[nuclearcat]

Готово

[nuclearcat]

xeb, спасибо, Android теперь нормально работает.

[Cramac]

Вопрос к знающим :)

есть тестовая сборка

ПК - свитч - маршрутизатор - сервер

есть два влана между сервером и ПК

в 1 влане на ПК VPN работает стабильно и без сбоев

на другом влане vpn рвется каждые пару минут, судя по tcpdump сервер шлет запрос на ПК и не получает ответа.

Что такое может быть в этом влане чего нет в другом?

 

П.С. Оба влана рабочие и в них есть компьютеров по 100

[nuclearcat]

Cramac - судя по всему что-то не так с VPN или компьютером :-)

Вы бы со стороны глянули на свой вопрос, тут явно поболе данных надо, например дампы и т.п.

[Cramac]

дампы парой постами выше, на влане в котором рвется.

[nuclearcat]

1.pcap

 

Хост работал, потом на 187-й секунде траффик прекратился. На 247-й оно послало пакет на сервер, а там явно его "не ждали", сокет был уже закрыт. Нужно искать почему был закрыт в логах.

 

981 247.749889 10.10.5.200 10.10.10.1 PPTP Echo-Request

982 247.750078 10.10.10.1 10.10.5.200 TCP pptp > ltp-deepspace [RST] Seq=249 Win=0 Len=0

 

2.pcap , 3.pcap

Сервер послал терминацию. Опять же verbose, debug level =5 и логи

Result: Admin Shutdown (3)

в 4-м не вижу самого обрыва вообще, кроме того что клиент "потерял" сервер и тот перестал ему отвечать

 

IP в этих vlan-ах разные? возможно что-то с ними и связано.

Имхо надо логи смотреть.

Дамп со стороны сервера и клиента? возможно нужно сделать с обеих сторон.

[Cramac]

завтра сделаю сразу с двух сторон.

Да, каждый влан свой ип. Не понятно что может быть в этих вланах что рвет или "затмевает" сервер

п.с. обычно от дисконектов спасает установкой роутера (типо длинка дир 300)

Изменено 17 сентября, 2011 пользователем Cramac

[Cramac]

Одновременная запись ПК-сервер

 

Причем обрывы возникают не всегда, с утра проверял, проработало минут 40-50, потом кто то появился в сети, и обрывы начались.

pk-server.zip

[AlexShef]

Поставлен сервер 1.3.7 для тестирования, все работало отлично, но потом возникла проблема: у клиентов после переподключения к серверу трафик переставал ходит в инет.

В логах такая же ситуация как и у adron2 на 109 странице форума:

[2011-08-12 21:29:56]: info: ppp34: send [iPCP ConfAck id=3b]

[2011-08-12 21:29:57]: info: ppp34: send [LCP ProtoRej id=4 <00fd>]

[2011-08-12 21:29:58]: info: ppp34: send [LCP ProtoRej id=5 <00fd>]

[2011-08-12 21:29:59]: info: ppp34: send [LCP ProtoRej id=6 <00fd>]

[2011-08-12 21:30:00]: info: ppp34: send [LCP ProtoRej id=7 <00fd>]

[2011-08-12 21:30:01]: info: ppp34: send [LCP ProtoRej id=8 <00fd>]

[2011-08-12 21:30:02]: info: ppp34: send [LCP ProtoRej id=9 <00fd>]

[2011-08-12 21:30:03]: info: ppp34: send [LCP ProtoRej id=10 <00fd>]

[2011-08-12 21:30:04]: info: ppp34: send [LCP ProtoRej id=11 <00fd>]

[2011-08-12 21:30:05]: info: ppp34: send [LCP ProtoRej id=12 <00fd>]

[2011-08-12 21:30:06]: info: ppp34: send [LCP ProtoRej id=13 <00fd>]

[2011-08-12 21:30:07]: info: ppp34: send [LCP ProtoRej id=14 <00fd>]

[2011-08-12 21:30:08]: info: ppp34: send [LCP ProtoRej id=15 <00fd>]

[2011-08-12 21:30:09]: info: ppp34: send [LCP ProtoRej id=16 <00fd>]

[2011-08-12 21:30:10]: info: ppp34: send [LCP ProtoRej id=17 <00fd>]

[2011-08-12 21:30:11]: info: ppp34: send [LCP ProtoRej id=18 <00fd>]

[2011-08-12 21:30:12]: info: ppp34: send [LCP ProtoRej id=19 <00fd>]

[2011-08-12 21:30:13]: info: ppp34: send [LCP ProtoRej id=20 <00fd>]

[2011-08-12 21:30:14]: info: ppp34: send [LCP ProtoRej id=21 <00fd>]

[2011-08-12 21:30:15]: info: ppp34: send [LCP ProtoRej id=22 <00fd>]

[2011-08-12 21:30:16]: info: ppp34: send [LCP ProtoRej id=23 <00fd>]

[2011-08-12 21:30:17]: info: ppp34: send [LCP ProtoRej id=24 <00fd>]

[2011-08-12 21:30:18]: info: ppp34: send [LCP ProtoRej id=25 <00fd>]

[2011-08-12 21:30:19]: info: ppp34: send [LCP ProtoRej id=26 <00fd>]

[2011-08-12 21:30:20]: info: ppp34: send [LCP ProtoRej id=27 <00fd>]

[2011-08-12 21:30:21]: info: ppp34: send [LCP ProtoRej id=28 <00fd>]

 

Обновился до git 3e89f6d3305c89663c456ca5fd6f6236de8eb292 - эта проблема ушла, но появилась другая.

Клиент подключается в серверу и инет работает, но спустя некоторый промежуток времени соединение падает.

