Fwd: Error binding to port for 0.0.0.0 port 1812 | address already used
Steven Walters
steven.walters1 at gmail.com
Mon Sep 26 08:36:48 UTC 2022
Hi Nick
I upgraded to FreeRADIUS Version 3.2.0 and still have the same error
message.
Nothing bound to port 1812.
ss -lunp | grep 1812
[root at radius-02.cnt sites-enabled]# ss -lunp
State Recv-Q Send-Q
Local Address:Port
Peer
Address:Port
UNCONN 0 0
127.0.0.1:323
*:* users:(("chronyd",pid=771,fd=5))
UNCONN 0 0
[::1]:323
[::]:* users:(("chronyd",pid=771,fd=6))
Regards
Steven
On Sat, 24 Sept 2022 at 14:00, <
freeradius-users-request at lists.freeradius.org> wrote:
> Send Freeradius-Users mailing list submissions to
> freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
> freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
> freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
> 1. Re: sqlippool, allocate_find and duplicate address if NAS
> packets are received in the reverse order (Matteo Sgalaberni)
> 2. Re: Fwd: Error binding to port for 0.0.0.0 port 1812 |
> address already used (Steven Walters)
> 3. Re: Fwd: Error binding to port for 0.0.0.0 port 1812 |
> address already used (Nick Porter)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 23 Sep 2022 13:41:18 +0000 (UTC)
> From: Matteo Sgalaberni <sgala at sgala.com>
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Subject: Re: sqlippool, allocate_find and duplicate address if NAS
> packets are received in the reverse order
> Message-ID:
> <1510281924.290603.1663940478970.JavaMail.zimbra at ehiweb.it>
> Content-Type: text/plain; charset=utf-8
>
> ----- On 17 Sep, 2022, at 14:47, Alan DeKok aland at deployingradius.com
> wrote:
> > Whatever solution works for you is fine. That's why the queries are
> editable,
> > and documented. You can change them to work around issues in your
> network.
>
> Hi Alan,
>
> I found that my thesis are very "obsolete" and related to an older
> "queries.conf".
>
> On the branch release_3_0_26 I found a patch authored by Nick Porter
>
>
> https://github.com/FreeRADIUS/freeradius-server/commit/1e9ab2a99674bb598af87c32e9202bc13c84e393
>
> related to this pull request:
> https://github.com/FreeRADIUS/freeradius-server/pull/3651
>
> from the pull request description:
> >Updates to schema - set default values for all columns, including
> expiry_time. This allows pools to be populated with the new helper script
> which only updates pool_name and framedipaddress. Having expiry_time as a
> NOT NULL >removes the need for selection criteria such as (expiry_time <
> NOW OR expiry_time IS NULL), enabling better use of indexes.
>
> >Updates to queries -
>
> >Take advantage of the new allocate_existing query to split re-issuing of
> existing address from finding a free one
> >Amend all "freeing" queries so that they just expire the entry rather
> than clearing all client data. Essential to allow "sticky" IP behaviour
> >Remove allocate_clear queries that achieve nothing useful (and also break
> "sticky" IP behaviour)
>
> So the issue was resolved by Nick in 2020 ;) Thanks Nick!
>
> Case closed;)
>
> Thanks to all,
>
> Matteo
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 23 Sep 2022 19:05:24 +0200
> From: Steven Walters <steven.walters1 at gmail.com>
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Fwd: Error binding to port for 0.0.0.0 port 1812 |
> address already used
> Message-ID:
> <CALF=EM+i=
> fTu-fyL4pK+KbT8TGH22LSHajwy0O9mrn4fEMPFOA at mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> Thanks for the response Nick. I tried version first 3.0.26 but had an issue
> with the openldap driver on RHEL7 when trying to start freeradius. As we
> are running RHEL7 I decided on the highest version available from the RHEL7
> repo, which is 3.0.13.
>
> I confirmed no freeradius is not running in the background. If I remove
> all the sites except default and inner-tunnel, freeradius starts fine.
>
> With the following sites enabled no start.
>
> [root at radius-02.cnt sites-enabled]# ls -ltr
> total 0
> lrwxrwxrwx. 1 root radiusd 26 Sep 22 11:36 default ->
> ../sites-available/default
> lrwxrwxrwx. 1 root radiusd 31 Sep 22 11:36 inner-tunnel ->
> ../sites-available/inner-tunnel
> lrwxrwxrwx. 1 root root 25 Sep 23 18:38 mobile ->
> ../sites-available/mobile
> lrwxrwxrwx. 1 root root 34 Sep 23 18:38 staticipaddress ->
> ../sites-available/staticipaddress
>
> With only the following sites-enabled, freeradius starts. The same configs
> that worked under 3.0.1 with no issue.
