We've had ongoing problems with users, particularly guest registrations,
sporadically not getting put in ipset for some time. What happens is that
somebody registers and then are never able to get past the "success" page.
They show up as properly registered in the database but the mac and IP
never get put in ipset. I just started finding the messages in the log when
I updated and the symptoms seem to be showing up more than they used to.
Why would locationlog show up as an error when we only use inline networks?
We've been using packetfence inline for years and we've
never configured vlan mode because it won't work with most
of our equipment.
The pfdhcplistener log says nothing about though syslog dhcp entries do. I
had wondered if perhaps pfdhcplistener got confused when they tried to
switch networks. The other DHCP address came from an unaffiliated wireless
device in the building and was not one of our networks.
I'll turn up debugging.
On Thu, May 7, 2015 at 9:40 AM, Louis Munro <[email protected]> wrote:
> On May 6, 2015, at 15:27 , John Baker <[email protected]> wrote:
>
> PacketFence v5.0.1 using inline mode only.
>
> I see a lot of this in my log since the upgrade. Guest users register but
> never get inserted in ipset. The error is sporadic and usually clears after
> a restart but not always
>
> Are you sure it’s not in ipset?
> I am not doubting you, just trying to find out how you saw that happening.
>
> How many devices do you have in the ipset when that happens?
>
> Try increasing the verbosity of the packetfence.log to DEBUG and see if
> you get better error messages.
>
>
> May 05 08:50:08 httpd.portal(32014) INFO: [5c:97:f3:c4:75:83] shouldn't
> reach here. Calling access re-evaluation. Make sure your network device
> configuration is correct.
> (captiveportal::PacketFence::Controller::CaptivePortal::unknownState)
> May 05 08:50:08 httpd.portal(32014) INFO: [5c:97:f3:c4:75:83]
> re-evaluating access (redir.cgi called) (pf::enforcement::reevaluate_access)
> May 05 08:50:08 httpd.portal(32014) WARN: [5c:97:f3:c4:75:83] Can't
> re-evaluate access because no open locationlog entry was found
> (pf::enforcement::reevaluate_access
>
> The last line is significant.
> The question is, why is there no entry in the locationlog for that MAC?
> Is the pfdhcplistener process correctly running in your registration VLAN?
> Is it seeing your device (what does logs/pfdhcplistener.log say about it)?
> Ho many such processes are running?
> Are there database insert or update errors in the logs?
>
>
> The error message came in between this in the system log.
> May 5 08:50:06 larry dhcpd: DHCPREQUEST for 172.20.10.3 from
> 5c:97:f3:c4:75:83 via vlan6: wrong network.
> May 5 08:50:06 larry dhcpd: DHCPNAK on 172.20.10.3 to 5c:97:f3:c4:75:83
> via vlan6
> May 5 08:50:09 larry dhcpd: DHCPREQUEST for 172.16.2.222 from
> 5c:97:f3:c4:75:83 (Barrys-iPad) via vlan6
> May 5 08:50:09 larry dhcpd: DHCPACK on 172.16.2.222 to 5c:97:f3:c4:75:83
> (Barrys-iPad) via vlan6
>
>
>
>
> This is normal for a device changing networks.
> It first tries the old IP it had, the server NAK’s it and then it tries
> again without an IP to get a new one in the correct subnet.
>
> Regards,
> --
> Louis Munro
> [email protected] :: www.inverse.ca
> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
>
>
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
John Baker
Network Administrator
Marlboro College
Phone: 451-7551 Cell: 490-0066
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