Логи:

[2011-09-20 14:47:36]: msg: accel-ppp version 3e89f6d3305c89663c456ca5fd6f6236de8eb292

[2011-09-20 14:47:46]: info: pptp: new connection from 10.255.100.50

[2011-09-20 14:47:46]: info: : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 1> <Bearer 1> <Max-Chan 0>]

[2011-09-20 14:47:46]: info: : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]

[2011-09-20 14:47:46]: info: : recv [PPTP Outgoing-Call-Request <Call-ID c000> <Call-Serial 773f> <Min-BPS 300> <Max-BPS 100000000> <Bearer 3> <Framing 3> <Window-Size 64> <Delay 0>]

[2011-09-20 14:47:46]: info: : send [PPTP Outgoing-Call-Reply <Call-ID ea> <Peer-Call-ID c000> <Result 1> <Error 0> <Cause 0> <Speed 100000000> <Window-Size 64> <Delay 0> <Channel 0>]

[2011-09-20 14:47:46]: info: ppp0: connect: ppp0 <--> pptp(10.255.100.50)

[2011-09-20 14:47:46]: info: ppp0: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1400> <magic 4e6afb66>]

[2011-09-20 14:47:46]: info: ppp0: recv [PPTP Set-Link-Info]

[2011-09-20 14:47:48]: info: ppp0: recv [LCP ConfReq id=1 <mru 1400> <magic 7ea40a0d> <pcomp> <accomp> < d 3 6 >]

[2011-09-20 14:47:48]: info: ppp0: send [LCP ConfRej id=1 <pcomp> <accomp> < d 3 6 >]

[2011-09-20 14:47:48]: info: ppp0: recv [LCP ConfReq id=2 <mru 1400> <magic 7ea40a0d>]

[2011-09-20 14:47:48]: info: ppp0: send [LCP ConfAck id=2 ]

[2011-09-20 14:47:49]: info: ppp0: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1400> <magic 4e6afb66>]

[2011-09-20 14:47:49]: info: ppp0: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 4e6afb66>]

[2011-09-20 14:47:49]: info: ppp0: send [MSCHAP-v2 Challenge id=1 <c7e3791fb16017b65783e5333c71a087>]

[2011-09-20 14:47:49]: info: ppp0: recv [LCP Ident id=3 <MSRASV5.10>]

[2011-09-20 14:47:49]: info: ppp0: recv [LCP Ident id=4 <MSRAS-1-ALEXSHEFIRON>]

[2011-09-20 14:47:49]: info: ppp0: recv [PPTP Set-Link-Info]

[2011-09-20 14:47:49]: info: ppp0: recv [MSCHAP-v2 Response id=1 <2144ec615230a8196dc591cf4750230>, <52aaf2294a32ffa3e6a8834220f4915a6dfe88437e4eccc8>, F=0, name=ppphdsAlexShef]

[2011-09-20 14:47:49]: info: ppp0: send [RADIUS Access-Request id=1 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"><Microsoft MS-CHAP-Challenge ><Microsoft MS-CHAP2-Response >]

[2011-09-20 14:47:50]: info: ppp0: recv [RADIUS Access-Accept id=1 <Framed-IP-Netmask 255.255.255.255> <Idle-Timeout 30000000> <Framed-IP-Address 46.8.139.217> <Session-Timeout 30000000> <Acct-Interim-Interval 60><Microsoft MS-CHAP2-Success ><Microsoft MS-MPPE-Recv-Key ><Microsoft MS-MPPE-Send-Key ><Microsoft MS-MPPE-Encryption-Policy 2><Microsoft MS-MPPE-Encryption-Type 6>]

[2011-09-20 14:47:50]: info: ppp0: send [MSCHAP-v2 Success id=1 "S=D5B0703DCA065816CB1F3B577C0E0E811E83B995 M=Authentication successed"]

[2011-09-20 14:47:50]: info: ppp0: send [iPCP ConfReq id=1 <addr 10.101.0.3>]

[2011-09-20 14:47:50]: info: ppp0: send [CCP ConfReq id=1 <mppe +H -M +S -L -D -C>]

[2011-09-20 14:47:50]: info: ppp0: ppphdsAlexShef: authentication successed

[2011-09-20 14:47:50]: info: ppp0: recv [CCP ConfReq id=5 <mppe +H +M +S +L -D +C>]

[2011-09-20 14:47:50]: info: ppp0: send [CCP ConfNak id=5 <mppe +H -M +S -L -D -C>]

[2011-09-20 14:47:50]: info: ppp0: recv [iPCP ConfReq id=6 <addr 0.0.0.0> <dns1 0.0.0.0> < 82 6 0 0 0 0 > <dns2 0.0.0.0> < 84 6 0 0 0 0 >]

[2011-09-20 14:47:50]: info: ppp0: send [iPCP ConfRej id=6 < 82 6 0 0 0 0 > < 84 6 0 0 0 0 >]

[2011-09-20 14:47:50]: info: ppp0: recv [iPCP ConfAck id=1 <addr 10.101.0.3>]

[2011-09-20 14:47:50]: info: ppp0: recv [CCP ConfAck id=1 <mppe +H -M +S -L -D -C>]

[2011-09-20 14:47:50]: info: ppp0: recv [CCP ConfReq id=7 <mppe +H -M +S -L -D -C>]

[2011-09-20 14:47:50]: info: ppp0: send [CCP ConfAck id=7]

[2011-09-20 14:47:50]: info: ppp0: recv [iPCP ConfReq id=8 <addr 0.0.0.0> <dns1 0.0.0.0> <dns2 0.0.0.0>]

[2011-09-20 14:47:50]: info: ppp0: send [iPCP ConfNak id=8 <addr 10.101.0.3> <dns1 10.255.0.22> <dns2 208.67.220.220>]

[2011-09-20 14:47:50]: info: ppp0: recv [iPCP ConfReq id=9 <addr 46.8.139.217> <dns1 10.255.0.22> <dns2 208.67.220.220>]

[2011-09-20 14:47:50]: info: ppp0: send [iPCP ConfAck id=9]

[2011-09-20 14:47:50]: info: ppp0: send [RADIUS Accounting-Request id=1 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217>]

[2011-09-20 14:47:50]: info: ppp0: recv [RADIUS Accounting-Response id=1]

[2011-09-20 14:47:50]: info: ppp0: pppd_compat: ip-up started (pid 7797)

[2011-09-20 14:47:50]: info: ppp0: pppd_compat: ip-up finished (0)

[2011-09-20 14:48:50]: info: ppp0: send [RADIUS Accounting-Request id=2 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Alive> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 64> <Acct-Input-Octets 14440> <Acct-Output-Octets 39781> <Acct-Input-Packets 159> <Acct-Output-Packets 132> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217>]

[2011-09-20 14:48:52]: info: ppp0: recv [RADIUS Accounting-Response id=2]

...

