[Chilli] CoovaChilli 1.2.9 & AnyIP

David Bird david at coova.com
Fri Feb 10 08:52:44 UTC 2012


Hi,

It has always been the case that statip is required for anyip.
Internally, chilli has allocated 'slots' for sessions based on the dynip
and statip ranges. The dynip, of course, is where DHCP addresses are
pooled (in layer3 mode, this is just the slots for the in-range
sessions, there is no DHCP allocation). Static and anyip take a slot out
of the statip pool (even if the IP isn't in it's statip range). In the
case of natanyip, in addition to holding a slot in the static pool, an
NAT IP is reserved out of the dynip and there is a one-to-one NATing. 

Here is a working example (both clients not having problems) and the
output of chilli_query listippool:

DHCP lease time 600 sec, grace period 60 sec
First available dynamic 2 Last 252
First available static 254 Last 508
List size 509
-- Dynamic Pool
------------------------------------------------------------
Unit   0 : -inuse- :        10.1.0.2 : mac=B8-FF-61-XX-XX-XX
ip=11.11.11.11 age=172
Unit   1 : -inuse- :        10.1.0.3 : mac=78-D6-F0-XX-XX-XX ip=10.1.0.3
age=0
Unit   2 :  -1/  3 :        10.1.0.4 :
Unit   3 :   2/  4 :        10.1.0.5 :
Unit   4 :   3/  5 :        10.1.0.6 :

...
-- Static Pool
------------------------------------------------------------
Unit 253 : -inuse- :     11.11.11.11 : static mac=B8-FF-61-XX-XX-XX
ip=11.11.11.11 age=172
Unit 254 :  -1/255 :         0.0.0.0 : static
Unit 255 : 254/256 :         0.0.0.0 : static
...
Dynamic address: free 251, avail 251, used 2, err 0, sum 253/253
Static address: free 255, avail 255, used 1, err 0, sum 256/256


