradius as a DHCP server, but it's not working.
I'm seen this in debug mode:
=======================================================================
Received DHCP-Discover of id c38d6dab from 0.0.0.0:68 to 255.255.255.255:67
DHCP-Opcode = Client-Message
DHCP-Hardware-Type = Ethernet
DHCP-Hardware-Address-Length = 6
DHCP-Hop-Count = 0
DHCP-Transaction-Id = 3280825771
DHCP-Number-of-Seconds = 7424
DHCP-Flags = Broadcast
DHCP-Client-IP-Address = 0.0.0.0
DHCP-Your-IP-Address = 0.0.0.0
DHCP-Server-IP-Address = 0.0.0.0
DHCP-Gateway-IP-Address = 0.0.0.0
DHCP-Client-Hardware-Address = 14:da:e9:bf:1c:da
DHCP-Message-Type += DHCP-Discover
DHCP-Client-Identifier += 14:da:e9:bf:1c:da
DHCP-Hostname += "csovike10pc"
DHCP-Vendor-Class-Identifier += "MSFT 5.0"
DHCP-Parameter-Request-List += DHCP-Subnet-Mask
DHCP-Parameter-Request-List += DHCP-Domain-Name
DHCP-Parameter-Request-List += DHCP-Router-Address
DHCP-Parameter-Request-List += DHCP-Domain-Name-Server
DHCP-Parameter-Request-List += DHCP-NETBIOS-Name-Servers
DHCP-Parameter-Request-List += DHCP-NETBIOS-Node-Type
DHCP-Parameter-Request-List += DHCP-NETBIOS
DHCP-Parameter-Request-List += DHCP-Perform-Router-Discovery
DHCP-Parameter-Request-List += DHCP-Static-Routes
DHCP-Parameter-Request-List += DHCP-Classless-Static-Route
DHCP-Parameter-Request-List += 249
DHCP-Parameter-Request-List += DHCP-Vendor
server dhcp {
Trying sub-section dhcp DHCP-Discover {...}
+group DHCP-Discover {
++update reply {
++} # update reply = noop
++update reply {
sql_xlat
expand: %{User-Name} ->
sql_set_user escaped user --> ''
expand: SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask' -> SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'
rlm_sql (sql): Reserving sql socket id: 9
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 9
expand: %{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'} -> 255.255.255.0
sql_xlat
expand: %{User-Name} ->
sql_set_user escaped user --> ''
expand: SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address' -> SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'
rlm_sql (sql): Reserving sql socket id: 8
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 8
expand: %{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'} -> 152.66.235.254
sql_xlat
expand: %{User-Name} ->
sql_set_user escaped user --> ''
expand: SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name' -> SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'
rlm_sql (sql): Reserving sql socket id: 7
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 7
expand: %{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'} -> teteny.bme.hu
sql_xlat
expand: %{User-Name} ->
sql_set_user escaped user --> ''
expand: SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) -> SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)
rlm_sql (sql): Reserving sql socket id: 6
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 6
expand: %{sql:SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)} -> csovike10pc
sql_xlat
expand: %{User-Name} ->
sql_set_user escaped user --> ''
expand: SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) -> SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '14:da:e9:bf:1c:da' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)
rlm_sql (sql): Reserving sql socket id: 5
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 5
expand: %{sql:SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)} -> 152.66.235.32
++} # update reply = noop
++[ok] = ok
+} # group DHCP-Discover = ok
DHCP: Reply will be broadcast
} # server dhcp
Encoding DHCP-Offer of id c38d6dab from 10.42.128.0:67 to 255.255.255.255:68
DHCP-Opcode = Server-Message
DHCP-Hardware-Type = Ethernet
DHCP-Hardware-Address-Length = 6
DHCP-Hop-Count = 0
DHCP-Transaction-Id = 3280825771
DHCP-Number-of-Seconds = 0
DHCP-Flags = Broadcast
DHCP-Client-IP-Address = 0.0.0.0
DHCP-Your-IP-Address = 152.66.235.32
DHCP-Server-IP-Address = 10.42.128.0
DHCP-Gateway-IP-Address = 0.0.0.0
DHCP-Client-Hardware-Address = 14:da:e9:bf:1c:da
DHCP-Server-Host-Name = ""
DHCP-Boot-Filename = ""
DHCP-Subnet-Mask = 255.255.255.0
DHCP-Router-Address = 152.66.235.254
DHCP-Domain-Name-Server = 10.42.128.0
DHCP-Domain-Name-Server = 10.42.128.2
DHCP-Hostname = "csovike10pc"
DHCP-Domain-Name = "teteny.bme.hu"
DHCP-Interface-MTU-Size = 1400
DHCP-NTP-Servers = 10.42.128.0
DHCP-NETBIOS-Name-Servers = 10.42.128.15
DHCP-IP-Address-Lease-Time = 14400
DHCP-DHCP-Server-Identifier = 10.42.128.0
DHCP-Renewal-Time = 7200
DHCP-Rebinding-Time = 12600
Sending DHCP-Offer of id c38d6dab from 10.42.128.0:67 to 255.255.255.255:68
Finished request 2.