[2011-09-20 15:08:50]: info: ppp0: send [RADIUS Accounting-Request id=16 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Alive> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 1264> <Acct-Input-Octets 108818> <Acct-Output-Octets 141710> <Acct-Input-Packets 1809> <Acct-Output-Packets 1542> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217>]

[2011-09-20 15:08:53]: info: ppp0: send [RADIUS Accounting-Request id=16 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Alive> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 1264> <Acct-Input-Octets 108818> <Acct-Output-Octets 141710> <Acct-Input-Packets 1809> <Acct-Output-Packets 1542> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217>]

[2011-09-20 15:08:57]: warn: ppp0: radius:acct: no response, terminating session...

[2011-09-20 15:08:57]: info: ppp0: send [RADIUS Accounting-Request id=16 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Stop> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 1271> <Acct-Input-Octets 109270> <Acct-Output-Octets 142130> <Acct-Input-Packets 1817> <Acct-Output-Packets 1549> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217> <Acct-Terminate-Cause NAS-Error>]

[2011-09-20 15:09:00]: info: ppp0: send [RADIUS Accounting-Request id=16 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Stop> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 1271> <Acct-Input-Octets 109270> <Acct-Output-Octets 142130> <Acct-Input-Packets 1817> <Acct-Output-Packets 1549> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217> <Acct-Terminate-Cause NAS-Error>]

[2011-09-20 15:09:03]: info: ppp0: send [RADIUS Accounting-Request id=16 <User-Name "ppphdsAlexShef"> <NAS-Identifier "vpn3"> <NAS-IP-Address 10.255.0.13> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "10.255.100.50"> <Called-Station-Id "10.255.0.13"> <Acct-Status-Type Stop> <Acct-Authentic RADIUS> <Acct-Session-Id "0040de0f53556462"> <Acct-Session-Time 1271> <Acct-Input-Octets 109270> <Acct-Output-Octets 142130> <Acct-Input-Packets 1817> <Acct-Output-Packets 1549> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Acct-Delay-Time 0> <Framed-IP-Address 46.8.139.217> <Acct-Terminate-Cause NAS-Error>]

[2011-09-20 15:09:06]: warn: ppp0: radius:acct_stop: no response

[2011-09-20 15:09:06]: info: ppp0: send [LCP TermReq id=66]

[2011-09-20 15:09:06]: info: ppp0: recv [PPTP Set-Link-Info]

[2011-09-20 15:09:06]: info: ppp0: recv [LCP TermAck id=42]

[2011-09-20 15:09:06]: info: ppp0: pppd_compat: ip-down started (pid 7848)

[2011-09-20 15:09:07]: info: ppp0: pppd_compat: ip-down finished (1)

[2011-09-20 15:09:07]: info: ppp0: send [PPTP Call-Disconnect-Notify <Call-ID c0> <Result 3> <Error 0> <Cause 0>]

[2011-09-20 15:09:07]: info: ppp0: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]

[2011-09-20 15:09:07]: info: ppp0: recv [PPTP Stop-Ctrl-Conn-Reply <Result 1> <Error 0>]

[2011-09-20 15:09:07]: info: ppp0: disconnected

 

Настройки сервера:

[modules]

#path=/usr/local/lib/accel-ppp

log_file

#log_tcp

#log_pgsql

pptp

#pppoe

#l2tp

auth_mschap_v2

auth_mschap_v1

auth_chap_md5

auth_pap

radius

ippool

sigchld

pppd_compat

#shaper_tbf

#chap-secrets

 

[core]

log-error=/var/log/accel-ppp/core.log

thread-count=4

 

[ppp]

verbose=1

min-mtu=1000

mtu=1400

mru=1400

#ccp=0

#sid-case=upper

#check-ip=0

single-session=replace

#mppe=require

 

[lcp]

echo-interval=20

echo-failure=30

 

[pptp]

#echo-interval=30

verbose=1

 

[pppoe]

interface=eth0

#ac-name=xxx

#service-name=yyy

#pado-delay=0

#pado-delay=0,100:100,200:200,-1:500

#ifname-in-sid=called-sid

#tr101=1

verbose=1

 

[l2tp]

#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary

#hello-interval=60

#timeout=60

#rtimeout=5

#retransmit=5

#host-name=accel-ppp

verbose=1

 

[dns]

dns1=10.255.0.22

dns2=208.67.220.220

 

[radius]

#dictionary=/usr/local/share/accel-ppp/radius/dictionary

nas-identifier=vpn3

nas-ip-address=10.255.0.13

gw-ip-address=10.101.0.3

auth-server=10.255.0.11:1812,***

acct-server=10.255.0.11:1813,***

#dae-server=127.0.0.1:3799,***

verbose=1

interim-verbose=1

#timeout=3

#max-try=3

#acct-timeout=120

#acct-delay-time=0

 

[client-ip-range]

10.0.0.0/8

 

[ip-pool]

gw-ip-address=10.101.0.3

 

[log]

log-file=/var/log/accel-ppp/accel-ppp.log

log-emerg=/var/log/accel-ppp/emerg.log

log-fail-file=/var/log/accel-ppp/auth-fail.log

#log-debug=/dev/stdout

#log-tcp=127.0.0.1:3000

copy=1

#color=1

#per-user-dir=per_user

#per-session-dir=per_session

#per-session=1

level=4

#log-tcp=127.0.0.1:3000

 

[log-pgsql]

conninfo=user=log

log-table=log

 

[pppd-compat]

#ip-pre-up=/etc/ppp/ip-pre-up

ip-up=/etc/ppp/ip-up

ip-down=/etc/ppp/ip-down

ip-change=/etc/ppp/ip-change

radattr-prefix=/var/run/radattr

verbose=1

 

[chap-secrets]

gw-ip-address=10.101.0.3

#chap-secrets=/etc/ppp/chap-secrets

 

[tbf]

#attr=Filter-Id

#down-burst-factor=0.1

#up-burst-factor=1.0

#latency=50

 

[cli]

telnet=127.0.0.1:2000

tcp=127.0.0.1:2001

password=***

 

С чем это может быть связано и как это победить?

