pppoe server
Hi! I wish to experiment setting up a PPPoE server (AC) on OpenBSD 4.4. Although I've read the pppoe(8) man page and googled around, it is not clear for me how to set up such configuration. If one could point me to some docs and howtos, especially if it could be done using the kernel ppp driver (to avoid excessive cpu load), I would greatly appreciate that. Thanks! Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: pppoe server
On 08.03-11:13, Lo?=?VAI DC!niel wrote: [ ... ] > I wish to experiment setting up a PPPoE server (AC) on OpenBSD 4.4. > Although I've read the pppoe(8) man page and googled around, it is not > clear for me how to set up such configuration. man sppp
PPPoE Server mode kernel
Hi, Is there anyone who works on PPPoE Server mode implementation? Best regards, Dinar
npppd / pppoe server troubles
Hello, I meet some troubles on setup a PPPOE server with npppd daemon. I've done some test on release and snaptshot and had differents problems. First my config files.. #/etc/nppp/npppd-users : taro:\ :password=taro:\ :framed-ip-address=10.0.0.101: #/etc/npppd/npppd.conf : authentication LOCAL type local { users-file "/etc/npppd/npppd-users" } tunnel POE_ipv4 protocol pppoe { listen on interface em0 } ipcp IPCP { pool-address 10.0.0.2-10.0.0.254 dns-servers 8.8.8.8 } interface tun0 address 10.0.0.1 ipcp IPCP bind tunnel from POE_ipv4 authenticated by LOCAL to tun0 ### On OBSD 5.3 release : network logs : 11:46:15.756957 PPPoE-Discovery code Initiation, version 1, type 1, id 0x, length 12 tag Service-Name, length 0 tag Host-Uniq, length 4 \005\024G\212 npppd logs : 2013-10-16 11:52:09:NOTICE: Starting npppd pid=14540 version=5.0.0 2013-10-16 11:52:09:NOTICE: Load configuration from='/etc/npppd/npppd.conf' successfully. 2013-10-16 11:52:09:INFO: tun0 Started ip4addr=10.0.0.1 2013-10-16 11:52:09:INFO: Listening /var/run/npppd_ctl (npppd_ctl) 2013-10-16 11:52:09:INFO: ipcp=IPCP pool dyn_pool=[10.0.0.2/31,10.0.0.4/30,10.0.0.8/29,10.0.0.16/28,10.0.0.32/27,10.0.0.64/26,10.0.0.128/26,10.0.0.192/27,10.0.0.224/28,10.0.0.240/29,10.0.0.248/30,10.0.0.252/31,10.0.0.254/32] pool=[10.0.0.2/31,10.0.0.4/30,10.0.0.8/29,10.0.0.16/28,10.0.0.32/27,10.0.0.64/26,10.0.0.128/26,10.0.0.192/27,10.0.0.224/28,10.0.0.240/29,10.0.0.248/30,10.0.0.252/31,10.0.0.254/32] 2013-10-16 11:52:09:INFO: Added 13 routes for new pool addresses 2013-10-16 11:52:09:INFO: Loading pool config successfully. 2013-10-16 11:52:09:INFO: pppoed Listening on em0 (PPPoE) [POE_ipv4] using=/dev/bpf1 address=18:03:73:2e:cc:62 Segmentation fault After de DISCOVERY message the server crash with "Segmentation fault" ### On OBSD 5.3 snapshot (2weeks ago version) : I'm doing some tests last night and got other problems. I don't have my snapshots stations here but the symptom is : npppd logs side somthings like that : ...unable to agree auth proto... Network side : request.reject when client propose pap or chap or whatever. I 'll give you full log tonight. Is someone have some idea ? Thanks Bruno
Re: npppd / pppoe server troubles
Hi, On Wed, 16 Oct 2013 13:39:31 +0200 Gruel Bruno wrote: > ### On OBSD 5.3 release : (snip) > Segmentation fault > > After de DISCOVERY message the server crash with "Segmentation fault" This bug had been fixed on April 16. PPPoE server (by npppd) on 5.3 is completely broken. > ### On OBSD 5.3 snapshot (2weeks ago version) : > I'm doing some tests last night and got other problems. I don't have > my snapshots stations here but the symptom is : I believe this will work. > npppd logs side somthings like that : > ...unable to agree auth proto... As your config, CHAP or MS-CHAP-V2 must be accepted, > Network side : > request.reject when client propose pap or chap or whatever. > > I 'll give you full log tonight. > > Is someone have some idea ? The log will help me. Adding authentication-method pap chap to the tunnel block on npppd.conf may avoid the problem. --yasuoka
