FreeRADIUS 4: DHCP v4: ERROR: Expansion "network" needs to be resolved before it is used

Mon Nov 11 09:00:07 UTC 2024

Hi Alan,
Thank you for your explanations.
I am sorry for being annoying but I am still somewhat lost.

I will try to explain what I want to achieve using an example below:

Here is a network description (all network numbers are imaginary):

VLAN 10 (192.168.10.0/24, default gateway 192.168.10.1, DNS server
192.168.20.2, DHCP relay 192.168.10.1).
VLAN 20 (192.168.20.0/24, default gateway 192.168.20.1, DNS server
192.168.20.2, DHCP relay 192.168.20.1).
VLAN 30 (192.168.30.0/24, default gateway 192.168.30.1, DNS server
192.168.20.2, DHCP relay 192.168.30.1).

The FreeRADIUS is in VLAN 30, 192.168.30.5.

VLAN 10 and VLAN 20 are connected via a switch with layer 3 support
and DHCP relay.
The DHCP relay is configured to send DHCP packets to the FreeRADIUS IP
+ add the GIADDR IP address of the interface to which the relay
receives DHCP packets (Gateway-IP-Address in FreeRADIUS as far as I
understand).

The goal is to configure FreeRADIUS to offer IP addresses via DHCP for
networks VLAN 10 and VLAN 20.

The networks 192.168.10.0/24 and 192.168.20.0/24 should have different
default gateways but the same DNS settings.
Also, I would like to have the network-specific settings in some kind
of text files and not SQL database (if possible) to be able to use
external tools to generate (template) the files (expected number of
network prefixes is about 300).

For the FreeRADIUS 3 one of the recommendations was to use "files"
module with configuration in the "files" similar to (
https://www.freeradius.org/documentation/freeradius-server/3.2.5/howto/protocols/dhcp/policy_network_options.html
):

"""
network DHCP-Network-Subnet < 192.168.10.0/24
        DHCP-Subnet-Mask := 255.255.255.0,
        DHCP-Router-Address := 192.168.10.1,
        DHCP-Domain-Name-Server := 192.168.20.2,
        DHCP-IP-Address-Lease-Time := 7200

network DHCP-Network-Subnet < 192.168.20.0/24
        DHCP-Subnet-Mask := 255.255.255.0,
        DHCP-Router-Address := 192.168.20.1,
        DHCP-Domain-Name-Server := 192.168.20.2,
        DHCP-IP-Address-Lease-Time := 7200
"""

Could you, please, recommend a way to implement something similar with
FreeRADIUS 4?

// Dmitrii.

"""

On Fri, 8 Nov 2024 at 13:49, Alan DeKok <aland at deployingradius.com> wrote:
>
> On Nov 8, 2024, at 12:34 PM, Dima Ermakov <demonihin at gmail.com> wrote:
> > Here is what I want to do eventually:
> > 1. Define per IP Prefix DHCP configuration, preferably, via text
> > "files". The configuration should contain: DNS settings, Lease time,
> > Default gateway (maybe more later);
>
>   That's a little vague.
>
>   The documentation / configuration for the "files" module explains how it works.  You will need to read that, and then figure out how your requirements can be implemented in the "files" module.
>
>   Note that this does *not* mean configuring a fixed key "network" for every entry.
>
> > 2. For some network prefixes I want to define DHCP pools with SQL
> > integration to track active leases (this will be my next step, when I
> > manage to do the first step).
>
>   That's fine.
>
> > To do so, I read the wiki page (although for FreeRADIUS 3.2) about
> > DHCP and read the configuration from v3.2 (which was probably my
> > mistake).
> >
> > The examples from v3.2 (mods-available/dhcp_files) gave me the idea to
> > use static key="network" (see below):
>
>   You can't apply the v3 documentation to v4. It's a major version upgrade.
>
>
> > I see your recommendation to use DEFAULT. To implement (1), should I
> > create several DEFAULT sections + Fall-Through := yes + Network-Subnet
> > comparison operations like below?
>
>   Maybe?
>
>   What do you want to do?  You still haven't really explained.
>
>   Why not just write the rules directly in "unlang"?  If every entry matches, you might as well just write if / then / else statements.
>
>   Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

--
С уважением, Дмитрий Ермаков.