Изменено 20 сентября, 2011 пользователем AlexShef

[xeb]

[2011-09-20 15:08:57]: warn: ppp0: radius:acct: no response, terminating session...

аккаунтинг сервер перестал отвечать, если аккаунтинг не критичен, то нужно в [radius] указать acct-timeot=0, в этом случае если не будет ответа от аккаунтинг сервера, сессия не будет разрываться

[AlexShef]

[2011-09-20 15:08:57]: warn: ppp0: radius:acct: no response, terminating session...

аккаунтинг сервер перестал отвечать, если аккаунтинг не критичен, то нужно в [radius] указать acct-timeot=0, в этом случае если не будет ответа от аккаунтинг сервера, сессия не будет разрываться

Спасибо, попробую.

 

Сейчас тестирую на [radius] acct-timeot=120, может просто не успевает отвечать.

[xeb]

commit edcb36b3ae347f2e09c975c63a77199188b9e774
Author: Kozlov Dmitry <xeb@mail.ru>
Date:   Tue Sep 20 12:03:39 2011 +0400

1.3.8 release
* fixed MPPE handling
* fixed builtin shaper temporary rate change functionality
* better single-session=replace handling (make ospf happy)
* improved l2tp handling
* varius bug fixes

commit a8462baac3790dfa8f1c6b3cb715de0ec4fcbe74
Author: Kozlov Dmitry <xeb@mail.ru>
Date:   Tue Sep 20 11:32:09 2011 +0400

1.4.0 release
* implemented SNMP support (using net-snmp AgentX)
* implemented multiple radius servers support
* implemented IPv6:
   	- PPP IPV6CP protocol
       - Neighbor Discovery protocol in part of Router Advertisement
       - DHCPv6 server including Prefix Delegation extension
   	- ipv6-pool module
   	- Radius Framed-Interface-Id, Framed-IPv6-Prefix, Delegated-IPv6-Prefix attributes
* fixed MPPE handling
* implemented noauth mode (login without authentication)
* improved CCP/IPCP handling
* included builtin crypto library (optional)
* improved l2tp handling
* fixed builtin shaper temporary rate change functionality
* various bug fixes and improvements

Изменено 20 сентября, 2011 пользователем xeb

[purecopper]

Обновились из гит до 1.4.0. В результате accel-ppp перестал пускать пользователей по радиусу. Откатились до 1.3.7. И тут началась мистика - 1.3.7 не пропускает пользователей, т.е. нет даже попытки авторизации на радиус-сервере, tcpdump не регистрирует даже попытки авторизации.

Конфиг:

 

 

[modules]

path=/usr/local/lib/accel-ppp

log_file

pptp

l2tp

auth_mschap_v2

sigchld

radius

pppd_compat

ippool

#chap-secrets

 

[core]

log-error=/var/log/accel-ppp/core.log

thread-count=4

 

[ppp]

verbose=1

min-mtu=1280

mtu=1400

mru=1400

ccp=0

 

[lcp]

echo-interval=30

echo-failure=3

 

[pptp]

#echo-interval=0

verbose=1

 

[pppoe]

verbose=1

 

[l2tp]

dir300_quirk=1

dictionary=/usr/share/accel-ppp/l2tp/dictionary

hello-interval=60

timeout=60

rtimeout=5

retransmit=5

host-name=l2tp

verbose=1

 

[dns]

dns1=10.110.1.20

dns2=10.112.1.20

 

[radius]

dictionary=/usr/share/accel-ppp/radius/dictionary

nas-identifier=pptpd

nas-ip-address=10.110.1.21

gw-ip-address=172.16.32.1

auth-server=10.110.1.5:1812,oursecret

acct-server=10.110.1.5:1813,oursecret

#dae-server=127.0.0.1:3799,testing123

#dm_coa_secret=testing123 (deprecated)

verbose=1

max-try=4

acct-timeout=0

#timeout=3

#max-try=3

#acct-timeout=120

 

[client-ip-range]

10.0.0.0/8

 

[ip-pool]

gw-ip-address=10.110.1.21

 

[log]

log-file=/var/log/accel-ppp/accel-pptp.log

log-emerg=/var/log/accel-ppp/emerg.log

log-debug=/var/log/accel-ppp/debug

#log-tcp=127.0.0.1:3000

copy=1

#color=1

#per-user-dir=per_user

#per-session-dir=per_session

#per-session=1

level=1

#log-tcp=127.0.0.1:3000

 

[log-pgsql]

conninfo=user=log

log-table=log

 

[pppd-compat]

#ip-pre-up=/etc/ppp/ip-pre-up

ip-up=/etc/ppp/ip-up

ip-down=/etc/ppp/ip-down

#ip-change=/etc/ppp/ip-change

radattr-prefix=/var/run/radattr

verbose=1

 

[tbf]

#vendor=Cisco

#attr=Cisco-AVPair

#attr=Filter-Id

#attr-down=

#attr-up=

#down-burst-factor=0.1

#up-burst-factor=1.0

#latency=50

 

[cli]

telnet=127.0.0.1:2000

tcp=127.0.0.1:2001

passwd=123

 

 

 

В логах:

 

 

[2011-09-22 19:54:09]: info: pptp: new connection from 10.200.196.67

[2011-09-22 19:54:09]: info: ppp1: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 628c895d>]

[2011-09-22 19:54:09]: info: : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 3> <Bearer 3> <Max-Chan 65535>]

[2011-09-22 19:54:09]: info: : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]

[2011-09-22 19:54:09]: info: ppp1: recv [LCP ConfReq id=2 <mru 1400> <magic c914d183>]

[2011-09-22 19:54:09]: info: ppp1: send [LCP ConfAck id=2 ]

[2011-09-22 19:54:09]: debug: ppp1: lcp_layer_started

[2011-09-22 19:54:09]: debug: ppp1: auth_layer_start

[2011-09-22 19:54:09]: info: ppp1: send [MSCHAP-v2 Challenge id=1 <88ee156caf1ce78a3e49eb94222c26>]

