From: Francis Dupont Date: Wed, 16 May 2018 13:51:36 +0000 (+0200) Subject: [5617] Updated doc and example X-Git-Tag: trac5549a_base~12^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f11078c392beefaefda66d1e8f3460c9fe5bb39;p=thirdparty%2Fkea.git [5617] Updated doc and example --- diff --git a/doc/examples/kea4/hooks-radius.json b/doc/examples/kea4/hooks-radius.json index 9d2afc30df..0f52d4e77f 100644 --- a/doc/examples/kea4/hooks-radius.json +++ b/doc/examples/kea4/hooks-radius.json @@ -148,8 +148,11 @@ "library": "/usr/local/lib/hooks/libdhcp_radius.so", "parameters": { - // Do not use RFC 4361 - "extract-duid": false, + // If do not use RFC 4361 + // "extract-duid": false, + + // If have conflicting subnets + // "reselect-subnet-pool": true, // Strip the 0 type added by flex-id "client-id-pop0": true, diff --git a/doc/guide/hooks-radius.xml b/doc/guide/hooks-radius.xml index d8f190649e..a2a68c2a5c 100644 --- a/doc/guide/hooks-radius.xml +++ b/doc/guide/hooks-radius.xml @@ -301,7 +301,7 @@ Please make sure that your compilation has the following: radius listed in tier 2 packages FreeRadius client directories printed and pointing to the right directories - Boost ersion is at least 1.65.1. The versions available + Boost version is at least 1.65.1. The versions available in CentOS 7 (1.48 and and 1.53) are too old. @@ -322,7 +322,7 @@ Please make sure that your compilation has the following: The RADIUS Hook is a library that has to be loaded by either DHCPv4 or - DHCPv6 Kea servers. Compared to other avaiable hook libraries, this one + DHCPv6 Kea servers. Compared to other available hook libraries, this one takes many parameters to actually run. For example, this configuration could be used: @@ -403,12 +403,12 @@ Please make sure that your compilation has the following: identifier-type4 (default client-id) specifies the identifier type to build the User-Name attribute. It should - be the same than host identifier and when the flex-id hook librairy is + be the same than host identifier and when the flex-id hook library is used the replace-client-id must be set to true and client-id will be used with client-id-pop0. identifier-type6 (default duid) - pecifies the identifier type to build the User-Name attribute. It should + specifies the identifier type to build the User-Name attribute. It should be the same than host identifier and when the flex-id hook librairy is used the replace-client-id must be set to true and duid will be used with client-id-pop0. @@ -416,6 +416,15 @@ Please make sure that your compilation has the following: realm (default "") is the default realm. + reselect-subnet-address (default + false) uses the Kea reserved address / RADIUS Framed-IP-Address or + Framed-IPv6-Address to re-select subnets where the address is not in + the subnet range. + + reselect-subnet-pool (default + false) uses the Kea client-class / RADIUS Frame-Pool to re-select + subnets where no available pool can be found. + retries (default 3) is the number of retries before trying the next server. Note it is not supported for asynchronous communication. @@ -430,6 +439,13 @@ Please make sure that your compilation has the following: + When reselect-subnet-pool or + reselect-subnet-address is set to true at the + reception of RADIUS Access-Accept the selected subnet is checked + against the client-class name or the reserved address and if it does + not matched another subnet is selected among matching subnets. + + Two services are supported: