Bug 839390 - Request: please include --with-udpfromto as compilation parameter
Request: please include --with-udpfromto as compilation parameter
Status: CLOSED DUPLICATE of bug 700870
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: freeradius (Show other bugs)
All All
unspecified Severity low
: rc
: ---
Assigned To: John Dennis
BaseOS QE Security Team
Depends On:
  Show dependency treegraph
Reported: 2012-07-11 15:48 EDT by Michal Bruncko
Modified: 2012-08-07 15:47 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-08-07 15:47:21 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Michal Bruncko 2012-07-11 15:48:03 EDT
Description of problem:

In current version of freeradius there is problem when you have multihomed server with multiple IP addresses. When RADIUS request comes to secondary IP address, UDP reply from RADIUS servers comes back with different - primary - IP address instead of original IP address from requested.

Classic example: imagine using failover scenario with two/more radius boxes which are using VRRP and one virtual IP (VIP) address. When you want to use VIP as IP address of RADIUS server you have a trouble here - responses will come from different (original) IP address instead of VIP as source IP. 
My request is to appending single compilation option "--with-udpfromto" which tells freeradius to always use as source address the destination IP address of RADIUS UDP packet request. Nothing more nothing less. 

Comment 2 Michal Bruncko 2012-07-11 16:12:57 EDT
I have just compiled freeradius with this compilation switch by myself and everything is working as expected. Please consider this feature :)
Comment 3 John Dennis 2012-08-07 15:47:21 EDT

*** This bug has been marked as a duplicate of bug 700870 ***

Note You need to log in before you can comment on or make changes to this bug.