Re: npppd / pppoe server troubles
Le 16-10-2013 18:36, YASUOKA Masahiko a écrit : Hi, On Wed, 16 Oct 2013 13:39:31 +0200 Gruel Bruno wrote: ### On OBSD 5.3 release : (snip) Segmentation fault After de DISCOVERY message the server crash with "Segmentation fault" This bug had been fixed on April 16. PPPoE server (by npppd) on 5.3 is completely broken. ### On OBSD 5.3 snapshot (2weeks ago version) : I'm doing some tests last night and got other problems. I don't have my snapshots stations here but the symptom is : I believe this will work. npppd logs side somthings like that : ...unable to agree auth proto... As your config, CHAP or MS-CHAP-V2 must be accepted, Network side : request.reject when client propose pap or chap or whatever. I 'll give you full log tonight. Is someone have some idea ? The log will help me. Adding authentication-method pap chap to the tunnel block on npppd.conf may avoid the problem. Thank's for your reply and advise. Even if it's not necessary i updated my laptop (pppoe server in my lab) today. As i thought that it's doesn't read my users file i changed the username & password but nothing else. My config files: ###npppd.conf tunnel PPPOE protocol pppoe { listen on interface re0 pppoe-desc-in-pktdump yes pppoe-desc-out-pktdump yes pppoe-session-in-pktdump yes pppoe-session-out-pktdump yes authentication-method pap chap } ipcp IPCP { pool-address 10.0.0.2-10.0.0.254 dns-servers 192.168.0.1 } interface tun1 address 10.0.0.1 ipcp IPCP authentication LOCAL type local { users-file "/etc/npppd/npppd-users" } bind tunnel from PPPOE authenticated by LOCAL to tun1 >> (I'm using tun1 because i using qemu on tun0.) ###npppd-users toto:\ :password=toto:\ :framed-ip-address=10.0.0.101: And logs: ** npppd daemon: 2013-10-16 20:49:55:INFO: pppoed RecvPADI from=52:54:00:12:34:56 service-name= host-uniq=361b90c8 if=re0 2013-10-16 20:49:55:INFO: pppoed SendPADO to=52:54:00:12:34:56 serviceName= acName=3c:97:0e:3e:b2:8b hostUniq=361b90c8 eol if=re0 2013-10-16 20:49:55:INFO: pppoed RecvPADI from=52:54:00:12:34:56 service-name= host-uniq=361b90c8 if=re0 2013-10-16 20:49:55:INFO: pppoed SendPADO to=52:54:00:12:34:56 serviceName= acName=3c:97:0e:3e:b2:8b hostUniq=361b90c8 eol if=re0 2013-10-16 20:49:55:INFO: pppoed if=re0 session=47899 SendPADS serviceName= hostUniq=361b90c8 2013-10-16 20:49:55:NOTICE: pppoed if=re0 session=47899 logtype=PPPBind ppp=1 2013-10-16 20:49:55:ERR: ppp id=1 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-10-16 20:49:55:INFO: ppp id=1 layer=base logtype=Started tunnel=PPPOE(0.0.0.0) 2013-10-16 20:49:55:INFO: ppp id=1 layer=lcp logtype=Opened mru=1492/1492 auth=PAP magic=912adabc/a4d9f488 2013-10-16 20:49:55:DEBUG: ppp id=1 layer=pap pap_start 2013-10-16 20:49:55:ALERT: ppp id=1 layer=pap logtype=Failure username="toto" realm=LOCAL 2013-10-16 20:49:55:INFO: pppoed if=re0 session=47899 SendPADT 2013-10-16 20:49:55:ERR: ppp id=1 layer=base getnameinfo() failed at ppp_set_tunnel_label 2013-10-16 20:49:55:NOTICE: ppp id=1 layer=base logtype=TUNNELUSAGE user="" duration=0sec layer2=PPPOE layer2from=0.0.0.0 auth=none data_in=63bytes ,4packets data_out=121bytes,5packets error_in=0 error_out=0 mppe=no iface=(not binding) ** network capture: 20:49:55.239930 PPPoE-Discovery code Initiation, version 1, type 1, id 0x, length 12 tag Service-Name, length 0 tag Host-Uniq, length 4 6\033\220\310 20:49:55.240578 