DHCP and Option 82

Daniel Ryšlink ryslink at dialtelecom.cz
Fri Feb 23 13:37:49 CET 2018 

> You can't just create things in the configuration and expect them to do what you want.  The configuration items are documented: what they are, and how they work.
>
> Read raddb/sites-available/dhcp.  It contains a sample virtual server for DHCP.  It also references the "dhcp_sqlippool" module described above.
>
> You can edit those files to do IP pool assignment for DHCP, using the relay options.

Okay, but how do I do that? I have read the files you mention multiple times already, they contain nothing relevant to the subject of decoding the option 82 information and using them as a key in IP pool assignment.

I understand that I cannot rewrite the existing Calling-Station-Id , but there should be a way of passing a string composed of %{dhcp_options:<Circuit-ID>}%{dhcp_options:<Agent-ID>} to the dhcp_sqlippool module that would use it as a key and assign an IP address from a matching database row - this must be like the most standard thinkable usage scenario, so how comes a clear example of working configuration I could use? Something like this:

http://freeradius.1045715.n5.nabble.com/Not-trivial-configuration-of-Freeradius-as-DHCP-server-td5725623.html

but involving the option 82? I tried to Google it, but did not find anything at all.

There is apparently also the mods-avaliable/dhcp file that should allow it somehow, but once again, there is no example of use.

Never mind, I have also noticed that the module mac2ip piggy-backs the 
password module to interpret a text file as a database to assign IP 
addresses using the MAC address of the Calling Station as a key. I tried 
to use it to do the same, only using the 
%{dhcp_options:<Circuit-ID>}%{dhcp_options:<Agent-ID>} string as a key, 
so I created this file (the character ; is used as a delimiter):

  /etc/freeradius/3.0/mods-config/dhcp/opt82toip:

0x4769302f31373a3130;0x010b465454582d535749544348;10.10.100.130 
0x4769302f31373a3130;0x010b465454582d535749544348;10.10.100.120

/etc/freeradius/3.0/mods-enabled/opt82toip:

passwd opt82toip {

filename = /etc/freeradius/3.0/mods-config/dhcp/opt82

format = 
"*DHCP-Relay-Circuit-Id;*DHCP-Relay-Remote-Id;=DHCP-Your-IP-Address"

allow_multiple_keys = yes

delimiter = ";"

}

However, when I try to start Freeradius, I get:

rlm_passwd: can't build hashtable from passwd file
/etc/freeradius/3.0/mods-enabled/opt82toip[21]: Instantiation failed for module "opt82toip"

However, I don't need to hash the file (it's not a password file after all), I just want it interpretted as a database with the first two fields as a compound key and the third field as a value that would be returned upon match. Is it possible to do it?

Thank you again for any advice.

-- 
S pozdravem,
Daniel Ryšlink
System Administrator

Dial Telecom a. s.
Křižíkova 36a/237
186 00 Praha 3, Česká Republika
Tel.:+420.226204627
daniel.ryslink at dialtelecom.cz
-----------------------------------------------
www.dialtelecom.cz
Dial Telecom, a.s.
Jednoduše se připojte
-----------------------------------------------

On 20.2.2018 08:19, Alan DeKok wrote:
> On Feb 19, 2018, at 11:18 AM, Daniel Ryšlink <ryslink at dialtelecom.cz> wrote:
>> Can anyone please provide a link to a working example of a Freeradius with DHCP virtual server where the users accessing the network are identified not by a MAC address, nor by Calling-Station-ID, but by the attributes encoded into Option 82, specifically in the radius packet:
>>
>> (0)   ADSL-Agent-Circuit-Id = 0x4769302f31393a3130
>> (0)   ADSL-Agent-Remote-Id = 0x010b465454582d535749544348
>    Yeah... those are horribly formatted.  And not automatically decoded by the server.
>
>> I use MySQL as a backend for my ippools, but the queries.conf work only operate with "Calling-Station-Id", or "Nas-Port-Id".
>    That's because it's designed to work with RADIUS packets.
>
>    You can also see raddb/mods-config/ippool-dhcp/ which contains examples of IP pools for DHCP.
>
>    The module configuration is in raddb/mods-available/dhcp_sqlippool
>
>> Is the solution to define in mods-enabled/dhcp something like:
>>
>> dhcp {
>>          Calling-Station-Id = %{dhcp_options:<Circuit-ID>}%{dhcp_options:<Agent-ID>}
>> }
>    You can't just create things in the configuration and expect them to do what you want.  The configuration items are documented: what they are, and how they work.
>
>    Read raddb/sites-available/dhcp.  It contains a sample virtual server for DHCP.  It also references the "dhcp_sqlippool" module described above.
>
>    You can edit those files to do IP pool assignment for DHCP, using the relay options.
>
>    Alan DeKok.
>
>

More information about the Freeradius-Users mailing list