ipaddr, ipv4addr ipv6addr

Arran Cudbard-Bell a.cudbardb at freeradius.org
Sat May 31 00:24:45 CEST 2014 

The behaviour of the ipaddr config item has changed slightly for 3.0.4.

If the ipaddr value contains ':' or '[' or ']', it will be treated as 
an IPv6 address. If it fails to parse as an IPv6 address the server will
refuse to start.

If the ipaddr value does not contain any ipv6 chars the server will first
check to see if it looks like an ipv4 address.
If it does, the server will parse it, if it doesn't and DNS resolution
is enabled, it will instead attempt to resolve it. If DNS resolution is 
not enabled the server will refuse to start.

If a matching A record is available it will be used, else if a AAAA record
is available else the server will refuse to start.

If instead of the ipaddr config item the ipv4addr config item is used
the server will check if it looks like an IPv4 address.
If it does, the server will parse it, if it doesn't and DNS resolution
is enabled, it will instead attempt to resolve it. If DNS resolution is 
not enabled the server will refuse to start.

If a matching A record is available it will be used, else the server will
refuse to start.

If instead of the ipaddr config item the ipv6addr config item is used
the server will check if it looks like an IPv6 address.
If it does, the server will parse it, if it doesn't and DNS resolution
is enabled, it will instead attempt to resolve it. If DNS resolution is 
not enabled the server will refuse to start.

If a matching AAAA record is available it will be used, else the server 
will refuse to start.

The behaviour is similar for the client, home_server and listen sections.
Though those config items in client sections may have an optional 
/[0-9]{1,3} suffix to map clients to ranges of IP addresses.

This should also work with things like example.org/96 though i'm not 
entirely sure why you'd ever want to do that.

'netmask' is now deprecated but will still function as expected until 
3.1.0.

These changes should make it slightly easier to manage v4/v6 transitions.

Wildcard clients 0.0.0.0 <ipaddr>/0 '*' are not supported.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140530/ad9238ab/attachment.pgp>

More information about the Freeradius-Users mailing list