Sanity check on coa

Phil Mayers p.mayers at
Mon Jun 16 17:48:52 CEST 2014

On 16/06/14 15:24, Alan DeKok wrote:
> Phil Mayers wrote:
>> If I want to send a CoA request from a client, via FR, to the NAS
>> (because the NAS is dumb and will only take CoA packets from the
>> auth/acct server IPs & secrets) then I'm stuck with defining one home
>> server/pool per NAS, right?
>    No.  You can specify a "coa_server" in a "client" section.  And then do:
> 	update coa {
> 		Packet-Dst-IP-Address = ip.of.the.nas
> 	}

The source code, and my testing, suggests this just triggers a lookup of 
the IP against the home servers, so you still need to define one home 
server per NAS. If you don't you get:

WARNING: Unknown destination <nas>:3799 for CoA request.
Do CoA Fail handler here


Also this entails using an access-request to trigger a CoA, rather than 
sending a CoA and proxying it onwards to a NAS. Not terrible but not 
ideal either.

It's possible I'm doing something wrong, as I found the examples for 
this seriously hard to follow - the use of a home server/pool as an 
indirection mechanism really confused me, and it was not obvious what was being used for. Dummy value/placeholder? Magic value?

But I can't get this going and am out of time, so I'm going to go with 
"ssh to run radclient" :o(

More information about the Freeradius-Users mailing list