[2011-09-22 19:54:09]: info: : recv [PPTP Outgoing-Call-Request <Call-ID 1167> <Call-Serial 0> <Min-BPS 2400> <Max-BPS 10000000> <Bearer 3> <Framing 3> <Wind

ow-Size 3> <Delay 0>]

[2011-09-22 19:54:09]: info: : send [PPTP Outgoing-Call-Reply <Call-ID 16c1> <Peer-Call-ID 1167> <Result 1> <Error 0> <Cause 0> <Speed 10000000> <Window-Size

3> <Delay 0> <Channel 0>]

[2011-09-22 19:54:09]: info: ppp2: connect: ppp2 <--> pptp(10.200.196.67)

[2011-09-22 19:54:09]: debug: ppp2: lcp_layer_init

[2011-09-22 19:54:09]: debug: ppp2: auth_layer_init

[2011-09-22 19:54:09]: debug: ppp2: ipcp_layer_init

[2011-09-22 19:54:09]: debug: ppp2: ccp_layer_init

[2011-09-22 19:54:09]: debug: ppp2: ppp established

[2011-09-22 19:54:09]: debug: ppp2: lcp_layer_start

[2011-09-22 19:54:09]: info: ppp2: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1400> <magic 333ab105>]

[2011-09-22 19:54:09]: debug: ppp1: recv [LCP EchoReq id=0 <magic 83d114c9>]

[2011-09-22 19:54:09]: debug: ppp1: send [LCP EchoRep id=0 <magic 5d898c62>]

[2011-09-22 19:54:09]: info: ppp2: recv [LCP ConfReq id=1 <mru 1400> < 2 6 0 0 0 0 > <magic b1117078> <pcomp> <accomp>]

[2011-09-22 19:54:09]: info: ppp2: send [LCP ConfRej id=1 < 2 6 0 0 0 0 > <pcomp> <accomp>]

[2011-09-22 19:54:09]: info: ppp2: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 333ab105>]

[2011-09-22 19:54:09]: info: ppp2: recv [LCP ConfReq id=2 <mru 1400> <magic b1117078>]

[2011-09-22 19:54:09]: info: ppp2: send [LCP ConfAck id=2 ]

[2011-09-22 19:54:09]: debug: ppp2: lcp_layer_started

[2011-09-22 19:54:09]: debug: ppp2: auth_layer_start

[2011-09-22 19:54:09]: info: ppp2: send [MSCHAP-v2 Challenge id=1 <7e3c26d8c8c181870acd1d9c715331>]

[2011-09-22 19:54:09]: debug: ppp2: recv [LCP EchoReq id=0 <magic 787011b1>]

[2011-09-22 19:54:09]: debug: ppp2: send [LCP EchoRep id=0 <magic 5b13a33>]

[2011-09-22 19:54:09]: info: ppp1: recv [MSCHAP-v2 Response id=1 <77fa853a6a7bfd555c4608dc77f28c2>, <5f4e1132a3593c820b9dd963a8ac36b1938417cef5d3>, F=0, name

=pavel_vpn]

[2011-09-22 19:54:09]: info: ppp1: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"]

[2011-09-22 19:54:09]: info: ppp1: pavel_vpn: authentication failed

[2011-09-22 19:54:09]: info: pavel_vpn: authentication failed

[2011-09-22 19:54:09]: debug: ppp1: ppp_terminate

 

 

 

Система:

 

 

uname -a

 

Linux alps 2.6.34-gentoo-r6 #1 SMP Tue Oct 19 11:05:06 MSD 2010 x86_64 Intel® Xeon® CPU E5405 @ 2.00GHz GenuineIntel GNU/Linux

 

emerge -pv accel-ppp

net-dialup/accel-ppp-9999 USE="radius

 

Так же собирал вручную через

cmake [-DBUILD_DRIVER=FALSE] [-DKDIR=/usr/src/linux] [-DCMAKE_INSTALL_PREFIX=/usr/local] [-DCMAKE_BUILD_TYPE=Release] [-DLOG_PGSQL=FALSE] [-DSHAPER=FALSE] [-DRADIUS=TRUE] ..

 

 

[xeb]

а в core.log, emerg.log ничего ?

[purecopper]

а в core.log, emerg.log ничего ?

В 1.3.7 - пусто.

в 1.4.0 - radius: out of memory

[purecopper]

Вот логи с 1.4.0:

accel-ppp.log:

 

 

[2011-09-22 21:08:02]: info: ppp5: send [MSCHAP-v2 Challenge id=1 <ddb6316e1ab167f34a4b6857c1f7fe35>]

[2011-09-22 21:08:02]: info: ppp18: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 50801ee1>]

[2011-09-22 21:08:02]: info: ppp18: recv [LCP ConfReq id=2 <mru 1400> <magic 7fa51912>]

[2011-09-22 21:08:02]: info: ppp18: send [LCP ConfAck id=2 ]

[2011-09-22 21:08:02]: debug: ppp18: lcp_layer_started

[2011-09-22 21:08:02]: debug: ppp18: auth_layer_start

[2011-09-22 21:08:02]: info: ppp18: send [MSCHAP-v2 Challenge id=1 <85649f513e5bc92bdbcac98d1d84af1>]

[2011-09-22 21:08:02]: debug: ppp5: recv [LCP EchoReq id=0 <magic e1fcd5fd>]

[2011-09-22 21:08:02]: debug: ppp5: send [LCP EchoRep id=0 <magic f5a55570>]

[2011-09-22 21:08:02]: debug: ppp18: recv [LCP EchoReq id=0 <magic 1219a57f>]

[2011-09-22 21:08:02]: debug: ppp18: send [LCP EchoRep id=0 <magic e11e8050>]

[2011-09-22 21:08:02]: info: ppp5: recv [MSCHAP-v2 Response id=1 <fac140a259de2a64386b7bcda96f331>, <ca62e25d1fbf44f3f33237686444c5bdad716fbedb3399>, F=0, name=varvara_vpn]

