Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
  
[+] Expand All
[-] Collapse All

IP Address Assignment

Steel-Belted Radius Carrier can assign IPv4 addresses to users in several ways:

  • Static assignment—The same IP address is assigned to a user each time the user connects. For example, if the user Kevin has a Framed-IP-Address attribute set to 123.11.245.123, then the IP address 123.11.245.123 is assigned each time Kevin connects to the network.
  • Assignment from a specific address pool—An address is assigned from a specific pool when the user connects. For example, if user Kevin has a Framed-IP-Address attribute set to the Sales IP address pool, the next available IP address from Sales is assigned when Kevin connects to the network.
  • Assignment from the RADIUS client’s IP address pool (or set of IP address pools)—An address is assigned from one of the pools associated with the RADIUS client that makes the connection when a user connects. For example, assume that a RADIUS client called RAS1 uses IP address pool A, and a RADIUS client called RAS2 uses IP address pool B. A User entry called Kevin has a Framed-IP-Address attribute value of pool associated with RADIUS Client. When user Kevin gets a port on RAS1, an IP address from pool A is assigned. On the next call, Kevin might connect to RAS2; in this case an address from pool B is assigned.

    Alternatively, if a user has been associated with a particular NAS-specific IP address pool (and suffix), an IP address from that pool is assigned.

  • Assignment from DHCP server—An address is assigned from a DHCP server for a user-configurable period of time (DHCP lease) when a user connects. The DHCP lease period is typically significant (for example, twenty-four hours).

Address Pools and Replication

Address pool applies to non-cluster installations only and the information is not distributed with other configuration information in a replicated environment. If you are using IPv4 address pools in a replication environment, you must configure address pools separately on each replica server, and then use the same names to configure a master list of address pools on your primary server.

The master list of address pools configured on the primary server must include the names of all the pools on all of the replica servers. For example, Figure 18 illustrates a simple environment that uses four address pools. POOL1 and POOL2 are configured on one replica server and POOL4 is configured on a different replica server. As a consequence, the IP address pool list on the primary server must include POOL1, POOL2, POOL3 (the pool used by the primary server), and POOL4.

Figure 18: IP Address Pools in a Replication Environment

IP Address Pools in a Replication Environment

The network administrator must configure RADIUS clients (including the address pool associated with a RADIUS client) on the primary server. This RADIUS client/address pool association (but not the address pool information itself) is stored as part of the replication package passed from the primary server to the replica servers.

Hints

Steel-Belted Radius Carrier can treat the attribute Framed-IP-Address as a hint. This means that if this attribute appears in the Access-Request and the user return list is configured to allocate Framed-IP-Address from a pool, the IP address in the Access-Request is returned instead of the newly-allocated IP address.

This functionality is defined in the [Configuration] section of radius.ini:

[Configuration] Framed-IP-AddressHint = <yes/no>

When hints are enabled, Steel-Belted Radius Carrier uses a hint to determine the value of the Framed-IP-Address attribute in the access response. This means that Framed-IP-Address in the Access-Request is returned in the Access-Accept, regardless of the Framed-IP-Address value stored in the user’s account.

The default value is no.

Table 20 details the effect of hints:

Table 20: Effect of Hints

Account Configuration

Framed-IP-Address Returned Without Hints

Framed-IP-Address Returned With Hints

No Framed-IP-Address

No value

Framed-IP-Address from Access-Request

Static Address

Static address

Static address

Address from Pool

Next address from pool

Framed-IP-Address from Access-Request

Caution: By using hints, you can assign the same IP address to multiple active accounts.

Modified: 2017-03-07