welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1288 commits 1 branch 0 tags 3.7 MiB
Commit graph

1288 commits

This branch
This branch
All branches
Author SHA1 Message Date
Samuel Thibault
37ff318b32 cli: Show tunnel queue length 2025-03-30 17:32:56 +02:00
Samuel Thibault
0845ec8a19 Add route_metric option 
To be able to keep different routes from several running l2tpns instances.
 2025-03-30 17:12:01 +02:00
Samuel Thibault
b793850d2f Add route_protocol option 
To be able to distinguish routes from several running l2tpns instances.
 2025-03-30 17:11:53 +02:00
Samuel Thibault
44b01d70c6 regenerate docs 2025-03-30 12:01:08 +02:00
Samuel Thibault
544a622c2a Make it clear that the cluster peer list is currently at the time of connection 2025-03-29 17:20:39 +01:00
Samuel Thibault
2af4b47f46 Permanently store authentication id in sess_local[s].auth_id 
rather than ping-ponging with radius[r].id

This also make sendchap use a different id on each call, necessary for
some clients which cache responses.
 2025-03-29 16:11:40 +01:00
Samuel Thibault
c4147ed3cc typo 2025-03-29 15:58:40 +01:00
Samuel Thibault
43cbe0e4b2 Fix setting route metric (aka priority) 2025-03-29 14:43:28 +01:00
Samuel Thibault
75144a546c l2tp: Add CHAP auth information in ICCN 
To support proxy auth.
 2025-03-28 20:38:19 +01:00
Samuel Thibault
12cc3c39b0 Advertise LAC support 2025-03-25 02:26:39 +01:00
Samuel Thibault
450467d626 Fix split words 2025-03-25 02:24:40 +01:00
Samuel Thibault
c8c24f515b Fix links 2025-03-25 02:21:10 +01:00
Samuel Thibault
6f214e57ef Add links to documentations 2025-03-25 02:19:26 +01:00
Samuel Thibault
499677627f l2tp: Expose a control receive window > 4 
The default 4 is really small, and imposes very sequential processing of
reconnections in case we lose all sessions. Nowadays we easily have
memory for a lot more.
 2025-03-23 19:06:07 +01:00
Samuel Thibault
c12eab7a9c l2tp: Disable ZLB send optimization 
controlc doesn't mean we will send more messages, but only that some of them
are pending ack. If we have already sent them and the peer has just not
acked them yet, controlnull() would not send a ZLB, and once the peer
has acked our control messages, we wouldn't send a ZLB with an updated Nr.
 2025-03-23 18:52:32 +01:00
Samuel Thibault
40796d2adb l2tp: Add PAP auth information in ICCN 
To support proxy auth.
 2025-03-23 03:17:44 +01:00
Samuel Thibault
e701644d37 load_tunnel: reset scccn 
If we later turn master, we want scccn already reset like when clearing a
tunnel.
 2025-03-16 02:14:50 +01:00
Samuel Thibault
e801ce0c4f Fix setting SO_REUSEADDR 
It expects a boolean, not an address
 2025-03-16 01:19:47 +01:00
Samuel Thibault
b5c198ae87 l2tplac: fast-forward session that triggered tunnel creation 
Previously, when we got a call to be forwarded to another LNS and we didn't
have a tunnel to it yet, we would wait for a PAP/CHAP re-send to trigger the
creation of a session in the fresh tunnel. We do not have to wait, we can
trigger that on SCCCN ack.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
b409fb7b9d l2tplac: move forward session creation to lac_create_session function 
Which will be useful to fasten session creation after tunnel is created.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
b48dfb2697 l2tplac: Delay considering the tunnel to LNS open until SCCCN ack 
We are not really supposed to send ICRQ until we got our SCCCN acked, so better
wait for it.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
6f04a5c390 l2tp: Add Last Sent/Received LCP ConfReq in ICCN 
To support proxy LCP negotiation.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
ffcaf851ca ppp: Also choke on options with invalid length 1 2025-03-09 13:31:36 -04:00
Samuel Thibault
557a3944e6 Typo 2025-03-09 16:07:39 +01:00
Samuel Thibault
6cf6cdfbe7 Add support list 2025-02-13 18:04:05 +01:00
Samuel Thibault
0eab31dbfa Clarify the extent of acceleration constraint 2024-11-02 19:31:00 +01:00
Samuel Thibault
011d9a726c Enable kernel acceleration for one-link mppp links 
Clients may have enabled mppp without actually using several links. We
can support acceleration in that case.
 2024-10-20 01:52:01 +02:00
Samuel Thibault
cc012e18fa Add MessageAuthenticator support 
To address RadiusBLAST vulnerability.

