More example configs
This commit is contained in:
parent
ace7452145
commit
7442bddd3d
2 changed files with 197 additions and 3 deletions
|
|
@ -1,8 +1,16 @@
|
|||
set pppoe_if_to_bind "vpplan"
|
||||
#set pppoe_service_name "l2tpns"
|
||||
setforward "@l2tp.de" 10.0.0.11 1701 "test1"
|
||||
|
||||
set bind_portremotelns 1701
|
||||
|
||||
set cluster_interface "lo"
|
||||
|
||||
# Debugging level
|
||||
set debug 3
|
||||
|
||||
# Log file: comment out to use stderr, use "syslog:facility" for syslog
|
||||
set log_file "/var/log/l2tpns"
|
||||
#set log_file "/var/log/l2tpns"
|
||||
|
||||
# Write pid to this file
|
||||
set pid_file "/var/run/l2tpns.pid"
|
||||
|
|
@ -11,7 +19,7 @@ set pid_file "/var/run/l2tpns.pid"
|
|||
#set hostname "localhost"
|
||||
|
||||
# Shared secret with LAC
|
||||
set l2tp_secret "secret"
|
||||
set l2tp_secret "test1"
|
||||
|
||||
# MTU of interface for L2TP traffic
|
||||
#set l2tp_mtu 1500
|
||||
|
|
@ -24,6 +32,10 @@ set l2tp_secret "secret"
|
|||
#set ppp_max_configure 10
|
||||
#set ppp_max_failure 5
|
||||
|
||||
# Can be set to "on-mismatch" to enable proxy LCP negotiation
|
||||
# (e.g. if LAC cannot pass LCP through)
|
||||
#set lcp_renegotiation "always"
|
||||
|
||||
# Only 2 DNS server entries are allowed
|
||||
set primary_dns 10.0.0.1
|
||||
set secondary_dns 10.0.0.2
|
||||
|
|
@ -155,7 +167,7 @@ set ppp_keepalive yes
|
|||
#load plugin "garden"
|
||||
|
||||
# Kernel acceleration, enable on no more than one instance on the same machine!
|
||||
#set kernel_accel yes
|
||||
set kernel_accel yes
|
||||
#
|
||||
# You will probably want to also enable MSS clamping, which l2tpns won't be able to do any more:
|
||||
# iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
|
||||
|
|
|
|||
182
etc/startup-config.l2tp-switch
Normal file
182
etc/startup-config.l2tp-switch
Normal file
|
|
@ -0,0 +1,182 @@
|
|||
#set pppoe_if_to_bind "vpplan"
|
||||
#set pppoe_service_name "l2tpns"
|
||||
setforward "@l2tp.de" 10.0.0.11 1701 "test1"
|
||||
|
||||
set bind_portremotelns 1701
|
||||
|
||||
set cluster_interface "lo"
|
||||
|
||||
# Debugging level
|
||||
set debug 3
|
||||
|
||||
# Log file: comment out to use stderr, use "syslog:facility" for syslog
|
||||
#set log_file "/var/log/l2tpns"
|
||||
|
||||
# Write pid to this file
|
||||
set pid_file "/var/run/l2tpns.pid"
|
||||
|
||||
# This host name, if different from the OS one
|
||||
#set hostname "localhost"
|
||||
|
||||
# Shared secret with LAC
|
||||
set l2tp_secret "test1"
|
||||
|
||||
# MTU of interface for L2TP traffic
|
||||
#set l2tp_mtu 1500
|
||||
|
||||
# MRRU for MP traffic
|
||||
#set mp_mrru 1614
|
||||
|
||||
# PPP counter and timer values
|
||||
#set ppp_restart_time 3
|
||||
#set ppp_max_configure 10
|
||||
#set ppp_max_failure 5
|
||||
|
||||
# Can be set to "on-mismatch" to enable proxy LCP negotiation
|
||||
# (e.g. if LAC cannot pass LCP through)
|
||||
#set lcp_renegotiation "always"
|
||||
|
||||
# Only 2 DNS server entries are allowed
|
||||
set primary_dns 10.0.0.1
|
||||
set secondary_dns 10.0.0.2
|
||||
|
||||
# Can have multiple radius server entries, but ony one radius secret
|
||||
set primary_radius 10.0.0.3
|
||||
#set primary_radius_port 1812
|
||||
#set secondary_radius 0.0.0.0
|
||||
#set secondary_radius_port 1812
|
||||
set radius_secret "secret"
|
||||
# Set this to yes once you have confirmed that your RADIUS server provides MessageAuthenticator in its responses
|
||||
#set radius_require_message_authenticator auto
|
||||
|
||||
# Acceptable authentication types (pap, chap) in order of preference
|
||||
#set radius_authtypes "pap"
|
||||
|
||||
# Turn on or off Radius Accounting
|
||||
#set radius_accounting no
|
||||
|
||||
# Port for DAE RADIUS requests
|
||||
#set radius_dae_port 3799
|
||||
|
||||
# Allow multiple logins for the same username
|
||||
#set allow_duplicate_users no
|
||||
|
||||
# Kill timedout sessions ? (default yes)
|
||||
#set kill_timedout_sessions no