Cleaning up request 2 ID -1014141525 with timestamp +35
Going to the next request
Ready to process requests.
=======================================================================
It's great, because all sql query run succesful, found my client's IP address and sent correct DHCP-Offer message. But the DHCP request failed in my Windows 7 client.
My dhcp configuration file:
=======================================================================
server dhcp {
listen {
broadcast = yes
ipaddr = 255.255.255.255
port = 67
interface = eth0.42
type = dhcp
}
dhcp DHCP-Discover {
update reply {
DHCP-Message-Type = DHCP-Offer
}
update reply {
DHCP-Domain-Name-Server = 10.42.128.0
DHCP-Domain-Name-Server = 10.42.128.2
DHCP-Subnet-Mask = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'}"
DHCP-Router-Address = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'}"
DHCP-Domain-Name = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'}"
DHCP-IP-Address-Lease-Time = 14400
DHCP-Renewal-Time = 7200
DHCP-Rebinding-Time = 12600
DHCP-Hardware-Type = Ethernet
DHCP-DHCP-Server-Identifier = 10.42.128.0
DHCP-Interface-MTU-Size = 1400
DHCP-NETBIOS-Name-Servers = 10.42.128.15
DHCP-NTP-Servers = 10.42.128.0
DHCP-Hostname = "%{sql:SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
DHCP-Your-IP-Address = "%{sql:SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
}
ok
}
dhcp DHCP-Request {
update reply {
DHCP-Message-Type = DHCP-Ack
}
update reply {
DHCP-Domain-Name-Server = 10.42.128.0
DHCP-Domain-Name-Server = 10.42.128.2
DHCP-Subnet-Mask = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Subnet-Mask'}"
DHCP-Router-Address = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Router-Address'}"
DHCP-Domain-Name = "%{sql:SELECT value FROM ttny.dhcp_zones,(SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL) AND ttny.dhcp_zones.zone_name = ttny.ip.type AND ttny.dhcp_zones.attribute = 'Domain-Name'}"
DHCP-IP-Address-Lease-Time = 14400
DHCP-Renewal-Time = 7200
DHCP-Rebinding-Time = 12600
DHCP-Hardware-Type = Ethernet
DHCP-DHCP-Server-Identifier = 10.42.128.0
DHCP-Interface-MTU-Size = 1400
DHCP-NETBIOS-Name-Servers = 10.42.128.15
DHCP-NTP-Servers = 10.42.128.0
DHCP-Hostname = "%{sql:SELECT host FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
DHCP-Your-IP-Address = "%{sql:SELECT ip FROM (SELECT * FROM computer_wired UNION SELECT * FROM computer_wireless) c JOIN ttny.ip ON c.ip_id = ttny.ip.id JOIN ttny.user ON c.user_id = ttny.user.id WHERE c.mac = '%{DHCP-Client-Hardware-Address}' AND c.reg_expire>= now() AND (ttny.user.ban_expire < now() OR ttny.user.ban_expire IS NULL)}"
}
ok
}
# If there's no named section for the packet type, then the packet
# is processed through this section.
dhcp {
# send a DHCP NAK.
reject
}
}
=======================================================================
Freeradius version:
freeradius: FreeRADIUS Version 2.2.3 (git #077a373), for host x86_64-pc-linux-gnu, built on Nov 25 2013 at 09:17:09
=======================================================================
Operating System:
Debian 7
=======================================================================
Can you help me?
Thanks,
János
More information about the Freeradius-Users
mailing list