coa / proxy question
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Mon Jan 6 15:41:04 CET 2014
On 5 Jan 2014, at 01:20, Richard J Palmer <richard at merula.net> wrote:
> We have a setup for l2tp ADSL and other connections using freeradius.
>
> All is generally working fine - I am building some coa functionality.
>
> The good news is that this in general works fine - I have however one problem and while I can see hints on the list and on the freeradius site I would appreciate some clarification.
>
> We have currently 2 LNS Servers. Sessions to us can end up on either one of our LNS Servers. However I can't easily say which of the LNS devices to send the request to - the NAS IP we hold in radact is actually the Wholesale providers NAS IP not the LNS IP address.
What about the src IP address of the RADIUS accounting packets? Does that match an interface on the LNS?
> What I would ideally like to do (simple solution) is send the coa request to both LNS routers - one will obviously say 'no match' the other will correctly affect the session. With the pool set to failover I find that second LNS is not sent the coa as the first LNS replied (albeit saying no match), load balance works 50/50.
You may be able to use the replicate module.
You'll have to change the NAS-Identifier/NAS-IP-Address in the CoA request when you send it to each of the devices.
Note that the rlm_replicate module does not process responses, so there'll be no retransmissions for the device the packets were replicated to.
The feature you're asking for is actually quite difficult to implement. We are considering something that may enable setups like that, but the earliest it'll appear is FreeRADIUS 4.x.x and that's probably a few years away.
> Is there a simple way to configure coa to send the request to both here. I'm also open to any betrter routes to do this
Try and determine the LNS from information received in Accounting-Requests and direct the CoA-Requests accordingly.
%{Packet-SRC-IP-Address} will expand to the src ip address in the packet.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140106/afc8f23d/attachment.pgp>
More information about the Freeradius-Users
mailing list