On Fri, 2012-02-10 at 18:46 +1100, Robert White wrote:
> Hi David,
> 
> 
> We've been using anyip WITHOUT natanyip.
> 
> 
> The setup we are trying to achieve is as follows, perhaps you could
> comment if we're going about this the right way:
> 
> 
> We have a network where people connect and get an IP via DHCP - all
> works well.
> On the same network there are people who connect and have a static IP
> - anyip is turned on.  Chilli log shows them getting assigned a static
> IP but they are never served the captive portal
> On the same network there are people who have DHCP turned on and we
> are trying to set their IP via RADIUS attributes.  This has two
> outcomes depending on whether or not we set HS_STATIP.  If we dont set
> it then chilli complains it is unable to assign a static ip.  If we
> set HS_STATIP to the subnet that RADIUS is trying to assign an IP from
> then the RADIUS attribute for the IP address is assigned properly but
> the Subnet mask and DNS server attributes are not.  If someone with a
> static IP tries to connect then chilli will seg fault.
> 
> 
> David, could you clarify the use of HS_DYNIP and HS_STATIP.  If they
> are hashed out will anyip work?  We've never used natanyip - does this
> NAT a client static IP with an IP from the HS_DYNIP pool?
> 
> 
> If you could outline the best way to achieve our scenario above we can
> do some more testing and email through some debug info.
> 
> 
> Thanks,
> 
> 
> Rob White
> 
> 
> On 10 February 2012 16:36, David Bird <david at coova.com> wrote:
>         How are you using anyip (with natanyip?) And what test are you
>         doing that is failing?
>         
>         Robert White <rwhite at globalgossip.net> wrote:
>         
>         >Bojan,
>         >
>         >Did you have any success getting AnyIP feature working?
>         >
>         >I can confirm it's not working for me in 1.2.8 or 1.2.9.
>         >
>         >Thanks,
>         >
>         >Rob
>         >
>         >On 13 January 2012 23:22, Bojan Pogacar <bojan at gajba.net>
>         wrote:
>         >
>         >> David, did you have time to take a look at my results?
>         >>
>         >> Thank you very much for your help.
>         >>
>         >>
>         >> Bye
>         >>
>         >>
>         >>
>         >> Dne 11.1.2012 10:29, piše Bojan Pogacar:
>         >>
>         >>> On chilli 1.2.9 I get:
>         >>>
>         >>> Unit 0 : -inuse- : 10.9.0.2 : mac=02-01-01-05-01-01
>         ip=10.9.0.2 age=1
>         >>> Unit 1 : -inuse- : 10.9.0.3 : mac=02-01-01-05-01-01
>         ip=10.9.0.2 age=1
>         >>> Unit 2 : -1/ 3 : 10.9.0.4 :
>         >>> Unit 3 : 2/ 4 : 10.9.0.5 :
>         >>> Unit 4 : 3/ 5 : 10.9.0.6 :
>         >>> Unit 5 : 4/ 6 : 10.9.0.7 :
>         >>> etc, ..
>         >>>
>         >>> On chilli 1.2.5 I get:
>         >>>
>         >>> Unit 0 : -inuse- : 10.9.0.2 : mac=02-01-01-05-01-01
>         ip=10.9.0.2 age=4
>         >>> Unit 1 : -1/ 2 : 10.9.0.3 :
>         >>> Unit 2 : 1/ 3 : 10.9.0.4 :
>         >>> Unit 3 : 2/ 4 : 10.9.0.5 :
>         >>> Unit 4 : 3/ 5 : 10.9.0.6 :
>         >>> Unit 5 : 4/ 6 : 10.9.0.7 :
>         >>> etc, ...
>         >>>
>         >>> Is there OK, that on 1.2.9 I get two IPs listed on same
>         MAC. Could this
>         >>> be a problem that web server terminates a connection?
>         >>>
>         >>> All IPs are fetch through DHCP. Static IPs are working.
>         >>>
>         >>> Thanks, Bojan
>         >>>
>         >>>
>         >>>
>         >>> Dne 11.1.2012 10:20, piše David Bird:
>         >>>
>         >>>> You can get perhaps a bit more info if you do:
>         >>>>
>         >>>> chilli_query listippool
>         >>>> DHCP lease time 600 sec, grace period 60 sec
>         >>>> First available dynamic 3 Last 1
>         >>>> First available static 254 Last 508
>         >>>> List size 509
>         >>>> -- Dynamic Pool
>         
>         >>>>
>         ------------------------------**------------------------------
>         >>>> Unit 0 : -inuse- : 10.1.0.2 : mac=XX-XX-XX-XX-XX-XX
>         >>>> ip=192.0.0.2 age=2
>         >>>> Unit 1 : 252/ -1 : 10.1.0.3 :
>         >>>> Unit 2 : -inuse- : 10.1.0.4 : mac=YY-YY-YY-YY-YY-YY
>         ip=10.1.0.4
>         >>>> age=241
>         >>>> ...
>         >>>>
>         >>>> above is a 192.0.0.2 anyip static IP being NATed through
>         as 10.1.0.2.
>         >>>>
>         >>>>
>         >>>> On Tue, 2012-01-10 at 23:21 +0100, Bojan Pogacar wrote:
>         >>>>
>         >>>>> Hello!
>         >>>>>
>         >>>>> I've tested 1.2.9 and it seems that DHCP is faster and
>         is running
>         >>>>> very well.
>         >>>>>
>         >>>>> I've also tested anyip feature and it still doesn't work
>         for me after
>         >>>>> 1.2.5 . Can anyone confirm that this feature wasn't
>         broken after 1.2.5.
>         >>>>>
>         >>>>> I've also described my problem at
>         http://coova.org/node/4888 . Can
>         >>>>> please anyone please take a look?
>         >>>>>
>         >>>>> Thanks David, thanks everyone!
>         >>>>>
>         >>>>> Bojan
>         >>>>>
>         >>>>>
>         
>         >>>>> ______________________________**_________________
>         >>>>> Chilli mailing list
>         >>>>> Chilli at coova.org
>         >>>>>
>         http://lists.coova.org/cgi-**bin/mailman/listinfo/chilli<http://lists.coova.org/cgi-bin/mailman/listinfo/chilli>
>         >>>>>
>         >>>>
>         >>>>
>         >>>>  ______________________________**_________________
>         >>> Chilli mailing list
>         >>> Chilli at coova.org
>         >>>
>         http://lists.coova.org/cgi-**bin/mailman/listinfo/chilli<http://lists.coova.org/cgi-bin/mailman/listinfo/chilli>
>         >>>
>         >>>  ______________________________**_________________
>         >> Chilli mailing list
>         >> Chilli at coova.org
>         >>
>         http://lists.coova.org/cgi-**bin/mailman/listinfo/chilli<http://lists.coova.org/cgi-bin/mailman/listinfo/chilli>
>         >>
>         >
>         >-------------------------------------------------
>         >
>         >IMPORTANT NOTICE : The information in this email is
>         confidential and may also be privileged.
>         >If you are not the intended recipient, any use or
>         dissemination of the information and any
>         >disclosure or copying of this email is unauthorised and
>         strictly prohibited. If you have received
>         >this email in error, please promptly inform us by reply email
>         or telephone. You should also delete
>         >this email and destroy any hard copies produced.
>         >
>         >_______________________________________________
>         >Chilli mailing list
>         >Chilli at coova.org
>         >http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>         
> 
> 
> -------------------------------------------------
> 
> IMPORTANT NOTICE : The information in this email is confidential and may also be privileged. 
> If you are not the intended recipient, any use or dissemination of the information and any
> disclosure or copying of this email is unauthorised and strictly prohibited. If you have received
> this email in error, please promptly inform us by reply email or telephone. You should also delete
> this email and destroy any hard copies produced.




More information about the Chilli mailing list