Fajar A. Nugraha wrote: > On Sun, Jun 7, 2009 at 8:09 PM, Arran > Cudbard-Bell<[email protected]> wrote: > >> Karl Auer wrote: >> >>> On Sun, 2009-06-07 at 12:22 +0100, Alexander Clouter wrote: >>> >>> >>>> I have been using DHCP with a LDAP patch that is getting harder and >>>> harder to maintain. FreeRADIUS can pretty much do the same, I get to >>>> keep my LDAP policy schema stuff (and write a unlang glue to use it) and >>>> you get proper DHCP load-balancing/failover. >>>> >>>> >>> DHCP failover and load-balancing are not simple *at all*. >>> >>> >> They're trivial once you're storing leases in a transactional database. >> > > Can freeradius also detect "rogue" clients which uses static IP > address? If yes, this could be THE dhcp server I'm looking for. > It'd be possible to implement this functionality with the policy language... yes. But it won't do it out of the box.
You'd send an ARP-Request for the IP you were allocating, and if you get a response then you'd log it. You can use the exec module to achieve such functionality, or link it in with python/perl. > Last I check ISC's DHCP tries ping first, but newer Windows (with icmp > echo disabled by default) makes it somewhat less useful. > > I think ARP-Requests would work better than pings in this case; as almost all client side firewalls will allow them to pass. Thanks, Arran Arran
signature.asc
Description: OpenPGP digital signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