[2011-09-22 21:08:02]: error: ppp5: radius:connect: Permission denied

[2011-09-22 21:08:02]: info: ppp5: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"]

[2011-09-22 21:08:02]: info: ppp5: varvara_vpn: authentication failed

[2011-09-22 21:08:02]: info: varvara_vpn: authentication failed

[2011-09-22 21:08:02]: debug: ppp5: ppp_terminate

[2011-09-22 21:08:02]: debug: ppp5: lcp_layer_finish

[2011-09-22 21:08:02]: info: ppp5: send [LCP TermReq id=3]

[2011-09-22 21:08:02]: debug: ppp5: auth_layer_finish

[2011-09-22 21:08:02]: debug: ppp5: auth_layer_finished

[2011-09-22 21:08:02]: info: ppp18: recv [MSCHAP-v2 Response id=1 <69cd93c3303325cf6889ebc0fabe69>, <ad8fae60ddf160f69555248a6a666592d0428418e1a83c5>, F=0, name=sgibnev_vpn]

[2011-09-22 21:08:02]: error: ppp18: radius:connect: Permission denied

[2011-09-22 21:08:02]: info: ppp18: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"]

[2011-09-22 21:08:02]: info: ppp18: sgibnev_vpn: authentication failed

[2011-09-22 21:08:02]: info: sgibnev_vpn: authentication failed

[2011-09-22 21:08:02]: debug: ppp18: ppp_terminate

[2011-09-22 21:08:02]: debug: ppp18: lcp_layer_finish

[2011-09-22 21:08:02]: info: ppp18: send [LCP TermReq id=3]

[2011-09-22 21:08:02]: debug: ppp18: auth_layer_finish

[2011-09-22 21:08:02]: debug: ppp18: auth_layer_finished

[2011-09-22 21:08:02]: debug: ppp5: lcp_layer_free

[2011-09-22 21:08:02]: debug: ppp5: auth_layer_free

[2011-09-22 21:08:02]: debug: ppp5: ccp_layer_free

[2011-09-22 21:08:02]: debug: ppp5: ipcp_layer_free

[2011-09-22 21:08:02]: debug: ppp5: ipv6cp_layer_free

[2011-09-22 21:08:02]: debug: ppp5: ppp destablished

[2011-09-22 21:08:02]: debug: ppp5: pptp: ppp finished

[2011-09-22 21:08:02]: info: ppp5: send [PPTP Call-Disconnect-Notify <Call-ID 780f> <Result 3> <Error 0> <Cause 0>]

[2011-09-22 21:08:02]: info: ppp5: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]

[2011-09-22 21:08:02]: error: ppp16: pptp: read: Connection reset by peer

 

 

 

 

auth-fail.log

 

 

[2011-09-22 21:08:01]: debug: ppp16: lcp_layer_finished

[2011-09-22 21:08:01]: debug: ppp16: lcp_layer_free

[2011-09-22 21:08:01]: debug: ppp16: auth_layer_free

[2011-09-22 21:08:01]: debug: ppp16: ccp_layer_free

[2011-09-22 21:08:01]: debug: ppp16: ipcp_layer_free

[2011-09-22 21:08:01]: debug: ppp16: ipv6cp_layer_free

[2011-09-22 21:08:01]: debug: ppp16: ppp destablished

[2011-09-22 21:08:01]: debug: ppp16: pptp: ppp finished

[2011-09-22 21:08:01]: info: ppp16: send [PPTP Call-Disconnect-Notify <Call-ID 6806> <Result 3> <Error 0> <Cause 0>]

[2011-09-22 21:08:01]: info: ppp16: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]

[2011-09-22 21:08:02]: error: ppp16: pptp: read: Connection reset by peer

[2011-09-22 21:08:02]: debug: ppp16: pptp: disconnect

[2011-09-22 21:08:01]: info: ppp15: connect: ppp15 <--> pptp(10.200.194.217)

[2011-09-22 21:08:01]: debug: ppp15: lcp_layer_init

[2011-09-22 21:08:01]: debug: ppp15: auth_layer_init

[2011-09-22 21:08:01]: debug: ppp15: ccp_layer_init

[2011-09-22 21:08:01]: debug: ppp15: ipcp_layer_init

[2011-09-22 21:08:01]: debug: ppp15: ipv6cp_layer_init

[2011-09-22 21:08:01]: debug: ppp15: ppp established

[2011-09-22 21:08:01]: debug: ppp15: lcp_layer_start

[2011-09-22 21:08:01]: info: ppp15: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1400> <magic 1716703b>]

[2011-09-22 21:08:01]: info: ppp15: recv [LCP ConfReq id=4 <mru 1400> < 2 6 0 0 0 0 > <magic db573973> <pcomp> <accomp>]

[2011-09-22 21:08:01]: info: ppp15: send [LCP ConfRej id=4 < 2 6 0 0 0 0 > <pcomp> <accomp>]

[2011-09-22 21:08:01]: info: ppp15: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 1716703b>]

[2011-09-22 21:08:01]: info: ppp15: recv [LCP ConfReq id=5 <mru 1400> <magic db573973>]

[2011-09-22 21:08:01]: info: ppp15: send [LCP ConfAck id=5 ]

[2011-09-22 21:08:01]: debug: ppp15: lcp_layer_started

[2011-09-22 21:08:01]: debug: ppp15: auth_layer_start

[2011-09-22 21:08:01]: info: ppp15: send [MSCHAP-v2 Challenge id=1 <2d1b575cde8246131b1f14cc4cb21bc>]

[2011-09-22 21:08:01]: debug: ppp15: recv [LCP EchoReq id=0 <magic 733957db>]

[2011-09-22 21:08:01]: debug: ppp15: send [LCP EchoRep id=0 <magic 3b701617>]

[2011-09-22 21:08:01]: info: ppp15: recv [MSCHAP-v2 Response id=1 <b22b1e2aeaa3326b115c2eac2b447577>, <137b34a3759315ce4e3283dc4430e1f0312be56fcee7c054>, F=0, name=fedix_vpn]

[2011-09-22 21:08:01]: error: ppp15: radius:connect: Permission denied

[2011-09-22 21:08:01]: info: ppp15: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"]