Fixes #16
 2024-10-20 01:43:26 +02:00
Samuel Thibault
42ef80e0b4 Add MD5_Hmac 2024-10-19 21:48:05 +02:00
Samuel Thibault
e856f0a920 md5: Add const qualifiers 2024-10-19 21:47:07 +02:00
sthibaul
4ed2811210 Merge branch 'kernel' into 'master' 
Add L2TP kernel offloading support

Closes #13

See merge request l2tpns/l2tpns!23
 2024-10-19 17:47:59 +00:00
Samuel Thibault
85044bc6a4 control: Queue packets received Out-of-Order 
Retransmissions are done very slowly, so we'd really better store the
Out-of-Order messages so that we can catch up quickly once we get the
missing piece.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
3ab80a9d66 IPV6CP: suggest an interface identifier option 
Some peers seem to be sending no such option. The rfc says in that case
to try to send an option with a suggested value. Don't insist on it
however if the peer still doesn't send any.

That can fix IPv6 for some peers.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
3add0afa38 Log from which IPs odd UDP packets come from 2024-05-13 20:14:58 +02:00
Samuel Thibault
38bfd3f738 Add L2TP bridging offloading support 2024-05-13 20:14:58 +02:00
Samuel Thibault
a957ff08ee Throttle switching kernel acceleration 
Creating/destroying interfaces etc. does take some time. When e.g. receiving
a lot of sessions as new slave, we don't want to stay stuck creating
hundreds of interfaces while we are already receiving control messages
that we have to forward to master not too late. Switching kernel
acceleration can wait a bit most of the time.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
a22295d804 Fasten quitting l2tp game 
Drop routes as quickly as possible to lose as few packets as possible in the
meanwhile.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
0ac498d7d3 cli: Show acceleration interface name 
And allow selecting a session through it
 2024-05-13 20:14:56 +02:00
Samuel Thibault
f00ec1c6e4 Note that one probably wants to increase memory for igmp6 2024-05-13 20:14:39 +02:00
Samuel Thibault
60b78506e8 Document that MSS clamping needs to be done by Linux 2024-05-13 20:14:39 +02:00
Dominique Martinet
72fca9b8f0 create/update_kernel_tunnel: add some debug logs 2024-05-13 20:14:39 +02:00
Dominique Martinet
c8c197bf3a processppp: fix IP log when tunnel IP source change 
fmtaddr formats the string to a static buffer that must be selected
manually, but this log message was re-using the same buffer.

Use another index for 2nd IP so we get to know which is what.

Fixes: 2429969bd04d ("Add L2TP offloading support")
 2024-05-13 20:14:38 +02:00
Samuel Thibault
1b9c50df98 Comment on memory needs for igmp6 subscriptions 2024-05-13 20:14:38 +02:00
Samuel Thibault
58d038dc0b Add ICMPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
5dcbd68b75 Add DHCPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
a9e18411d3 Add L2TP offloading support 
Fixes #13

Also-by: Dominique Martinet <asmadeus@codewreck.org>
 2024-05-13 20:14:38 +02:00
Samuel Thibault
13d7080ac1 Add recvfromto6 2024-05-13 20:14:38 +02:00
Samuel Thibault
c3eb1be0b4 Separate out DHCP processing 
So we can later call it on UDP datagrams obtained from UDP socket.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
e53fccd36c Add route for session-specific subprefix of the ipv6 prefix 
Otherwise with kernel acceleration we would only have the same /64 route
on all ppp devices. We need separate /96 routes on each ppp device for
packets of the /96 subprefix to be routed to the correct session.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
8c04e26f3f Consolidate adding/removing routes 
into routesset and routes6set.
 2024-05-13 20:14:38 +02:00