|
||||
|
||||
# Allow multiple logins for specific username
|
||||
#set guest_account ""
|
||||
|
||||
# Write usage accounting files into specified directory
|
||||
#set accounting_dir "/var/run/l2tpns/acct"
|
||||
|
||||
# Listen address for L2TP
|
||||
#set bind_address 1.1.1.1
|
||||
|
||||
# Listen address for CLI
|
||||
set cli_bind_address 127.0.0.1
|
||||
|
||||
# Send a gratiuitous ARP for bind address
|
||||
#set send_garp no
|
||||
|
||||
# Gateway address given to clients
|
||||
#set peer_address 0.0.0.0
|
||||
|
||||
# Default throttle rate in kb/s
|
||||
#set throttle_speed 0
|
||||
|
||||
# Number of buckets to allocate for throttling
|
||||
#set throttle_buckets 3000
|
||||
|
||||
# If set to true, dump current speed to stderr every second
|
||||
#set dump_speed no
|
||||
|
||||
# Number of packets to read from tun/udp/cluster fd when select
|
||||
# returns readable
|
||||
#set multi_read_count 10
|
||||
|
||||
# Set scheduling priority of process to SCHED_FIFO
|
||||
#set scheduler_fifo no
|
||||
|
||||
# Lock pages into memory
|
||||
#set lock_pages no
|
||||
|
||||
# Maximum number of host unreachable packets to send per second
|
||||
#set icmp_rate 0
|
||||
|
||||
# Maximum number of downstream packets per 0.1s to handle for each
|
||||
# session (0 = ulimited)
|
||||
#set packet_limit 0
|
||||
|
||||
# Cluster multicast address, interface
|
||||
#set cluster_address 239.192.13.13
|
||||
#set cluster_port 32792
|
||||
#set cluster_interface eth0
|
||||
|
||||
# Cluster multicast TTL
|
||||
#set cluster_mcast_ttl 1
|
||||
|
||||
# Cluster timers (1/10th second)
|
||||
#set cluster_hb_interval 5
|
||||
#set cluster_hb_timeout 150
|
||||
|
||||
# Minimum number of slaves before master withdraws routes
|
||||
#set cluster_master_min_adv 1
|
||||
|
||||
# IPv6 address prefix
|
||||
#set ipv6_prefix ::
|
||||
|
||||
# Only 2 IPv6 DNS server entries are allowed
|
||||
#set primary_ipv6_dns 2001:db8::1
|
||||
#set secondary_ipv6_dns 2001:db8::2
|
||||
|
||||
# BGP NEXT_HOP path attribute
|
||||
#set nexthop 10.0.1.1
|
||||
#set nexthop6 2001:db8::1
|
||||
|
||||
# Route metric (lower is preferred)
|
||||
#set route_metric 1
|
||||
# Route protocol number to use
|
||||
#set route_protocol 42
|
||||
|
||||
# Time between last packet sent and LCP ECHO generation (default 10 seconds)
|
||||
#set echo_timeout 10
|
||||
# Drop sessions who have not responded within idle_echo_timeout seconds (default 240 seconds)
|
||||
#set idle_echo_timeout 240
|
||||
# Change this value to no to force generation of LCP ECHO every echo_timeout seconds, even there are activity on the link (default yes)
|
||||
set ppp_keepalive yes
|
||||
|
||||
# Drop/kill sessions
|
||||
#load plugin "sessionctl"
|
||||
|
||||
# Throttle/snoop based on RADIUS
|
||||
#load plugin "autothrottle"
|
||||
#load plugin "autosnoop"
|
||||
|
||||
# Control throttle/snoop with nsctl
|
||||
#load plugin "throttlectl"
|
||||
#load plugin "snoopctl"
|
||||
|
||||
# Punt RX speed if not supplied
|
||||
#load plugin "setrxspeed"
|
||||
|
||||
# Remove domain from username
|
||||
#load plugin "stripdomain"
|
||||
|
||||
# Walled garden
|
||||
#load plugin "garden"
|
||||
|
||||
# Kernel acceleration, enable on no more than one instance on the same machine!
|
||||
set kernel_accel yes
|
||||
#
|
||||
# You will probably want to also enable MSS clamping, which l2tpns won't be able to do any more:
|
||||
# iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
|
||||
# ip6tables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
|
||||
# or
|
||||
# nft add rule inet filter forward tcp flags syn tcp option maxseg size set rt mtu
|
||||
#
|
||||
# and allow dhcpv6 traffic:
|
||||
# iptables -A INPUT -i ppp+ -p udp --sport 546 --dport 547 -j ACCEPT
|
||||
#
|
||||
# and increase the memory available for igmp6 for DHCPv6 and RS:
|
||||
# sysctl net.core.optmem_max=10485760
|
||||
Loading…
Add table
Add a link
Reference in a new issue