Respond to DHCP Lease Query requests using rlm_cache

Thu Aug 27 22:06:24 CEST 2015

> On Aug 27, 2015, at 2:40 PM, Бен Томпсон <b.thompson at latera.ru> wrote:
> 
> Hi Everyone
> 
> I have configured FreeRADIUS to as a DHCP server which offers IP addresses
> based on the option 82 values added by a DHCP relay. In cases where the
> client sends a unicast renew request bypassing the relay, the option 82
> values are queried from an instance of rlm_cache which have configured to
> keep a record of leases. (This replicates the option 82 "Stash"
> functionality in ISC DHCP Server). A bit of unlang is involved to check
> that the lease is valid and take care of clearing out the cache, but it is
> all fairly simple.
> 
> The aformentioned server is working well, but I would also like it to be
> able to respond to Lease Query requests, and wondered if it would be
> possible to make it work in a similar way using rlm_cache. I would envisage
> that configuration might look something like this:
> 
> dhcp DHCP-Lease-Query {
>        # look in the cache to see if there is an active lease

	update control {
		Cache-Status-Only := yes
	}
>       cache
	if (notfound) {
>        		# check to see if we know about this IP
>        		...some unlang lookup the IP from our usual auth source/DB

		cache
	}

>        ...
>        ... some unlang to figure out if the lease(s) are valid, etc.
>        ...
> 
>        # work out which type of reply packet is requred and add the
> relevant options
>        if (result of above says lease is active) {
>                update reply {
>                        DHCP-Message-Type := DHCP-Lease-Active
>                        ... add some other stuff to the reply...
>                }
>        }
>        elsif (result of above says lease is unassigned) {
>                update reply {
>                        DHCP-Message-Type := DHCP-Lease-Unassigned
>                        ... add some other stuff to the reply...
>                }
>        }
>        elsif (result of above says lease is unknown) {
>                update reply {
>                        DHCP-Message-Type := DHCP-Lease-Unknown
>                        ... add some other stuff to the reply...
>                }
>        }
> }
> 
> I am guessing that the source code would need to be modified, and if so, it
> may be too much for me as I am not a skilled C programmer. I would be able
> to test it however.

I don't *think* code modifications are required.

Did you just need to right control attributes for the cache module? Or something else...

If you need the cache to persist you should setup a memcached instance (or use v3.1.x and setup a Redis instance).

-Arran

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150827/0a656430/attachment.sig>