radippool and expiry time

Mirko Alberio mirko.alberio at telemar.it
Fri Aug 27 16:04:25 CEST 2021


Thanks again for the support,

All is clear, we (wrongly) thought that expired allocation were 
considered NOT available by the radius

the reason we want them to be freed is that we have limited IPv4 
resources and need to optimize them at best, so we thought that the best 
way was for radius to free the allocation, but as you say expired 
allocation ARE free, that is fine... but just one doubt:

If NAS suffer a long maintanance and in the meantime the IP Pool is 
exhausted so Radius clear those expired allocation and assign them to 
new users,  but then the NAS comes back, we could experience a conflict 
with those PPPOE users still connected to that NAS and the new one that 
"stole" their allocation. Right?

Mirko Alberio - Assistenza tecnica
e-mail: mirko.alberio at telemar.it

Telemar SpA Internet Quality Provider
Via Enrico Fermi, 235 - 36100 Vicenza - Italia
Tel 0444 291302 - Fax 0444 566310 - www.telemar.it
Assistenza tecnica 0444 1420000
Reg. Imp. Di Vicenza /C.F./P.I. 02508710247
Cap. Soc. € 120.000,00 I.V.
R.E.A. VI-236292

Il 27/08/2021 15:38, Alan DeKok ha scritto:
> On Aug 27, 2021, at 4:17 AM, Mirko Alberio via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>> We have this "issue":
>> - Our NAS are correctly configured with 10 minutes Interim-Update
>> - Radius has 1h lease time for radippool module
>> all is working fine but when simulating a NAS outage, for example it becomes disconnected from our network, IPs allocated from PPPOE users on that nas remain allocated even if expiry time is expired. Then when NAS comes back the expiry time is updated and all works fine, but our doubt is if this behaviour is intended or there is some other configuration our side: I expect that if an allocation expires because no interim update is received (and no accounting-stop is received because the NAS is not communicating) allocation should be freed, right?
>    No.
>    When the NAS reboots, it should send an accounting "on" packet to FreeRADIUS.  This tells FreeRADIUS that the users are all offline.  FreeRADIUS will then clear all sessions.
>    If the NAS is just not sending packets, then FreeRADIUS does nothing.  i.e. there's no "cron" job which walks through the database to clean up expired entries.
>    When things are working fine, the expired entries are automatically cleaned up when either the NAS sends a "stop", indicating that the session is done.  Or, when another user requests an IP, and the server notices that it can re-use the expired entries.
>    So the question is, *why* would the expired entries be cleaned up, and *who* would do it?
>    A related question is why is there any issue with having expired entries in the database?  Who cares if the entry has been expired, and not marked "free" ?
>    Alan DeKok.

More information about the Freeradius-Users mailing list