Freeradius DHCP problem with some vendors.

Ricardo Oliveira ricardo.btu at gmail.com
Mon Jan 13 18:56:26 CET 2014


Hello,
I am introducing the Freeradius as DHCP server at my ISP and am
experiencing problems with some vendors specifically routers TP-Link.

The FreeRadius allocates the IP Router but unable to associate the IP
offered by freeradius, what intrigues me is that the problem does not occur
with the ISC-DHCP.
FreeRADIUS Version 2.2.4 (git #14e1ee7)
Follow my configuration and Debug.

server dhcp {
        listen {
            type = dhcp
            ipaddr = XXX.XXX.0.26
            port = 67
            interface = eth0
            broadcast = no
        }
        dhcp DHCP-Discover {
            update reply {
                DHCP-Message-Type = DHCP-Offer
            }

            update reply {
                DHCP-Domain-Name-Server = XXX.XXX.0.6
                DHCP-Domain-Name-Server = XXX.XXX.0.250
                DHCP-IP-Address-Lease-Time = 120
                DHCP-DHCP-Server-Identifier = XXX.XXX.0.26
            }

            sql.authorize
            dhcp_sqlippool
            sql.post-auth
            ok
        }

        dhcp DHCP-Request {
            update reply {
                DHCP-Message-Type = DHCP-Ack
            }

            update reply {
                DHCP-Domain-Name-Server = XXX.XXX.0.6
                DHCP-Domain-Name-Server = XXX.XXX.0.250
                DHCP-IP-Address-Lease-Time = 120
                DHCP-DHCP-Server-Identifier = XXX.XXX.0.26
            }

            sql.authorize
            dhcp_sqlippool
            sql.post-auth
            ok
        }