PPPoE-Discovery code Request, version 1, type 1, id 0x, length 20 tag Service-Name, length 0 tag AC-Cookie, length 4 \370\255\360\270 tag Host-Uniq, length 4 6\033\220\310 20:49:55.240854 PPPoE-Session code Session, version 1, type 1, id 0xbb1b, length 16 LCP: Configure-Request, Magic-Number=-1529219960, Max-Rx-Unit=1492[|lcp] 20:49:55.241084 PPPoE-Session code Session, version 1, type 1, id 0xbb1b, length 11 LCP: Configure-Nak, Auth-Prot PAP[|lcp] 20:49:55.241370 PPPoE-Session code Session, version 1, type 1, id 0xbb1b, length 20 LCP: Configure-Ack, Max-Rx-Unit=1492, Magic-Number=-1859462468, Auth-Prot PAP[|lcp] 20:49:55.241380 PPPoE-Session code Session, version 1, type 1, id 0xbb1b, length 16 PAP: Authenticate-Request, Peer-Id=toto, Passwd=toto 20:49:55.241836 PPPoE-Session code Session, version 1, type 1, id 0xbb1b, length 6 LCP: Terminate-Ack I try with chap on the client side but it's the same. If you need more logs tel me. Thank's Bruno
Re: npppd / pppoe server troubles
Hi, On Wed, 16 Oct 2013 21:10:25 +0200 Gruel Bruno wrote: > As i thought that it's doesn't read my users file i changed the > username & password but nothing else. Yes, the log shows the session is terminated because the passwords are mismatched. I checked by below snapshots, but I could not repeat the problem. OpenBSD 5.4-current (GENERIC) #77: Sun Oct 13 17:27:52 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC OpenBSD 5.4-current (GENERIC) #66: Sun Oct 13 15:54:12 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC Can you try again with below patch? I'd like to get log for debug. Index: npppd/pap.c === RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v retrieving revision 1.7 diff -u -p -r1.7 pap.c --- npppd/pap.c 18 Sep 2012 13:14:08 - 1.7 +++ npppd/pap.c 18 Oct 2013 04:06:27 - @@ -341,7 +341,11 @@ pap_local_authenticate(pap *_this, const pap_response(_this, 1, DEFAULT_SUCCESS_MESSAGE); return; } - } + pap_log(_this, LOG_INFO, "password mismatch %s<>%s", + password, password0); + } else + pap_log(_this, LOG_INFO, "could not get password for %s", + username); pap_response(_this, 0, DEFAULT_FAILURE_MESSAGE); }
Re: npppd / pppoe server troubles
Le 18-10-2013 6:18, YASUOKA Masahiko a écrit : Hi, On Wed, 16 Oct 2013 21:10:25 +0200 Gruel Bruno wrote: As i thought that it's doesn't read my users file i changed the username & password but nothing else. Yes, the log shows the session is terminated because the passwords are mismatched. I checked by below snapshots, but I could not repeat the problem. OpenBSD 5.4-current (GENERIC) #77: Sun Oct 13 17:27:52 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC OpenBSD 5.4-current (GENERIC) #66: Sun Oct 13 15:54:12 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC Can you try again with below patch? I'd like to get log for debug. Index: npppd/pap.c === RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v retrieving revision 1.7 diff -u -p -r1.7 pap.c --- npppd/pap.c 18 Sep 2012 13:14:08 - 1.7 +++ npppd/pap.c 18 Oct 2013 04:06:27 - @@ -341,7 +341,11 @@ pap_local_authenticate(pap *_this, const pap_response(_this, 1, DEFAULT_SUCCESS_MESSAGE); return; } - } + pap_log(_this, LOG_INFO, "password mismatch %s<>%s", + password, password0); + } else + pap_log(_this, LOG_INFO, "could not get password for %s", + username); pap_response(_this, 0, DEFAULT_FAILURE_MESSAGE); } I try it this night and give to give you logs. Thank's. Bruno
Re: npppd / pppoe server troubles
