sqlippool --> ip's expiring and being allocated again

Alan DeKok aland at deployingradius.com
Thu Oct 17 05:10:34 CEST 2013


Petre Bandac wrote:
> pool ip's are allocated correctly, but after the lease-duration is
> reached, they are deleted from the radippool table.

  That's how IP pools work.

> This causes the ip to be once again assigned to another user, who in
> turn requires a new login, since this ip won't work

  Umm... *why* won't it work?  You should really figure that out.

> I have tried to enforce a "keep-alive" with acct-interim, but it
> doesn't work, the ip's are deleted from radippool when the lease time
> is up ?
> 
> how can I prevent this ?

  You can't.  IP's are no longer valid when the lease time is up.

> root at core-router:/etc/freeradius# radtest -x petreb petreb localhost
> 1980 radiuspass
> Sending Access-Request of id 7 to 127.0.0.1 port 1812
> 	User-Name = "petreb"
> 	User-Password = "petreb"
> 	NAS-IP-Address = 1.1.1.1
> 	NAS-Port = 1980
> rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=7,
> length=38
> Acct-Interim-Interval = 120 Session-Timeout = 1195235
> 	Framed-IP-Address = 1.1.1.2

  You'll note the Session-Timeout.  When IP's are assigned through
RADIUS, they get sent to the NAS.  The NAS is then responsible for
enforcing session expiry.

  And when the session expires, so does the IP.

  If the NAS allows the IP to still be used after session expiry, then
the NAS is wrong and broken.  It needs to be thrown in the garbage, and
replaced with a NAS that works.

  No amount of poking FreeRADIUS will fix a broken NAS.

  Alan DeKok.


More information about the Freeradius-Users mailing list