RE: status_check vs src_ipaddr
Alan DeKok wrote: Brian Julin wrote: It appears that a home server entry configured with src_ipaddr will use that source ip address for auth requests, but when directed to do status_check, it sends status request packets using some interface address from some other config item somewhere (not sure from which one yet.) Ah. That's an easy fix. ... A fix will go into the next release. Thank you again. In case it matters, I also was able to verify this happened with status_check=request as well. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: status_check vs src_ipaddr
Brian Julin wrote: It appears that a home server entry configured with src_ipaddr will use that source ip address for auth requests, but when directed to do status_check, it sends status request packets using some interface address from some other config item somewhere (not sure from which one yet.) Ah. That's an easy fix. Also the source port on auth requests is usually taken from the OS dynamic range (high port numbers), but for some reason these are sourced from port 1647. It's the same problem. Which is odd because I can't seem to grep 1647 out of the source code. It's not there. The proxy port is usually 1 more than the other ports... just for simplicity. Note the server sending these requests is a tad crusty (2.1.10) A fix will go into the next release. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
status_check vs src_ipaddr
Too late in the week to dig in like I should, but I was just diagnosing a problem and preliminary signs point to this: It appears that a home server entry configured with src_ipaddr will use that source ip address for auth requests, but when directed to do status_check, it sends status request packets using some interface address from some other config item somewhere (not sure from which one yet.) Also the source port on auth requests is usually taken from the OS dynamic range (high port numbers), but for some reason these are sourced from port 1647. Which is odd because I can't seem to grep 1647 out of the source code. Note the server sending these requests is a tad crusty (2.1.10) FWIW. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