[2011-09-22 21:08:01]: info: ppp15: fedix_vpn: authentication failed

[2011-09-22 21:08:01]: debug: ppp15: ppp_terminate

[2011-09-22 21:08:01]: debug: ppp15: lcp_layer_finish

[2011-09-22 21:08:01]: info: ppp15: send [LCP TermReq id=3]

[2011-09-22 21:08:01]: debug: ppp15: auth_layer_finish

[2011-09-22 21:08:01]: debug: ppp15: auth_layer_finished

[2011-09-22 21:08:01]: info: ppp15: recv [LCP TermReq id=6]

[2011-09-22 21:08:01]: info: ppp15: send [LCP TermAck id=6]

[2011-09-22 21:08:01]: info: ppp15: recv [LCP TermAck id=3]

[2011-09-22 21:08:01]: debug: ppp15: lcp_layer_finished

[2011-09-22 21:08:02]: debug: ppp15: lcp_layer_free

[2011-09-22 21:08:02]: debug: ppp15: auth_layer_free

[2011-09-22 21:08:02]: debug: ppp15: ccp_layer_free

[2011-09-22 21:08:02]: debug: ppp15: ipcp_layer_free

[2011-09-22 21:08:02]: debug: ppp15: ipv6cp_layer_free

[2011-09-22 21:08:02]: debug: ppp15: ppp destablished

[2011-09-22 21:08:02]: debug: ppp15: pptp: ppp finished

[2011-09-22 21:08:02]: info: ppp15: send [PPTP Call-Disconnect-Notify <Call-ID a708> <Result 3> <Error 0> <Cause 0>]

[2011-09-22 21:08:02]: info: ppp15: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]

[2011-09-22 21:08:02]: error: ppp15: pptp: read: Connection reset by peer

[2011-09-22 21:08:02]: debug: ppp15: pptp: disconnect

 

 

 

debug

 

 

ppp5: 0040de0f53556863: send [MSCHAP-v2 Challenge id=1 <ddb6316e1ab167f34a4b6857c1f7fe35>]

ppp18: 0040de0f53556865: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 50801ee1>]

ppp18: 0040de0f53556865: recv [LCP ConfReq id=2 <mru 1400> <magic 7fa51912>]

ppp18: 0040de0f53556865: send [LCP ConfAck id=2 ]

ppp18: 0040de0f53556865: lcp_layer_started

ppp18: 0040de0f53556865: auth_layer_start

ppp18: 0040de0f53556865: send [MSCHAP-v2 Challenge id=1 <85649f513e5bc92bdbcac98d1d84af1>]

ppp5: 0040de0f53556863: recv [LCP EchoReq id=0 <magic e1fcd5fd>]

ppp5: 0040de0f53556863: send [LCP EchoRep id=0 <magic f5a55570>]

ppp18: 0040de0f53556865: recv [LCP EchoReq id=0 <magic 1219a57f>]

ppp18: 0040de0f53556865: send [LCP EchoRep id=0 <magic e11e8050>]

ppp5: 0040de0f53556863: recv [MSCHAP-v2 Response id=1 <fac140a259de2a64386b7bcda96f331>, <ca62e25d1fbf44f3f33237686444c5bdad716fbedb3399>, F=0, name=varvara_vpn]

ppp5: 0040de0f53556863: radius:connect: Permission denied

ppp5: 0040de0f53556863: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"]

ppp5: 0040de0f53556863: varvara_vpn: authentication failed

varvara_vpn: authentication failed

ppp5: 0040de0f53556863: ppp_terminate

ppp5: 0040de0f53556863: lcp_layer_finish

ppp5: 0040de0f53556863: send [LCP TermReq id=3]

ppp5: 0040de0f53556863: auth_layer_finish

ppp5: 0040de0f53556863: auth_layer_finished

ppp18: 0040de0f53556865: recv [MSCHAP-v2 Response id=1 <69cd93c3303325cf6889ebc0fabe69>, <ad8fae60ddf160f69555248a6a666592d0428418e1a83c5>, F=0, name=sgibnev_vpn]

ppp18: 0040de0f53556865: radius:connect: Permission denied

ppp18: 0040de0f53556865: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"]

ppp18: 0040de0f53556865: sgibnev_vpn: authentication failed

sgibnev_vpn: authentication failed

ppp18: 0040de0f53556865: ppp_terminate

ppp18: 0040de0f53556865: lcp_layer_finish

ppp18: 0040de0f53556865: send [LCP TermReq id=3]

ppp18: 0040de0f53556865: auth_layer_finish

ppp18: 0040de0f53556865: auth_layer_finished

ppp5: 0040de0f53556860: lcp_layer_free

ppp5: 0040de0f53556860: auth_layer_free

ppp5: 0040de0f53556860: ccp_layer_free

ppp5: 0040de0f53556860: ipcp_layer_free

ppp5: 0040de0f53556860: ipv6cp_layer_free

ppp5: 0040de0f53556860: ppp destablished

ppp5: 0040de0f53556860: pptp: ppp finished

ppp5: 0040de0f53556860: send [PPTP Call-Disconnect-Notify <Call-ID 780f> <Result 3> <Error 0> <Cause 0>]

ppp5: 0040de0f53556860: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]

ppp16: 0040de0f53556854: pptp: read: Connection reset by peer

ppp16: 0040de0f53556854: pptp: disconnect

ppp16: 0040de0f53556854: disconnected

ppp5: 0040de0f53556863: recv [LCP TermReq id=3]

ppp5: 0040de0f53556863: send [LCP TermAck id=3]

ppp5: 0040de0f53556863: recv [LCP TermAck id=3]

ppp5: 0040de0f53556863: lcp_layer_finished

ppp14: 0040de0f53556861: recv [LCP TermReq id=3]

ppp14: 0040de0f53556861: send [LCP TermAck id=3]

ppp18: 0040de0f53556865: recv [LCP TermReq id=3]

ppp18: 0040de0f53556865: send [LCP TermAck id=3]

ppp18: 0040de0f53556865: recv [LCP TermAck id=3]

ppp18: 0040de0f53556865: lcp_layer_finished

ppp14: 0040de0f53556861: recv [LCP TermAck id=3]

ppp14: 0040de0f53556861: lcp_layer_finished

ppp15: 0040de0f53556853: pptp: read: Connection reset by peer

ppp15: 0040de0f53556853: pptp: disconnect

ppp15: 0040de0f53556853: disconnected

 

 

 

[xeb]

ppp5: 0040de0f53556863: radius:connect: Permission denied

там с фаерволом всё в порядке ?

