IPv6 coa isn't working having IPv6 NAS IP

Samir Patel samir198 at gmail.com
Fri Jul 17 21:47:45 CEST 2015


Hi Experts,

I need your help and expertise with pushing ipv6 coa on the 802.1x
sessions. UUT (Switch) and Freeradius are directly connected and can ping
each other.

Freeradius installed:
[root at ott-freerad-7a raddb]# radiusd -X
radiusd: FreeRADIUS Version 2.2.8, for host x86_64-unknown-linux-gnu, built
on Jul 15 2015 at 13:42:04
Copyright (C) 1999-2015 The FreeRADIUS server project and contributors.

Issue:
[root at ott-freerad-7a raddb]# /usr/local/bin/radclient -x -t 20 -c 1 -p 20
-f /usr/local/etc/raddb/coa 2020::11:1700 coa cisco
radclient: Failed to find IP address for host 2020::11:1700: Success


COA push works for IPv4 NAS IP but shows above for IPv6 case. Really
appreciate your help with the issue. I am not sure if IPv6 coa push is
supported yet with 2.2.8 freeradius version.

[root at ott-freerad-7a raddb]# more coa
Calling-Station-Id="c414.3c52.900e"
Acct-Session-Id="0x0000000b"
Cisco-Command-Code="
                    TEMP_IAF100"
[root at ott-freerad-7a raddb]#
[root at ott-freerad-7a raddb]#
[root at ott-freerad-7a raddb]#
[root at ott-freerad-7a raddb]#
[root at ott-freerad-7a raddb]# /usr/local/bin/radclient -x -t 20 -c 1 -p 20
-f /usr/local/etc/raddb/coa 2020::11:1700 coa cisco
[root at ott-freerad-7a raddb]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:50:56:8E:78:33
          inet addr:172.16.7.11  Bcast:172.16.255.255  Mask:255.255.0.0
          inet6 addr: fe80::250:56ff:fe8e:7833/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:80804 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20649 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14539074 (13.8 MiB)  TX bytes:3061296 (2.9 MiB)

eth1      Link encap:Ethernet  HWaddr 00:50:56:8E:5F:BB
          inet addr:99.0.7.12  Bcast:99.0.7.255  Mask:255.255.255.0
          inet6 addr: 2020::250:56ff:fe8e:5fbb/64 Scope:Global
          inet6 addr: fe80::250:56ff:fe8e:5fbb/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:47806 errors:0 dropped:0 overruns:0 frame:0
          TX packets:138 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3463175 (3.3 MiB)  TX bytes:17024 (16.6 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:936 errors:0 dropped:0 overruns:0 frame:0
          TX packets:936 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:66843 (65.2 KiB)  TX bytes:66843 (65.2 KiB)

[root at ott-freerad-7a raddb]#
[root at ott-freerad-7a raddb]# ping6 2020::11
PING 2020::11(2020::11) 56 data bytes
64 bytes from 2020::11: icmp_seq=0 ttl=64 time=11.4 ms
64 bytes from 2020::11: icmp_seq=1 ttl=64 time=1.52 ms

--- 2020::11 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 1.521/6.463/11.405/4.942 ms, pipe 2
[root at ott-freerad-7a raddb]#
[root at ott-freerad-7a raddb]# uname -a
Linux ott-freerad-7a 2.6.18-194.8.1.el5 #1 SMP Wed Jun 23 10:52:51 EDT 2010
x86_64 x86_64 x86_64 GNU/Linux
[root at ott-freerad-7a raddb]#

On UUT:

Router#show run int gig2/0/15
Building configuration...

Current configuration : 108 bytes
!
interface GigabitEthernet2/0/15
 no switchport
 no ip address
 ipv6 address 2020::11/64
 ipv6 enable
end

Router#
Router#
Router#
Router#
Router#
Router#
Router#
Router#show access-sess
Interface                MAC Address    Method  Domain  Status Fg  Session
ID
--------------------------------------------------------------------------------------------
GigabitEthernet2/0/14    c414.3c52.900e dot1x   DATA    Auth
000000000000001706794990

Session count = 1

Key to Session Events Blocked Status Flags:

  A - Applying Policy (multi-line status for details)
  D - Awaiting Deletion
  F - Final Removal in progress
  I - Awaiting IIF ID allocation
  P - Pushed Session
  R - Removing User Profile (multi-line status for details)
  U - Applying User Profile (multi-line status for details)
  X - Unknown Blocker

Router#
Router#show access-sess poli
Router#show access-sess inter
Router#show access-sess interface gig2/0/14 polic
Router#show access-sess interface gig2/0/14 policy
Interface            :  GigabitEthernet2/0/14
MAC Address          :  c414.3c52.900e
IPv6 Addres          :  Unknown
IPv4 Addres          :  Unknown
User-Name            :  client1
Status               :  Authorized
Domain               :  DATA
Oper host mode       :  multi-host
Oper control dir     :  both
Session timeout      :  N/A
Timeout action       :  Reauthenticate
Idle timeout         :  N/A
Common Session ID    :  000000000000001706794990
Acct Session ID      :  0x0000000b
Handle               :  0x3c00000d
Current Policy       :  DUAL
Blocked On           :

Method status list:
       Method           State
        dot1x           Authc Success

Device Classification Status:
-------------------------------------------------------------------------------
                    Profile               Device-Name
Device-Class
-------------------------------------------------------------------------------
              Un Classified             Un-Classified
 Un-Classified


More information about the Freeradius-Users mailing list