>
> [root at radius-02.cnt sites-enabled]# ls -ltr
> total 0
> lrwxrwxrwx. 1 root radiusd 26 Sep 22 11:36 default ->
> ../sites-available/default
> lrwxrwxrwx. 1 root radiusd 31 Sep 22 11:36 inner-tunnel ->
> ../sites-available/inner-tunnel
>
> Default, mobile and staticipaddress using the same protocols (1812 auth and
> 1813 acct) and "ipaddr=*" for all three.
>
> Kind Regards
> Steven
>
> On Fri, 23 Sept 2022 at 14:00, <
> freeradius-users-request at lists.freeradius.org> wrote:
>
> > Send Freeradius-Users mailing list submissions to
> > freeradius-users at lists.freeradius.org
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > https://lists.freeradius.org/mailman/listinfo/freeradius-users
> > or, via email, send a message with subject or body 'help' to
> > freeradius-users-request at lists.freeradius.org
> >
> > You can reach the person managing the list at
> > freeradius-users-owner at lists.freeradius.org
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of Freeradius-Users digest..."
> >
> >
> > Today's Topics:
> >
> > 1. Re: looking for help on an unusual config (dan)
> > 2. Re: looking for help on an unusual config (Alan DeKok)
> > 3. Re: looking for help on an unusual config (dan)
> > 4. Fwd: Error binding to port for 0.0.0.0 port 1812 | address
> > already used (Steven Walters)
> > 5. Re: Fwd: Error binding to port for 0.0.0.0 port 1812 |
> > address already used (Nick Porter)
> >
> >
> > ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Thu, 22 Sep 2022 10:12:21 -0600
> > From: dan <dandenson at gmail.com>
> > To: FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Subject: Re: looking for help on an unusual config
> > Message-ID:
> > <CAA_JP8XYijQ+vp349N23TOtPtR+L8X_ofdCv541cagq=
> > 3kF4Ug at mail.gmail.com>
> > Content-Type: text/plain; charset="UTF-8"
> >
> > >
> > >
> > > You can use nested expansions / alternation...
> > >
> > > %{%{%{remote-id}:-%{circuit-id}}:-%{mac-address}}
> > >
> > > See the debug output for the actual names of the attributes.
> > >
> > > Use that for the key, and then whatever is there will just work.
> > >
> > > ok, I'll dig into that.
> >
> > > > It appears that all DHCP servers work under the assumption that if
> you
> > > want
> > > > to do something like this you'll radius back it against a database w/
> > CRM
> > > > etc. I don't really care about the database part of this initially.
> > > >
> > > > Thoughts? is this something freeradius can be configured to handle
> > > without
> > > > adding a database backend?
> > >
> > > It's difficult to do DHCP assignment without a database. You
> generally
> > > need some way to track the IP address assignments.
> > >
> > > Alan DeKok.
> > >
> >
> > I don't really want to track IPs in a database, I want them in my routers
> > so I'd prefer freeradius as just the radius backend, not using it's DHCP
> > capabilities.
> >
> > Ideally, I want to use Mikrotik's DHCP server hitting freeradius because
> I
> > don't really want to track the IPs so much as just offer a very long
> lease
> > and I'd prefer the visibility of that right in the router itself. I
> might
> > be missing something here though. DHCP request comes in w/ option 82
> extra
> > data, forwards to radius, freeradius replies with a client ID based on
> what
> > I've used to filter yes? ie, request comes in with remote id of
> '00:11:22'
> > so I want freeradius to reply with client id of 00:11:22' and 'dhcp pool
> =
> > users' and 'accept'. Then my router will hand out an address from pool
> > 'users' and the lease will show that client id. If another dhcp request
> > comes in with a different MAC but the same option 82 remote ID, radius
> will
> > do the same thing, reply back with the client id and the lease get's
> > updated/replaced.
> >
> > Does this makes sense?
> >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Thu, 22 Sep 2022 12:24:14 -0400
> > From: Alan DeKok <aland at deployingradius.com>
> > To: FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Subject: Re: looking for help on an unusual config
> > Message-ID: <B775FF3A-D488-4152-9BA1-14F36AFA4902 at deployingradius.com>
> > Content-Type: text/plain; charset=us-ascii
> >
> > On Sep 22, 2022, at 12:12 PM, dan <dandenson at gmail.com> wrote:
> > > ie, request comes in with remote id of '00:11:22'
> > > so I want freeradius to reply with client id of 00:11:22' and 'dhcp
> pool
> > =
> > > users' and 'accept'.