        dhcp {
            reject
        }
    }

Ready to process requests.
Received DHCP-Discover of id 7f519348 from 179.127.59.1:67 to 187.85.0.26:67
        DHCP-Opcode = Client-Message
        DHCP-Hardware-Type = Ethernet
        DHCP-Hardware-Address-Length = 6
        DHCP-Hop-Count = 1
        DHCP-Transaction-Id = 2136052552
        DHCP-Number-of-Seconds = 4
        DHCP-Flags = Broadcast
        DHCP-Client-IP-Address = 0.0.0.0
        DHCP-Your-IP-Address = 0.0.0.0
        DHCP-Server-IP-Address = 0.0.0.0
        DHCP-Gateway-IP-Address = 179.127.59.1
        DHCP-Client-Hardware-Address = a0:f3:c1:f3:78:6a
        DHCP-Message-Type += DHCP-Discover
        DHCP-Client-Identifier += a0:f3:c1:f3:78:6a
        DHCP-DHCP-Maximum-Msg-Size += 576
        DHCP-Parameter-Request-List += DHCP-Subnet-Mask
        DHCP-Parameter-Request-List += DHCP-Router-Address
        DHCP-Parameter-Request-List += DHCP-Domain-Name-Server
        DHCP-Parameter-Request-List += DHCP-Static-Routes
        DHCP-Parameter-Request-List += DHCP-Vendor
        DHCP-Parameter-Request-List += DHCP-NETBIOS-Name-Servers
        DHCP-Parameter-Request-List += DHCP-NETBIOS-Node-Type
        DHCP-Parameter-Request-List += DHCP-NETBIOS
        DHCP-Parameter-Request-List += DHCP-Classless-Static-Route
        DHCP-Parameter-Request-List += 249
        DHCP-Relay-Circuit-Id = "1/1/FHTT-0027b63b"
        DHCP-Relay-Remote-Id = ""
server dhcp {
Trying sub-section dhcp DHCP-Discover {...}
+group DHCP-Discover {
++update reply {
++} # update reply = noop
++update reply {
++} # update reply = noop
[sql]   expand: %{DHCP-Relay-Circuit-Id} -> 1/1/FHTT-0027b63b
[sql] sql_set_user escaped user --> '1/1/FHTT-0027b63b'
rlm_sql (sql): Reserving sql socket id: 2
[sql]   expand: SELECT id, username, attribute, value, op           FROM
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY
id -> SELECT id, username, attribute, value, op           FROM radcheck
      WHERE username = '1/1/FHTT-0027b63b'           ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT id, username, attribute, value, op           FROM
radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY
id -> SELECT id, username, attribute, value, op           FROM radreply
      WHERE username = '1/1/FHTT-0027b63b'           ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup
WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT
groupname           FROM radusergroup           WHERE username =
'1/1/FHTT-0027b63b'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 2
++[sql.authorize] = ok
++policy dhcp_sqlippool.post-auth {
+++update request {
        expand: %{DHCP-Relay-Circuit-Id} -> 1/1/FHTT-0027b63b
        expand: %{DHCP-Relay-Circuit-Id} -> 1/1/FHTT-0027b63b
        expand: %{DHCP-Gateway-IP-Address} -> 179.127.59.1
        expand: %{%{DHCP-Gateway-IP-Address}:-127.0.0.1} -> 179.127.59.1
+++} # update request = noop
[dhcp_sqlippool] No Pool-Name defined.
[dhcp_sqlippool]        expand: DHCP: No Pool-Name defined (did
%{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user
%{User-Name}) -> DHCP: No Pool-Name defined (did  cli 1/1/FHTT-0027b63b
port  user 1/1/FHTT-0027b63b)
DHCP: No Pool-Name defined (did  cli 1/1/FHTT-0027b63b port  user
1/1/FHTT-0027b63b)
+++[dhcp_sqlippool] = noop
+++? if (ok)
? Evaluating (ok) -> FALSE
+++? if (ok) -> FALSE
++} # policy dhcp_sqlippool.post-auth = noop
[sql]   expand: %{DHCP-Relay-Circuit-Id} -> 1/1/FHTT-0027b63b
[sql] sql_set_user escaped user --> '1/1/FHTT-0027b63b'
[sql]   expand: %{User-Password} ->
[sql]   ... expanding second conditional
[sql]   expand: %{Chap-Password} ->
[sql]   expand: INSERT INTO radpostauth
(username, pass, reply, authdate)                           VALUES (
                    '%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth
        (username, pass, reply, authdate)                           VALUES
(                           '1/1/FHTT-0027b63b',
'',                           '0', '2014-01-12 18:02:18')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth
              (username, pass, reply, authdate)
VALUES (                           '1/1/FHTT-0027b63b',
      '',                           '0', '2014-01-12 18:02:18')
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): Released sql socket id: 1
++[sql.post-auth] = ok
++[ok] = ok
+} # group DHCP-Discover = ok
DHCP: Reply will be unicast to giaddr from original packet
} # server dhcp
Encoding DHCP-Offer of id 7f519348 to 179.127.59.1:67
        DHCP-Opcode = Server-Message
        DHCP-Hardware-Type = Ethernet
        DHCP-Hardware-Address-Length = 6
        DHCP-Hop-Count = 1
        DHCP-Transaction-Id = 2136052552
        DHCP-Number-of-Seconds = 0
        DHCP-Flags = Broadcast
        DHCP-Client-IP-Address = 0.0.0.0
        DHCP-Your-IP-Address = 179.127.59.2
        DHCP-Server-IP-Address = 187.85.0.26
        DHCP-Gateway-IP-Address = 179.127.59.1
        DHCP-Client-Hardware-Address = a0:f3:c1:f3:78:6a
        DHCP-Server-Host-Name = ""
        DHCP-Boot-Filename = ""
        DHCP-Domain-Name-Server = 187.85.0.6
        DHCP-Domain-Name-Server = 187.85.0.250
        DHCP-IP-Address-Lease-Time = 120
        DHCP-DHCP-Server-Identifier = 187.85.0.26
        DHCP-DHCP-Maximum-Msg-Size = 576
Sending DHCP-Offer of id 7f519348 to 179.127.59.1:67
Finished request 1.

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140113/7208c984/attachment-0001.html>


More information about the Freeradius-Users mailing list