[Dnsmasq-discuss] dnsmasq dhcp relay not relaying response from upstream to client

Bino Oetomo bino at jogjacamp.co.id
Tue Jun 29 05:45:42 UTC 2021


Dear Geert Stappers

On Mon, Jun 28, 2021 at 1:29 PM Geert Stappers via Dnsmasq-discuss <
dnsmasq-discuss at lists.thekelleys.org.uk> wrote:

> Please share the whole FreeRadius DHCP server configuration file with us.
> In the mailinglist archive (
> https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015180.html
> )
> is currently only the incomplete (and "broken") configuration.
> It is a good thing to give the mailing archive a working version.
> The complete version shows where to insert the extra settings
> and which syntax.
>
>  As I stated in
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015194.html
That is, all things come from freeradius is sourced from my rest service.
for every data come from dhcp-relay, FreeRadius daemon will make a json
http post to my rest service.
In response, my rest service will tell FreeRadius daemon what it need to
tell to dhcp-relay.
So the core problem is not at FreeRadius daemon (and it's configuration),
it's in my rest service codes.

My vault not telling it from the start of this discussion

Anyway, here they are:
#----------------------------

/etc/freeradius/sites-enabled/dhcp
#----------------------------


server dhcp {

listen {
type = dhcp
        ipaddr = 10.10.254.1

port = 67

broadcast = no

performance {
skip_duplicate_checks = no
}
}

dhcp DHCP-Discover {
    rest.authorize
}

dhcp DHCP-Request {
    rest.authorize
}

dhcp DHCP-Decline {
update reply {
      &DHCP-Message-Type = DHCP-Do-Not-Respond
}
reject
}

dhcp DHCP-Inform {
dhcp_common
ok
}


dhcp DHCP-Release {
rest.authorize
}


dhcp DHCP-Lease-Query {

if (&DHCP-Client-Hardware-Address) {
}

elsif (&DHCP-Your-IP-Address) {
}

elsif (&DHCP-Client-Identifier) {
}
else {
update reply {
&DHCP-Message-Type = DHCP-Lease-Unknown
}

ok

return
}

if (notfound) {
update reply {
&DHCP-Message-Type = DHCP-Lease-Unknown
}
ok
return
}



update reply {
&DHCP-Message-Type = DHCP-Lease-Unassigned
}

}

}

#-----------------------------------------
/etc/freeradius/mods-enabled

rest {
connect_uri = "http://127.0.0.1:8888/djenroll/freeradius/"
authorize {
uri = "${..connect_uri}"
method = 'post'
                body = 'json'
}
authenticate {
                uri = "${..connect_uri}"
                method = 'post'
                body = 'json'
}

preacct {
                uri = "${..connect_uri}"
                method = 'post'
                body = 'json'
}
accounting {
                uri = "${..connect_uri}"
                method = 'post'
                body = 'json'
}
post-auth {
                uri = "${..connect_uri}"
                method = 'post'
                body = 'json'
}

   pool {
    start = 0
    min = 0
    max = 5
    spare = 0
    uses = 0
    lifetime = 0
    cleanup_interval = 30
    idle_timeout = 60
    retry_delay = 30
    spread = no
   }
}

#----------------------------



Sincerely
-bino-

>
> > So Nicolas Cavallari, I really appreciate your help.
>
> Yes, compliments to Nicolas for diagnosing the problem.
>
>
>
> > Sincerely
> > -bino-
>
>
> Please make reading in the discussion order possible,
> reply below previous text.
>
>
>
> Groeten
> Geert Stappers
> --
> Silence is hard to parse
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210629/8417cf09/attachment-0001.htm>


More information about the Dnsmasq-discuss mailing list