[purecopper]

INPUT и OUTPUT на NAS и на Radius-сервере специально поставил в accept.

[purecopper]

Спасибо. Победил. Причина - моя невнимательность. Теперь адрес радиус-сервера указывается как

server=127.0.0.1,secret

 

И в очередной раз огромное спасибо xeb`у за замечательный продукт :)

Изменено 22 сентября, 2011 пользователем purecopper

[AlexShef]

[2011-09-20 15:08:57]: warn: ppp0: radius:acct: no response, terminating session...

аккаунтинг сервер перестал отвечать, если аккаунтинг не критичен, то нужно в [radius] указать acct-timeot=0, в этом случае если не будет ответа от аккаунтинг сервера, сессия не будет разрываться

Спасибо, попробую.

 

Сейчас тестирую на [radius] acct-timeot=120, может просто не успевает отвечать.

3 дня работы с [radius] acct-timeot=120 - полет нормальный.

 

После обновления из git до 1.4.0: сутки работаем все отлично, проблем нет.

 

Огромное спасибо разработчику.

[Dethman]

Ситуация :

Авторизация и аккаунтинг через радиус,

1) Запускаю сервер, запускаю радиус

2) конекчусь (авторизация проходит, глотаеться акк старт)

3) гашу радиус

4) клиент отваливаеться

5) запускаю радиус

6) а сервер (аккел) умер, клиенты не конектяться

в логе вот такая штука:

[2011-09-27 15:32:17]: warn: ppp0: radius: server not responding

[2011-09-27 15:32:17]: warn: radius: server noy responding

[2011-09-27 15:32:17]: warn: ppp0: radius:acct: no servers available, terminating session...

[2011-09-27 15:32:17]: info: ppp0: disconnected

==> core.log <==

[2011-09-27 15:32:17.483]BUG:ctx:triton_unregister_ctx: handlers is not empty

Т.е. если радиус умрет на какое-то время то аккель нужно перезапускать ?

 

Собрал 1.4 из git, проблема исчезла, буду тестить под нагрузкой

Изменено 27 сентября, 2011 пользователем Dethman

[sergey-rnd]

всем привет!

Хотим обновиться до версии 1.4,

как в плане стабильности, как ведет себя под нагрузкой ?

[alexaaa]

Поделитесь кто нибудь правильтно настроенным конфигом accel-ppp-1.4 под l2tp или pptp.

Вот такой конфиг работал на версии 1.3.4 сейчас не работает на версии 1.4

 

[modules]

#path=/usr/local/lib/accel-ppp

log_file

#log_tcp

#log_pgsql

pptp

#pppoe

l2tp

#auth_pap

#auth_chap_md5

auth_mschap_v1

auth_mschap_v2

radius

#ippool

sigchld

pppd_compat

#shaper_tbf

#chap-secrets

 

[core]

log-error=/var/log/accel-ppp/core.log

thread-count=4

 

[ppp]

verbose=1

mtu=1500

mru=1500

min-mtu=1396

#ccp=0

 

[lcp]

echo-interval=30

echo-failure=3

 

[pptp]

echo-interval=30

verbose=1

 

[pppoe]

#interface=eth0

#verbose=1

 

[l2tp]

#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary

hello_interval=60

timeout=60

rtimeout=5

retransmit=5

verbose=3

 

[dns]

dns1=10.230.0.5

dns2=10.230.0.8

 

[radius]

#dictionary=/usr/local/share/accel-ppp/radius/dictionary

nas-identifier=accel-ppp

nas-ip-address=192.168.0.1

gw-ip-address=192.168.0.1

auth_server=192.168.0.2:1812,server

acct_server=192.168.0.2:1813,server

#dm_coa_secret=server

verbose=1

 

[client-ip-range]

10.230.0.0/16

192.168.1.0/24

 

[ip-pool]

 

[log]

log-file=/var/log/accel-ppp/accel-ppp.log

log-emerg=/var/log/accel-ppp/emerg.log

#log-debug=/dev/stdout

copy=1

color=1

#per-user-dir=per_user

#per-session-dir=per_session

#per-session=1

level=4

#log-tcp=192.168.1.117:514

#log-tcp=10.230.23.216:514

#log-tcp=192.168.1.122:514

 

[log-pgsql]

#conninfo=user=log

#log-table=log

 

[pppd-compat]

#ip-pre-up=/etc/ppp/ip-pre-up

ip-up=/etc/ppp/ip-up

#ip-down=/etc/ppp/ip-down

ip-change=/etc/ppp/ip-change

radattr-prefix=/var/run/radattr

verbose=1

 

[tbf]

attr=Filter-Id

down-burst-factor=0.1

up-burst-factor=0.3

latency=50

 

[cli]

telnet=127.0.0.1:2000

tcp=127.0.0.1:2001

passwd=server

Изменено 12 октября, 2011 пользователем alexaaa

[xeb]

auth_server=192.168.0.2:1812,server

acct_server=192.168.0.2:1813,server

заменить на

server=192.168.0.2,server

Изменено 12 октября, 2011 пользователем xeb

[alexaaa]

auth_server=192.168.0.2:1812,server

acct_server=192.168.0.2:1813,server

заменить на

server=192.168.0.2,server

заменил всё равно не помогло, сервер собран на Debian squeeze ядро 2.6.32-5, перепробывал все версии, заработала только 1.3.6 со старыми настройками, остальные версии не заработали, в логах пишет

l2tp: open '/usr/share/accel-ppp/l2tp/dictionary': No such file or directory

 

хотя эта директория на месте и файлы в ней тоже

Изменено 13 октября, 2011 пользователем alexaaa