Hi Fabrice,
Yes your spot on, the issue was wrong port numbers, we'll fix that very
soon.
A slightly different issue but I need your advice on it, I have changed
bouncePort sub routine in Node.pm to send the mac address instead of switch
port index for CoA to work properly. This has been done
at /usr/local/pf/html/pfappserver/lib/pfappserver/Model/Node.pm
unless($switch->bouncePort($locationlog->{port})) { # changed port to mac
$status = $STATUS::INTERNAL_SERVER_ERROR;
$status_msg = "Couldn't restart port.";
}
Need to know what would be the best way to change this preferred behavior
from SNMP to CoA. Because later on if we submit this module to be part of
PF I guess there would be some issues about it.
Many thanks again.
Ali
On Sat, Oct 20, 2018 at 11:18 AM Durand fabrice via PacketFence-users <
[email protected]> wrote:
> Hello Ali,
>
> you did the good thing but in the capture it looks that the switch reply
> on the wrong port.
>
> CoA request: src port 52492 dst 3799
>
> CoA-ACK : src port 1812 dst 3799 (it's suppose to be src 3799 dst 52492)
>
> So it looks to me a switch bug.
>
> Regards
>
> Fabrice
> Le 18-10-15 à 05 h 47, Amjad Ali via PacketFence-users a écrit :
>
> Hi All,
>
> We have implemented CoA method to bounce port (reuse Cisco.pm
> _radiusBounceMac) in our new hardware module but with some issues.
>
> 1) The bounce port CoA request packet is received at switch, the switch
> replies with CoA-ACK and obliges with port down then port port up. (It does
> what its supposed to do, no problems)
> 2) The CoA-ACK reply packet also arrives at the switch (I confirmed it
> with tcpdump) but packetfence somehow can't get the reply packet. Instead I
> get the following log entries
>
> Oct 15 16:43:59 packetfence httpd_admin: httpd.admin(826) INFO:
> [mac:unknown] boucing MAC e0:db:55:cd:84:62 using RADIUS CoA-Request method
> (pf::Switch::Pica::bouncePort)
> Oct 15 16:43:59 packetfence httpd_admin: httpd.admin(826) WARN:
> [mac:unknown] Unable to perform RADIUS CoA-Request: Timeout waiting for a
> reply from 10.10.51.217 on port 3799 at /usr/local/pf/lib/pf/util/
> radius.pm line 162. (pf::Switch::Pica::catch {...} )
> Oct 15 16:43:59 packetfence httpd_admin: httpd.admin(826) ERROR:
> [mac:unknown] Cannot restart switch port for e0:db:55:cd:84:62
> (pfappserver::PacketFence::Controller::Node::restart_switchport)
>
> I checked the Radius.pm code (perform_dynauth), it sends the CoA request
> packet and listens for a reply, the reply arrives at the machine running
> packetfence but evades the socket listening for reply.
>
> I double checked the timeout and port number but couldn't get to the root
> cause. Any ideas would be highly appreciated. I'm attaching the capture
> request/reply pcap for your reference. Please advise.
>
> Thanks,
> Ali
> --
> Amjad Ali
>
>
> _______________________________________________
> PacketFence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
--
Amjad Ali
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
