Package: xl2tpd Version: 1.3.6+dfsg-2 Severity: important Dear Maintainer,
xl2tpd seems to crash with this error: [331191.282299] xl2tpd[5475]: segfault at 188 ip 000000000040c3a8 sp 00007fff1278bfe0 error 4 in xl2tpd[400000+1b000] leading up to this I see some oddness in my /var/log/messages Sep 5 16:15:49 ankh pppd[5599]: Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f) Sep 5 16:18:40 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x2405 Sep 5 16:19:22 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0xaf Sep 5 16:20:09 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x11 Sep 5 16:20:09 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x3 Sep 5 16:20:09 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x90f5 Sep 5 16:30:45 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x3 Sep 5 16:35:49 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x440b Sep 5 16:38:42 ankh pppd[5599]: Protocol-Reject for unsupported protocol 'NTCITS IPI' (0xc1) Sep 5 16:38:46 ankh pppd[5599]: Protocol-Reject for unsupported protocol 'Vendor-Specific Network Protocol' (0x5b) Sep 5 16:40:20 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x9b Sep 5 16:40:21 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x9a61 Sep 5 16:58:07 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x941a Sep 5 16:58:14 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x5f Sep 5 16:58:22 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x2875 Sep 5 16:58:22 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x2edd Sep 5 16:58:23 ankh pppd[5599]: Protocol-Reject for unsupported protocol 'DCA Remote Lan' (0x47) Sep 5 16:59:00 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0x9899 Sep 5 16:59:02 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0xd85b Sep 5 16:59:02 ankh pppd[5599]: Protocol-Reject for unsupported protocol 0xfa76 Sep 5 17:42:07 ankh pppd[5599]: Modem hangup Sep 5 17:42:07 ankh pppd[5608]: Hangup (SIGHUP) Sep 5 17:42:07 ankh kernel: [331191.282299] xl2tpd[5475]: segfault at 188 ip 000000000040c3a8 sp 00007fff1278bfe0 error 4 in xl2tpd[400000+1b000] It happens once or maybe twice a day, sometimes its fine for a week, but always the same error [162892.010883] xl2tpd[24640]: segfault at 188 ip 000000000040c3a8 sp 00007fff2c854ab0 error 4 in xl2tpd[400000+1b000] [87974.528400] xl2tpd[9391]: segfault at 188 ip 000000000040c3a8 sp 00007fffdad20a00 error 4 in xl2tpd[400000+1b000] [11362.721292] xl2tpd[8924]: segfault at 188 ip 000000000040c3a8 sp 00007fffb03f9090 error 4 in xl2tpd[400000+1b000] [11116.058307] xl2tpd[2464]: segfault at 188 ip 000000000040c3a8 sp 00007fff2604ce20 error 4 in xl2tpd[400000+1b000] Seems to do the same regardless of lns endpoint ( I tried a few ) I have had this happen on more than one box, the other boxes had just one connection, but I did use ppp4 for this. I have fixed interfaces to make routing tables easier. All the time that I see the above messages the link is usable. I think ppp dropping is what kills xl2tpd. My current fix is to have a cron job run every 30 seconds that greps the output of ifconfig for ppp* and if it finds less than 2, kills any ppp sessions restarts xl2tpd and starts the 3 tunnels. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.1 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages xl2tpd depends on: ii libc6 2.19-10 ii libpcap0.8 1.6.1-1 ii ppp 2.4.6-2 xl2tpd recommends no packages. xl2tpd suggests no packages. -- Configuration Files: /etc/xl2tpd/l2tp-secrets [Errno 13] Permission denied: u'/etc/xl2tpd/l2tp-secrets' /etc/xl2tpd/xl2tpd.conf changed: ; ; Sample l2tpd configuration file ; ; This example file should give you some idea of how the options for l2tpd ; should work. The best place to look for a list of all options is in ; the source code itself, until I have the time to write better documetation :) ; Specifically, the file "file.c" contains a list of commands at the end. ; ; You most definitely don't have to spell out everything as it is done here ; ; [global] ; Global parameters: ; port = 1701 ; * Bind to port 1701 ; auth file = /etc/l2tpd/l2tp-secrets ; * Where our challenge secrets