# Configuration for the SQL based IP Pool module (rlm_sqlippool) # # The database schemas are available at: # # raddb/mods-config/sql/ippool//schema.sql # # $Id$ sqlippool { # SQL instance to use (from mods-available/sql) # # If you have multiple sql instances, such as "sql sql1 {...}", # use the *instance* name here: sql1. sql_module_instance = "sql" # This is duplicative of info available in the SQL module, but # we have to list it here as we do not yet support nested # reference expansions. dialect = "mysql" # Name of the check item attribute to be used as a key in the SQL queries pool_name = "Pool-Name" # SQL table to use for ippool range and lease info ippool_table = "radippool" # IP lease duration. (Leases expire even if Acct Stop packet is lost) # # Note that you SHOULD also set Session-Timeout to this value! # That way the NAS will automatically kick the user offline when the # lease expires. # lease_duration = 3600 # # Timeout between each consecutive 'allocate_clear' queries (default: 1s) # This will avoid having too many deadlock issues, especially on MySQL backend. # allocate_clear_timeout = 1 # # The attribute to use for IP address assignment. The # default is Framed-IP-Address. You can change this to any # attribute which is IPv4 or IPv6. # # e.g. Framed-IPv6-Prefix, or Delegated-IPv6-Prefix. # # All of the default queries use this attribute_name. So you # can do IPv6 address assignment simply by putting IPv6 # addresses into the pool, and changing the following line to # "Framed-IPv6-Prefix" # # Note that you MUST use separate pools for each attribute. i.e. one pool # for Framed-IP-Address, a different one for Framed-IPv6-prefix, etc. # # This means configuring separate "sqlippool" instances, and different # "ippool_table" in SQL. Then, populate the pool with addresses and # it will all just work. # attribute_name = Framed-IP-Address # # Assign the IP address, even if the above attribute already exists # in the reply. # # allow_duplicates = no # The attribute in which an IP address hint may be supplied req_attribute_name = Framed-IP-Address # Attribute which should be considered unique per NAS # # Using NAS-Port gives behaviour similar to rlm_ippool. (And ACS) # Using Calling-Station-Id works for NAS that send fixed NAS-Port # ONLY change this if you know what you are doing! pool_key = "%{NAS-Port}" # pool_key = "%{Calling-Station-Id}" ################################################################ # # WARNING: MySQL (MyISAM) has certain limitations that means it can # hand out the same IP address to 2 different users. # # We suggest using an SQL DB with proper transaction # support, such as PostgreSQL, or using MySQL # with InnoDB. # ################################################################ # These messages are added to the "control" items, as # Module-Success-Message. They are not logged anywhere else, # unlike previous versions. If you want to have them logged # to a file, see the "linelog" module, and create an entry # which writes Module-Success-Message message. # messages { exists = "Existing IP: %{reply:${..attribute_name}} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" success = "Allocated IP: %{reply:${..attribute_name}} from %{control:${..pool_name}} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" clear = "Released IP %{request:${..attribute_name}} (did %{Called-Station-Id} cli %{Calling-Station-Id} user %{User-Name})" failed = "IP Allocation FAILED from %{control:${..pool_name}} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" nopool = "No ${..pool_name} defined (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" } $INCLUDE ${modconfdir}/sql/ippool/${dialect}/queries.conf }