Jump to content
Калькуляторы

Freeradius + postresql + выдача статического роутинга

интересует кто то настроил freeradius в режиме dhcp сервера чтобы в опциях выдавался роутинг статик как это делает Internet Systems Consortium DHCP Server

 

 

 

option ms-classless-static-routes code 249 = array of unsigned integer 8;

# RFC3442 routes: overrides routers option

option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;

 

заранее огромное спасибо за инфу ;)

 

Share this post


Link to post
Share on other sites

Либо всё в 249 опции отдаёте для винды.

Либо 121 для подсетей 24 и больше (23...22..21...) и 33 для одиночных хостов - это для не винды.

 

 

.....
    # routes to hosts, not network!
    #$RAD_REPLY{'DHCP-Static-Routes'} =     ['1.1.1.1','1.1.1.2',
    #                        '2.2.2.0','2.2.2.254'];


    # Note: DHCP Option 121 is ignored by DHCP clients prior to Windows Server 2008 and Windows Vista. 
    # Windows Vista and Windows Server 2008 DHCP clients use both Option 121 and Option 249.

    # standart way: RFC3442, non windows
    # the first byte gives the number of significant bits, and the 
    # subsequent bytes - one to four of them - give the bytes containing those bits.
    # 192.168.2.0 netmask 255.255.255.0 (192.168.2.0/24) is encoded as 24.192.168.2.
    #$RAD_REPLY{'DHCP-Classless-Static-Route'} =     ['24.192.168.1','192.168.1.2',
    #                            '24.192.168.2','192.168.2.254'];

    # for windows
    # 172.16.0.0/16 gw 10.16.40.100 = 16, 172,16, 10,16,40,100
    #$RAD_REPLY{'DHCP-MS-Static-Routes'} =    '0x'.mk_routes('192.168.1.0/24', '192.168.1.254');
....






# Classless-Static-Route
# http://www.linuxconfig.net/index.php/linux-manual/network/203-transfer-of-static-routes-to-dhcp.html
# http://www.linux.by/wiki/index.php/FAQ_DHCP_routes
# Usage:
#   make_classless_option({ "subnet/mask" => "router", "subnet/mask" => "router", ... });
#     subnet   the subnet address, 4 dot-separated numbers
#     mask     the subnet mask length (e.g. /24 corresponds to 255.255.255.0, /8 corresponds to 255.0.0.0)
#     router   the router address, 4 dot-separated numbers
# Example of use
#print make_classless_option({
#    "10.230.0.0/16" => "10.230.178.145"
#});
sub make_classless_option{
    my $routes = shift;
    my ($s1, $s2, $s3, $s4, $len, @bytes, $net, $mask, $destination, $router);

    $len = 2;
    @bytes = ();

    foreach $destination(keys %{$routes}) {
        ($net, $mask) = split('/', $destination);
        $router = $routes->{$destination};
        ($s1, $s2, $s3, $s4) = split(/\./, $net);
        push(@bytes, sprintf('%02x', $mask));
        push(@bytes, sprintf('%02x', $s1));
        push(@bytes, sprintf('%02x', $s2)) if($mask > 8);
        push(@bytes, sprintf('%02x', $s3)) if($mask > 16);
        push(@bytes, sprintf('%02x', $s4)) if($mask > 24);
        ($s1, $s2, $s3, $s4) = split(/\./, $router);
        push(@bytes, sprintf('%02x', $s1));
        push(@bytes, sprintf('%02x', $s2));
        push(@bytes, sprintf('%02x', $s3));
        push(@bytes, sprintf('%02x', $s4));
    }

return join(':', @bytes);
}


# MSFT - Classless route / MS-Static-Routes
# by Wingman
# http://forum.nag.ru/forum/index.php?showtopic=58851
# require: /usr/ports/net-mgmt/p5-Net-IP
# Syntax: mk_routes($net/shortmask, $gw)
sub mk_routes {
    my $net = shift;
    my $gw = shift;

    # Parse network && verify whether the syntax is correct
    my $ip = new Net::IP($net) || (print Net::IP::Error() and return);
    my $ipgw = new Net::IP($gw) || (print Net::IP::Error() and return);

    $net = $ip->short();
    my $mask = $ip->prefixlen();
    
    my $str = DH($mask);
    my @split = split /\./, $net;
    foreach(@split) {
        $str .= DH($_);
    }

    @split = split (/\./, $gw);
    foreach(@split) {
        $str .= DH($_);
    }
return $str;
}

# Do a hex from dec
sub DH {
    my $str = $_[0];
    $str = sprintf("%02X", $str);
return $str;
}

 

DH - не нужно, я просто пока не переписывал код.

 

Лучше это всё один раз сгенерировать и хранить в базе/в коде, каждый раз генерить из маршрутов опции накладно.

И словарик для дхцп у фрирадиуса не полный и не точный.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this