> >
> > OK... I assume there are actual RADIUS attributes for this?
> >
> > They're certainly not standard attributes. Maybe Mikrotik has such
> > attributes, but I don't use Mikrotik, so I'm not familiar with them.
> >
> > > Then my router will hand out an address from pool
> > > 'users' and the lease will show that client id. If another dhcp
> request
> > > comes in with a different MAC but the same option 82 remote ID, radius
> > will
> > > do the same thing, reply back with the client id and the lease get's
> > > updated/replaced.
> > >
> > > Does this makes sense?
> >
> > That explanation makes a lot more sense than the previous very vague
> > question. Details matter. And giving details helps us give you the
> > correct solution.
> >
> > Which here is (as always): run the server in debug mode.
> >
> > See which attributes come in the packet. Then, write if / then / else
> > rules to match attributes. And to reply with more attributes.
> >
> > See the Mikrotik documentation and/or dictionaries for which attributes
> > need to be in the reply.
> >
> > See the FreeRADIUS documentation for how to configure FreeRADIUS.
> >
> > There are 1000 vendors, each of which have 1000 different products. We
> > can't document them all, unfortunately.
> >
> > Alan DeKok.
> >
> >
> >
> > ------------------------------
> >
> > Message: 3
> > Date: Thu, 22 Sep 2022 13:31:43 -0600
> > From: dan <dandenson at gmail.com>
> > To: FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Subject: Re: looking for help on an unusual config
> > Message-ID:
> > <
> > CAA_JP8WugNMinue45nZykEiXLsYBKroxXY-sGvuFXyK+OMO1SQ at mail.gmail.com>
> > Content-Type: text/plain; charset="UTF-8"
> >
> > 'Alan, thanks for the help here, I appreciate it. Took me a minute to
> > get freeradius installed and hack my way through the very basics but
> > here's what I have.
> >
> > Test setup is ubuntu 22.04 freeradius from repos. Mikrotik routeros
> > v7 'router' running DHCP with radius pointed to the ubuntu box.
> > Another mikrotik v7 'bridge' to insert DHCP option 82.
> > The data it inserts is:
> > Agent Circuit ID = 'mAP-1 eth 0/2'
> > Agent Remote ID = 'ether2'
> >
> > So I'm looking for the Circuit ID here.
> >
> > freeradius -X -x with the client for the mikrotik router.
> >
> > I'm using a yealink phone as the target device here because it's handy.
> >
> > Ready to process requests
> > (8) Received Accounting-Request Id 76 from 192.168.1.208:50139 to
> > 192.168.1.211:1813 length 216
> > (8) User-Name = "00:15:65:A4:E0:1F"
> > (8) NAS-Port-Type = Ethernet
> > (8) NAS-Port = 2208301057
> > (8) Service-Type = Framed-User
> > (8) Calling-Station-Id = "1:0:15:65:a4:e0:1f"
> > (8) Framed-IP-Address = 100.72.2.199
> > (8) Called-Station-Id = "APs"
> > (8) Agent-Remote-Id = 0x657468657232
> > (8) ADSL-Agent-Remote-Id = 0x657468657232
> > (8) Agent-Circuit-Id = 0x6d41502d312065746820302f32
> > (8) ADSL-Agent-Circuit-Id = 0x6d41502d312065746820302f32
> > (8) Event-Timestamp = "Sep 22 2022 19:15:06 UTC"
> > (8) Acct-Status-Type = Stop
> > (8) Acct-Session-Id = "0100a083"
> > (8) Acct-Authentic = Local
> > (8) Acct-Session-Time = 2218
> > (8) NAS-Identifier = "RLB-Access"
> > (8) Acct-Delay-Time = 0
> > (8) NAS-IP-Address = 192.168.1.208
> >
> > Agent-Remote-Id's HEX converts to 'ether2'
> > Agent-Circuit-Id's HEX converts to 'mAP-1 eth 0/2'
> > The 'ADSL versions are identical data so either one I think is usable..
