Clearing Owner/Info Pair Table

SoKaR · December 15, 2012, 10:25am

Hi there,

i just wanted to ask if i could clear the owner/info pair in ip pool without(!) to reboot the machine?

Thanks so far!

Caci99 · December 15, 2012, 12:07pm

By removing owner info, you mean remove the record?
If you want to remove the record, and if it was created by DHCP server, you can remove it from DHCP server,
the same if it was created by the pppoe server.

SoKaR · December 15, 2012, 12:38pm

Sorry for missunderstanding, i wanted to avoid that a pppoe caller get’s same IP Address on next dial-in.

Caci99 · December 15, 2012, 1:54pm

If a client redials, it means that it has been disconnected from pppoe-server. At the period of disconnection, there should be no record of that client in /ip pool. The next time it will reconnect, the pppoe-server will assign it a random IP, but if the previous IP is free, it can assign the same IP as the previous session. I don’t know how to force the pppoes-server to assign a different IP from the previous session.

SoKaR · December 15, 2012, 2:03pm

Thanks! yeah and actual this is what i want to know! how to prevent assigning the previous ip

Caci99 · December 15, 2012, 2:39pm

Take a look at this, it might help:

http://forum.mikrotik.com/t/routeros-v4-7-released/37151/1

SoKaR · December 16, 2012, 6:40pm

Not exactly what i searched for, but i will give a try. A little bit modified^^

Is there another solution for this “problem”?

dog · December 16, 2012, 9:12pm

Mikrotiks IP pools works like DHCP in that it tries to always reassign the same address whereas home users have come to expect from their ISP to get a new address every time they log in.
This has been discussed on the forums and MT refuses to change it.

Your best choice would be to use a RADIUS server that assigns the IPs and configure it to assign them randomly.
http://wiki.mikrotik.com/wiki/Manual:RADIUS_Client#Access-Accept

SoKaR · December 16, 2012, 9:22pm

That’s sad to hear! In our country, it is usual to get a new IP after re-dial-in. Especially if you have a 24hour-disconnect in your trade terms!
At the moment we’re using FreeRadius, so i also give a try to this solution. Hard work, more than 35x RB 1200 are waiting to be reconfigured :-S

Zaesch · January 4, 2013, 1:44pm

Hi,

i’m searching for a solution for the same problem for quiet a while. Very sad that mt will not change the behavior or better: Let the admin choose, which behavior (DHCP or random) is needed.
The RADIUS thing is new to me. Never thought about that. Have someone a hint how to achieve our goal by using RADIUS? I am no RADIUS guru :-/

If i find something, i will post is here. Hope you do this too

Zaesch · January 4, 2013, 8:34pm

Ok folks, here is what you need to do, to get random IP addresses of a given pool. It works for the whole PPP functions that autheticate by RADIUS (eg. PPPoE, PPTP, …).
Please keep in mind that the following configuration might be not optimal. I only tried to get it to work

First you need a RADIUS server. I used Freeradius 2.1.10 with Ubuntu 12.04.
Then configure your RADIUS server and Routerboard to communicate with each other (IPs, secrets, …) and do not forget to activate RADIUS authentication AND accounting for PPP!

On the RADIUS side you have to do some configuration. I did it without SQL, because i’m lazy and didn’t wanted to set up a SQL server

radiusd.conf

...

modules {
                ippool your_pool {
                range-start = 192.168.100.2
                range-stop = 192.168.100.100
                netmask = 255.255.255.0
                cache-size = 100
                session-db = ${db_dir}/db.ippool
                ip-index = ${db_dir}/db.ipindex
                override = no
                maximum-timeout = 300
                }
}

...

accounting {
                your_pool
}

post-auth {
                your_pool
}

...

Notice that the maximum-timeout statement may not work (see: http://www.netexpertise.eu/en/freeradius/ip-pools.html). In this little setup it did not work :-/ The solution may be to use sql instead of the users-file… i didn’t tried that, so i don’t know for sure.
The problem without a working timeout is, that the address-table will overflow by time. That is because the system will only remove addresses, where the client disconnects properly. A reboot of the router board, while clients are connected, will cause some “zombie” ip addresses in the list

users

...

DEFAULT Pool-Name := your_pool
               Fall-Through = Yes
...

# This is a simple user for testing purposes
zaesch Cleartext-Password := "secret"

...

I am not sure right now, whether the DEFAULT statement is needed in this way or whether it is secure like this… Without this statement the login works, but the user will not get an ip address - even if you place the Pool-Name statement in the User configuration!

That’s it. Restart the Freeradius deamon and it should work.
For more information you should visit the freeradius wiki http://wiki.freeradius.org

Oh and another hint: In this Ubuntu 12.04 setup the “free radius start|stop|restart” script do not work. I had to kill the freereadius process by hand in order to start it again - whatever. Then it was able to start again.