Excatly what Jake says is right.
Back since 1.6 flip.pl is used to flip the admin port
Might be a good idea for inverse to make the sleep command a configurable
setting.
In SNMP.pm
sub handleReAssignVlanTrapForWiredMacAuth
Has the sleep command there, that tells how long the port should remain shut
before its opened again.
# TODO extract that behavior in a method call in pf::vlan so it can be
overridden easily
if ( !$hasPhone ) {
$logger->info( "no VoIP phone is currently connected at " . $switch_ip
. " ifIndex $ifIndex. Flipping port admin status"
);
$this->setAdminStatus( $ifIndex, 0 );
sleep(2);
$this->setAdminStatus( $ifIndex, 1 );
Basically just edit that value to your own needs.
Met vriendelijke groet,
Maikel van der Roest
Senior Network Engineer
Utelisys Communications B.V.
Trinity Buildings
Tower A, 7th floor
Pietersbergweg 15
1105 BM Amsterdam
Tel +31 - 20 - 561 8009
Fax +31 - 20 - 561 8021
www.utelisys.com <http://www.utelisys.com/>
-----Original Message-----
From: Sallee, Stephen (Jake) [mailto:[email protected]]
Sent: woensdag 16 februari 2011 22:30
To: [email protected]
Subject: Re: [Packetfence-users] Flipping port admin status delay
Just my $.02 so take it with a grain of salt (especially if you love salt!)
1) since PF is Perl you could interject a wait <whatever> seconds statement
into the code, but that's an ugly hack and will probably cause you no end of
trouble if you ever upgrade
2) since you are still testing perhaps using 802.1x authentication would be
better for you, since this implicitly involves the client through the
supplicant, the client fully understands that it should see a state change ad
should react accordingly.
Just a thought...
Jake Sallee
Godfather Of Bandwidth
Network Engineer
Fone: 254-295-4658
Phax: 254-295-4221
-----Original Message-----
From: Renbarger, Nate [mailto:[email protected]]
Sent: Wednesday, February 16, 2011 1:35 PM
To: [email protected]
Subject: [Packetfence-users] Flipping port admin status delay
I am working on setting up PacketFence in a test environment and most of it is
running smoothly and working very well. I am currently having an issue where
the user machine that I am using to test with is Ubuntu 10.04 and there seems
to be some setting in Ubuntu (maybe Linux in general I haven't tried any other
distros yet) where it delays for about 5 seconds before the network interface
registers as down after it has been unplugged or the interface is shutdown. My
guess is it does that so if there is a slight hiccup in the link it doesn't
lose its connection.
The problem is it causes the connection to not be reset when PacketFence flips
the vlan and admin status of the port. Looking at the logs in packetfence and
the switch, it is actually shutting down the port and bringing it back up.
Ubuntu though, is not showing the interface as down so I have to manually reset
the interface on Ubuntu to get an IP address on the newly set vlan. I tried a
Windows 7 machine and it worked fine because it immediately registers the
interface as being down.
Has anyone else run into this issue? Would there be a way to program in a delay
between the admin status down and up SNMP writes to the switch so it would
leave the port down for some set amount of seconds? Thanks for any help.
NATE RENBARGER
NETWORK ADMINISTRATOR, UNIVERSITY INFORMATION TECHNOLOGY
INDIANA WESLEYAN UNIVERSITY
4201 S. WASHINGTON ST.
MARION, IN 46953
765.677.2340 | 765.677.2020 FAX
[email protected]
INDWES.EDU/IT
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