Le 18-10-2013 6:18, YASUOKA Masahiko a écrit : Hi, On Wed, 16 Oct 2013 21:10:25 +0200 Gruel Bruno wrote: As i thought that it's doesn't read my users file i changed the username & password but nothing else. Yes, the log shows the session is terminated because the passwords are mismatched. I checked by below snapshots, but I could not repeat the problem. OpenBSD 5.4-current (GENERIC) #77: Sun Oct 13 17:27:52 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC OpenBSD 5.4-current (GENERIC) #66: Sun Oct 13 15:54:12 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC Can you try again with below patch? I'd like to get log for debug. Index: npppd/pap.c === RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v retrieving revision 1.7 diff -u -p -r1.7 pap.c --- npppd/pap.c 18 Sep 2012 13:14:08 - 1.7 +++ npppd/pap.c 18 Oct 2013 04:06:27 - @@ -341,7 +341,11 @@ pap_local_authenticate(pap *_this, const pap_response(_this, 1, DEFAULT_SUCCESS_MESSAGE); return; } - } + pap_log(_this, LOG_INFO, "password mismatch %s<>%s", + password, password0); + } else + pap_log(_this, LOG_INFO, "could not get password for %s", + username); pap_response(_this, 0, DEFAULT_FAILURE_MESSAGE); } Hye, Sorry for the delay :/. I just apply your patch and done somes tests. There is my log (and it's explicit): 2013-11-01 17:34:38:INFO: ppp id=0 layer=pap password mismatch toto<> 2013-11-01 17:34:38:ALERT: ppp id=0 layer=pap logtype=Failure username="toto" realm=LOCAL #nppp-users file toto:\ :password=toto:\ :framed-ip-address=10.0.0.101 client side hostname.pppoe0: inet 0.0.0.0 255.255.255.255 NONE \ pppoedev em0 authproto pap \ authname 'toto' authkey 'toto' up dest 0.0.0.1 !/sbin/route add default -ifp pppoe0 0.0.0.1 I tried with different passwords but i get the same error. My npppd-users file is wrong ? Thank's Bruno
Re: npppd / pppoe server troubles
Le 01-11-2013 17:50, Gruel Bruno a écrit : Le 18-10-2013 6:18, YASUOKA Masahiko a écrit : Hi, On Wed, 16 Oct 2013 21:10:25 +0200 Gruel Bruno wrote: As i thought that it's doesn't read my users file i changed the username & password but nothing else. Yes, the log shows the session is terminated because the passwords are mismatched. I checked by below snapshots, but I could not repeat the problem. OpenBSD 5.4-current (GENERIC) #77: Sun Oct 13 17:27:52 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC OpenBSD 5.4-current (GENERIC) #66: Sun Oct 13 15:54:12 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC Can you try again with below patch? I'd like to get log for debug. Index: npppd/pap.c === RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v retrieving revision 1.7 diff -u -p -r1.7 pap.c --- npppd/pap.c 18 Sep 2012 13:14:08 - 1.7 +++ npppd/pap.c 18 Oct 2013 04:06:27 - @@ -341,7 +341,11 @@ pap_local_authenticate(pap *_this, const pap_response(_this, 1, DEFAULT_SUCCESS_MESSAGE); return; } - } + pap_log(_this, LOG_INFO, "password mismatch %s<>%s", + password, password0); + } else + pap_log(_this, LOG_INFO, "could not get password for %s", + username); pap_response(_this, 0, DEFAULT_FAILURE_MESSAGE); } Hye, Sorry for the delay :/. I just apply your patch and done somes tests. There is my log (and it's explicit): 2013-11-01 17:34:38:INFO: ppp id=0 layer=pap password mismatch toto<> 2013-11-01 17:34:38:ALERT: ppp id=0 layer=pap logtype=Failure username="toto" realm=LOCAL #nppp-users file toto:\ :password=toto:\ :framed-ip-address=10.0.0.101 client side hostname.pppoe0: inet 0.0.0.0 255.255.255.255 NONE \ pppoedev em0 authproto pap \ authname 'toto' authkey 'toto' up dest 0.0.0.1 !/sbin/route add default -ifp pppoe0 0.0.0.1 I tried with different passwords but i get the same error. My npppd-users file is wrong ? Yes my npppd-users files was wrong . like this is better toto:\ :password=toto:\ :framed-ip-address=10.0.0.101: sorry for the noise. Bruno