> >
> >
> > On some platforms I can manipulate these two values. On these
> > Mikrotik's Remote ID is always set to the device id + serialized port
> > id, 'mAP-1' is the 'bridge' device's identification (I can change
> > this) and 'eth 0/2' is switch1, port 2 So basically I want to use the
> > 'Agent-Circuit-Id'. Other platforms like cambiums cnwave I manually
> > put this data into the customer prem radio, so that's likely the
> > radio's MAC address. On Ubiquiti I can't remember but I think it's
> > radio name + port number as well. I can verify this later. End of
> > the day, the HEX value of agent id I think is what I want as the
> > username *AND* what I want freeradius to reply for Client ID.
> >
> >
> > On Thu, Sep 22, 2022 at 10:24 AM Alan DeKok <aland at deployingradius.com>
> > wrote:
> > >
> > > On Sep 22, 2022, at 12:12 PM, dan <dandenson at gmail.com> wrote:
> > > > ie, request comes in with remote id of '00:11:22'
> > > > so I want freeradius to reply with client id of 00:11:22' and 'dhcp
> > pool =
> > > > users' and 'accept'.
> > >
> > > OK... I assume there are actual RADIUS attributes for this?
> > >
> > > They're certainly not standard attributes. Maybe Mikrotik has such
> > attributes, but I don't use Mikrotik, so I'm not familiar with them.
> > >
> > > > Then my router will hand out an address from pool
> > > > 'users' and the lease will show that client id. If another dhcp
> > request
> > > > comes in with a different MAC but the same option 82 remote ID,
> radius
> > will
> > > > do the same thing, reply back with the client id and the lease get's
> > > > updated/replaced.
> > > >
> > > > Does this makes sense?
> > >
> > > That explanation makes a lot more sense than the previous very vague
> > question. Details matter. And giving details helps us give you the
> > correct solution.
> > >
> > > Which here is (as always): run the server in debug mode.
> > >
> > > See which attributes come in the packet. Then, write if / then /
> else
> > rules to match attributes. And to reply with more attributes.
> > >
> > > See the Mikrotik documentation and/or dictionaries for which
> > attributes need to be in the reply.
> > >
> > > See the FreeRADIUS documentation for how to configure FreeRADIUS.
> > >
> > > There are 1000 vendors, each of which have 1000 different products.
> > We can't document them all, unfortunately.
> > >
> > > Alan DeKok.
> > >
> > > -
> > > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> >
> > ------------------------------
> >
> > Message: 4
> > Date: Fri, 23 Sep 2022 07:03:47 +0200
> > From: Steven Walters <steven.walters1 at gmail.com>
> > To: freeradius-users at lists.freeradius.org
> > Subject: Fwd: Error binding to port for 0.0.0.0 port 1812 | address
> > already used
> > Message-ID:
> > <CALF=
> > EMJbdhACzrEzv97bnFg_q+25VVP9POVx1tmj1U8wBd5-2g at mail.gmail.com>
> > Content-Type: text/plain; charset="UTF-8"
> >
> > Hi
> >
> > We are planning to upgrade from freeradius version 3.0.1 to 3.0.13. I am
> > busy testing in the lab. After upgrade, radius don't want to start with
> the
> > following error:
> >
> > "Failed binding to auth address * port 1812 bound to server
> > staticipaddress: Address already in use
> > /etc/raddb/sites-enabled/staticipaddress[59]: Error binding to port for
> > 0.0.0.0 port 1812"
> >
> > We are running multiple virtual servers on the same port 1812 and 1813.
> The
> > "ipaddr = *" set in all site configurations.
> >
> > It seems something changed between versions so any advice will be
> > appreciated?
> >
> > Regards
> > Steven
> >
> >
> > ------------------------------
> >
> > Message: 5
> > Date: Fri, 23 Sep 2022 09:22:47 +0100
> > From: Nick Porter <nick at portercomputing.co.uk>
> > To: freeradius-users at lists.freeradius.org
> > Subject: Re: Fwd: Error binding to port for 0.0.0.0 port 1812 |
> > address already used
> > Message-ID:
> > <618c16c9-3a16-d8dd-a282-b720e5bf5469 at portercomputing.co.uk>
> > Content-Type: text/plain; charset="utf-8"; Format="flowed"
> >
> > On 23/09/2022 06:03, Steven Walters wrote:
> > > Hi
> > >
> > > We are planning to upgrade from freeradius version 3.0.1 to 3.0.13.
