Issue with DHCP with Wireless card
Hugh McLenaghan
hughmcl at hotmail.com
Thu Mar 13 16:40:10 CET 2014
Now, the source address looks ok, but the destination address is wrong :)
Sending DHCP-Offer of id 81b0fb8a from 10.199.100.1:67 to 2.0.0.0:68
Getting closer :)
Hugh
----------------------------------------
> Date: Thu, 13 Mar 2014 10:27:25 -0400
> From: aland at deployingradius.com
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Issue with DHCP with Wireless card
>
> Hugh McLenaghan wrote:
>> When i set this up before I didn't have an IPSEC VPN set up and I got it working.
>> When I came back to work on it, I had set up an IPSEC VPN in the meantime. Now freeradius wasn't working for DHCP, however ISC DHCPD WAS working. So i was assuming it was completely an issue with freeradius. It does have an issue causing the problem, however it has at least identified WHY things are broken for me!
>
> OK. DHCP gets tricky with multiple interfaces.
>
>> So i have 2 rules in my ipsec-tools.conf file:-
>>
>> spdadd 10.199.100.0/28 0.0.0.0/0 any -P out ipsec
>> esp/tunnel/yy.yy.yy.yy-xx.xx.xx.xx/require;
>> spdadd 0.0.0.0/0 10.199.100.0/28 any -P in ipsec
>> esp/tunnel/xx.xx.xx.xx-yy.yy.yy.yy/require;
>
> Hmm... DHCP works via broadcast on the local network, and broadcast
> traffic isn't routed.
>
>> NOW, what's happening is that the freeradius DHCP server is sending the reply packets FROM 0.0.0.0 to the 10.199.100.x network.
>
> It's not supposed to do that. The should be sending a reply FROM it's
> own IP address, not 0.0.0.0. However... if it can't discover the
> interfaces IP address, it just uses 0.0.0.0. ISC DHCP has code to troll
> through all of the addresses for an interface, and then uses that.
>
>> So I guess to fully fix the freeradius DHCP we need to try to get the SRC address of the reply packets coming from the Interface IP and not from 0.0.0.0
>
> Done. There's more it can do, but that can wait until after 3.0.2.
>
>> If I can help in any way, PLEASE let me know.
>
> This helps enormously. I've pushed a fix. You can either grab the
> "v3.0.x" branch from git && re-build, or you can edit your current
> configuration, and do:
>
> listen {
> type = dhcp
> ipaddr = *
> src_ipaddr = 10.199.100.1 # add this
> }
>
>
> I've also added documentation for the src_ipaddr configuration ite,
>
>> I'd like to get this resolved, since the features in freeradius are worth it :) Well done on all the features, it's a great product.
>
> Thanks. We try hard to make FreeRADIUS crush ISC DHCPd. :)
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list