3.50. <AuthBy DYNADDRESS> Previous topic Parent topic Child topic Next topic

<AuthBy DYNADDRESS> can be used to dynamically allocate IP address information in conjunction with <AddressAllocator xxxxxx> clauses. It is implemented in AuthDYNADDRESS. pm. At present, there are three Address Allocation engines provided:
IP address and prefix allocation is usually the responsibility of your NAS, and most organisations have allocation done by their NASs. There are sometimes special requirements that mean allocation must be done by a central authority, and <AuthBy DYNADDRESS> allows you to make your RADIUS server the address allocator.
When using <AuthBy DYNADDRESS>, the usual arrangement is to make <AuthBy DYNADDRESS> the last AuthBy clause in a <Handler>. Some previous AuthBy clause(s) would be responsible for authenticating the password of the user. Only if the authentication succeeds is AuthBy DYNADDRESS run and an address allocated.
It is common practice to maintain multiple IP address pools, with each pool used for a different class of users, perhaps with different access controls. The features of AuthBy DYNADDRESS allow you to control which pool(s) to allocate from, and also how to translate the allocated information into RADIUS reply attributes.
See /goodies/addressallocator* in the Radiator distribution for configuration samples for different allocation engines.
<AuthBy DYNADDRESS> understands also the same parameters as <AuthBy xxxxxx>. For more information, see Section 3.26. <AuthBy xxxxxx>.