> >
> > Why upgrade to 3.0.13 - that's 5 years old.? 3.2.0 or 3.0.26 are what
> > you should be using now.? https://packages.networkradius.com/
> >
> > > I am
> > > busy testing in the lab. After upgrade, radius don't want to start with
> > the
> > > following error:
> > >
> > > "Failed binding to auth address * port 1812 bound to server
> > > staticipaddress: Address already in use
> > > /etc/raddb/sites-enabled/staticipaddress[59]: Error binding to port for
> > > 0.0.0.0 port 1812"
> >
> > That error means something else is already bound to port 1812 - likely
> > FreeRADIUS running in the background.
> >
> > Kill the existing processes first
> >
> > >
> > > We are running multiple virtual servers on the same port 1812 and 1813.
> > The
> > > "ipaddr = *" set in all site configurations.
> > >
> > > It seems something changed between versions so any advice will be
> > > appreciated?
> > >
> > > Regards
> > > Steven
> > > -
> > > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> > --
> > Nick Porter
> >
> > -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: OpenPGP_signature
> > Type: application/pgp-signature
> > Size: 665 bytes
> > Desc: OpenPGP digital signature
> > URL: <
> >
> http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220923/8b3d9b58/attachment-0001.sig
> > >
> >
> > ------------------------------
> >
> > Subject: Digest Footer
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> >
> > ------------------------------
> >
> > End of Freeradius-Users Digest, Vol 209, Issue 30
> > *************************************************
> >
>
>
> --
> Warm Regads
>
> Steven Walters
> 0814287179
>
>
> ------------------------------
>
> Message: 3
> Date: Fri, 23 Sep 2022 18:26:59 +0100
> From: Nick Porter <nick at portercomputing.co.uk>
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Fwd: Error binding to port for 0.0.0.0 port 1812 |
> address already used
> Message-ID:
> <16661180-c6f0-18a1-09c3-b95fe64ea7db at portercomputing.co.uk>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> On 23/09/2022 18:05, Steven Walters wrote:
> > Thanks for the response Nick. I tried version first 3.0.26 but had an
> issue
> > with the openldap driver on RHEL7 when trying to start freeradius. As
> we
> > are running RHEL7 I decided on the highest version available from the
> RHEL7
> > repo, which is 3.0.13.
> As the instructions on packages.networkradius.com state, you need the
> LDAP Toolbox Project repository as well as the Network RADIUS one on
> RHEL 7 - this is due to RedHat compiling their LDAP libraries against
> NSS rather than OpenSSL
> > I confirmed no freeradius is not running in the background. If I remove
> > all the sites except default and inner-tunnel, freeradius starts fine.
>
> If FreeRADIUS is unable to bind to port 1812, then something else is
> bound to that port.
>
> Try
>
> sudo ss -lunp | grep 1812
>
> to see what is bound to that port.
>
> >
> > With the following sites enabled no start.
> >
> > [root at radius-02.cnt sites-enabled]# ls -ltr
> > total 0
> > lrwxrwxrwx. 1 root radiusd 26 Sep 22 11:36 default ->
> > ../sites-available/default
> > lrwxrwxrwx. 1 root radiusd 31 Sep 22 11:36 inner-tunnel ->
> > ../sites-available/inner-tunnel
> > lrwxrwxrwx. 1 root root 25 Sep 23 18:38 mobile ->
> > ../sites-available/mobile
> > lrwxrwxrwx. 1 root root 34 Sep 23 18:38 staticipaddress ->
> > ../sites-available/staticipaddress
> >
> > With only the following sites-enabled, freeradius starts. The same
> configs
> > that worked under 3.0.1 with no issue.
> >
> > [root at radius-02.cnt sites-enabled]# ls -ltr
> > total 0
> > lrwxrwxrwx. 1 root radiusd 26 Sep 22 11:36 default ->
> > ../sites-available/default
> > lrwxrwxrwx. 1 root radiusd 31 Sep 22 11:36 inner-tunnel ->
> > ../sites-available/inner-tunnel
> >
> > Default, mobile and staticipaddress using the same protocols (1812 auth
> and
> > 1813 acct) and "ipaddr=*" for all three.
> >
> > Kind Regards
> > Steven
> >
> >
> --
> Nick Porter
>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: OpenPGP_signature
> Type: application/pgp-signature
> Size: 665 bytes
> Desc: OpenPGP digital signature
> URL: <
> http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220923/f5efee37/attachment-0001.sig
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> ------------------------------
>
> End of Freeradius-Users Digest, Vol 209, Issue 31
> *************************************************
>
--
Warm Regads
Steven Walters
0814287179
More information about the Freeradius-Users
mailing list