are ; access control = yes ; * Refuse connections without IP match ; rand source = dev ; Source for entropy for random ; ; numbers, options are: ; ; dev - reads of /dev/urandom ; ; sys - uses rand() ; ; egd - reads from egd socket ; ; egd is not yet implemented ; ; [lns default] ; Our fallthrough LNS definition ; exclusive = no ; * Only permit one tunnel per host ; ip range = 192.168.0.1-192.168.0.20 ; * Allocate from this IP range ; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts ; ip range = 192.168.0.5 ; * But this one is okay ; ip range = lac1-lac2 ; * And anything from lac1 to lac2's IP ; lac = 192.168.1.4 - 192.168.1.8 ; * These can connect as LAC's ; no lac = untrusted.marko.net ; * This guy can't connect ; hidden bit = no ; * Use hidden AVP's? ; local ip = 192.168.1.2 ; * Our local IP to use ; length bit = yes ; * Use length bit in payload? ; require chap = yes ; * Require CHAP auth. by peer ; refuse pap = yes ; * Refuse PAP authentication ; refuse chap = no ; * Refuse CHAP authentication ; refuse authentication = no ; * Refuse authentication altogether ; require authentication = yes ; * Require peer to authenticate ; unix authentication = no ; * Use /etc/passwd for auth. ; name = myhostname ; * Report this as our hostname ; ppp debug = no ; * Turn on PPP debugging ; pppoptfile = /etc/ppp/options.l2tpd.lns ; * ppp options file ; call rws = 10 ; * RWS for call (-1 is valid) ; tunnel rws = 4 ; * RWS for tunnel (must be > 0) ; flow bit = yes ; * Include sequence numbers ; challenge = yes ; * Challenge authenticate peer ; ; rx bps = 10000000 ; Receive tunnel speed ; tx bps = 10000000 ; Transmit tunnel speed ; bps = 100000 ; Define both receive and transmit speed in one option ; [lac marko] ; Example VPN LAC definition ; lns = lns.marko.net ; * Who is our LNS? ; lns = lns2.marko.net ; * A backup LNS (not yet used) ; redial = yes ; * Redial if disconnected? ; redial timeout = 15 ; * Wait n seconds between redials ; max redials = 5 ; * Give up after n consecutive failures ; hidden bit = yes ; * User hidden AVP's? ; local ip = 192.168.1.1 ; * Force peer to use this IP for us ; remote ip = 192.168.1.2 ; * Force peer to use this as their IP ; length bit = no ; * Use length bit in payload? ; require pap = no ; * Require PAP auth. by peer ; require chap = yes ; * Require CHAP auth. by peer ; refuse pap = yes ; * Refuse PAP authentication ; refuse chap = no ; * Refuse CHAP authentication ; refuse authentication = no ; * Refuse authentication altogether ; require authentication = yes ; * Require peer to authenticate ; name = marko ; * Report this as our hostname ; ppp debug = no ; * Turn on PPP debugging ; pppoptfile = /etc/ppp/options.l2tpd.marko ; * ppp options file for this lac ; call rws = 10 ; * RWS for call (-1 is valid) ; tunnel rws = 4 ; * RWS for tunnel (must be > 0) ; flow bit = yes ; * Include sequence numbers ; challenge = yes ; * Challenge authenticate peer ; ; [lac cisco] ; Another quick LAC ; lns = cisco.marko.net ; * Required, but can take from default ; require authentication = yes [lac AAISPv4] lns = 90.155.53.19 name = jwjw5@a.1 pppoptfile = /etc/ppp/options.xl2tpd-AAISPv4 redial = yes redial timeout = 4 [lac AAISPv6] lns = 90.155.53.19 name = jwjw5@a.3 pppoptfile = /etc/ppp/options.xl2tpd-AAISPv6 redial = yes redial timeout = 4 ;east 173.255.245.90 ;central 69.65.43.205 ;west 176.67.81.17 [lac OVP] lns = 173.255.245.90 name = 0ryn pppoptfile = /etc/ppp/options.xl2tpd-OVP redial = yes redial timeout = 4 -- no debconf information /etc/ppp/options.xl2tpd-AAISPv4 changed: unit 4 asyncmap 0 defaultroute noauth crtscts lock hide-password modem name "jwjw5@a.1" lcp-echo-interval 30 lcp-echo-failure 4 mru 1452 mtu 1452 /etc/ppp/options.xl2tpd-AAISPv6 changed: unit 6 asyncmap 0 noauth crtscts lock hide-password modem name "jwjw5@a.3" lcp-echo-interval 30 lcp-echo-failure 4 +ipv6 ipv6cp-use-persistent ipparam ipv6-l2tp-default mtu 1452 mru 1452 /etc/ppp/options.xl2tpd-OVP changed: unit 8 asyncmap 0 noauth crtscts lock hide-password modem name "0ryn" lcp-echo-interval 30 lcp-echo-failure 4 mru 1452 mtu 1452 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org