welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1300 commits 1 branch 0 tags 3.7 MiB
Commit graph

506 commits

Author SHA1 Message Date
Samuel Thibault
b2942b3c53 cluster: Support running multiple instances on the same host 
With IP_MULTICAST_LOOP they can see each other. We "just" have to make sure
they use different IP addresses and route metrics to distinguish from each
other.
 2025-03-31 03:45:19 +02:00
Samuel Thibault
366faaea76 ipcp: try to re-send CHAP ack on timeout 
If it was lost, some clients (e.g. pppd) may not try to re-send their CHAP reply.
 2025-03-31 03:43:05 +02:00
Samuel Thibault
b3b052a483 cluster: Close l2tp sockets before routes 
So another l2tpns on the same host can receive l2tp while we are quickly
removing our routes.
 2025-03-31 03:39:31 +02:00
Samuel Thibault
7d2d97436c cluster: Don't wait for peer chap answer before leaving 
The next master can restart the authentication
 2025-03-31 03:37:05 +02:00
Samuel Thibault
5c0e3949f8 route: Add if index in log 2025-03-30 21:51:43 +02:00
Samuel Thibault
c9aac241ea route: Update time while adding/removing routes 
So we seen when adding/removing a lot of them if that takes a long time
 2025-03-30 20:47:14 +02:00
Samuel Thibault
ebb8784ec3 kernel_accel: Cope with receiving freed sessions 2025-03-30 19:59:56 +02:00
Samuel Thibault
8b3ccb2ac5 l2tp: Increase queue size 
So we can catch up according to the window that we announce.
 2025-03-30 19:17:16 +02:00
Samuel Thibault
b64ad7990b Update comment 2025-03-30 18:05:45 +02:00
Samuel Thibault
22f650d828 Log explicitly when shutting down 2025-03-30 17:57:33 +02:00
Samuel Thibault
4ba646d2af Reduce loglevel of multi_read_count 2025-03-30 17:53:29 +02:00
Samuel Thibault
0845ec8a19 Add route_metric option 
To be able to keep different routes from several running l2tpns instances.
 2025-03-30 17:12:01 +02:00
Samuel Thibault
b793850d2f Add route_protocol option 
To be able to distinguish routes from several running l2tpns instances.
 2025-03-30 17:11:53 +02:00
Samuel Thibault
43cbe0e4b2 Fix setting route metric (aka priority) 2025-03-29 14:43:28 +01:00
Samuel Thibault
75144a546c l2tp: Add CHAP auth information in ICCN 
To support proxy auth.
 2025-03-28 20:38:19 +01:00
Samuel Thibault
499677627f l2tp: Expose a control receive window > 4 
The default 4 is really small, and imposes very sequential processing of
reconnections in case we lose all sessions. Nowadays we easily have
memory for a lot more.
 2025-03-23 19:06:07 +01:00
Samuel Thibault
c12eab7a9c l2tp: Disable ZLB send optimization 
controlc doesn't mean we will send more messages, but only that some of them
are pending ack. If we have already sent them and the peer has just not
acked them yet, controlnull() would not send a ZLB, and once the peer
has acked our control messages, we wouldn't send a ZLB with an updated Nr.
 2025-03-23 18:52:32 +01:00
Samuel Thibault
40796d2adb l2tp: Add PAP auth information in ICCN 
To support proxy auth.
 2025-03-23 03:17:44 +01:00
Samuel Thibault
e701644d37 load_tunnel: reset scccn 
If we later turn master, we want scccn already reset like when clearing a
tunnel.
 2025-03-16 02:14:50 +01:00
Samuel Thibault
b5c198ae87 l2tplac: fast-forward session that triggered tunnel creation 
Previously, when we got a call to be forwarded to another LNS and we didn't
have a tunnel to it yet, we would wait for a PAP/CHAP re-send to trigger the
creation of a session in the fresh tunnel. We do not have to wait, we can
trigger that on SCCCN ack.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
b48dfb2697 l2tplac: Delay considering the tunnel to LNS open until SCCCN ack 
We are not really supposed to send ICRQ until we got our SCCCN acked, so better
wait for it.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
6f04a5c390 l2tp: Add Last Sent/Received LCP ConfReq in ICCN 
To support proxy LCP negotiation.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
557a3944e6 Typo 2025-03-09 16:07:39 +01:00
Samuel Thibault
011d9a726c Enable kernel acceleration for one-link mppp links 
Clients may have enabled mppp without actually using several links. We
can support acceleration in that case.
 2024-10-20 01:52:01 +02:00
Samuel Thibault
cc012e18fa Add MessageAuthenticator support 
To address RadiusBLAST vulnerability.

Fixes #16
 2024-10-20 01:43:26 +02:00
Samuel Thibault
85044bc6a4 control: Queue packets received Out-of-Order 
Retransmissions are done very slowly, so we'd really better store the
Out-of-Order messages so that we can catch up quickly once we get the
missing piece.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
3add0afa38 Log from which IPs odd UDP packets come from 2024-05-13 20:14:58 +02:00
Samuel Thibault
38bfd3f738 Add L2TP bridging offloading support 2024-05-13 20:14:58 +02:00
Samuel Thibault
a957ff08ee Throttle switching kernel acceleration 
Creating/destroying interfaces etc. does take some time. When e.g. receiving
a lot of sessions as new slave, we don't want to stay stuck creating
hundreds of interfaces while we are already receiving control messages
that we have to forward to master not too late. Switching kernel
acceleration can wait a bit most of the time.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
a22295d804 Fasten quitting l2tp game 
Drop routes as quickly as possible to lose as few packets as possible in the
meanwhile.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
0ac498d7d3 cli: Show acceleration interface name 
And allow selecting a session through it
 2024-05-13 20:14:56 +02:00
Dominique Martinet
72fca9b8f0 create/update_kernel_tunnel: add some debug logs 2024-05-13 20:14:39 +02:00
Dominique Martinet
c8c197bf3a processppp: fix IP log when tunnel IP source change 
fmtaddr formats the string to a static buffer that must be selected
manually, but this log message was re-using the same buffer.

Use another index for 2nd IP so we get to know which is what.

Fixes: 2429969bd04d ("Add L2TP offloading support")
 2024-05-13 20:14:38 +02:00
Samuel Thibault
58d038dc0b Add ICMPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
5dcbd68b75 Add DHCPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
a9e18411d3 Add L2TP offloading support 
Fixes #13

Also-by: Dominique Martinet <asmadeus@codewreck.org>
 2024-05-13 20:14:38 +02:00
Samuel Thibault
13d7080ac1 Add recvfromto6 2024-05-13 20:14:38 +02:00
Samuel Thibault
e53fccd36c Add route for session-specific subprefix of the ipv6 prefix 
Otherwise with kernel acceleration we would only have the same /64 route
on all ppp devices. We need separate /96 routes on each ppp device for
packets of the /96 subprefix to be routed to the correct session.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
8c04e26f3f Consolidate adding/removing routes 
into routesset and routes6set.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
c7853de428 Consolidate stat update code 
into
update_session_in_stat
update_session_out_stat
 2024-05-13 20:14:38 +02:00
Samuel Thibault
1db43fc51d Separate out PPP processing 
So we can later call it on frames obtained from kernel ppp interface.

Better seen with diff -w
 2024-05-13 20:14:38 +02:00
Samuel Thibault
79a08faea9 Generalize L2TP UDP socket creation 
So we can later use it to create per-tunnel L2TP sockets.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
5df78e9467 Separate out if configuration into setupif 
So we can later apply it to ppp interfaces.

Better seen with diff -w
 2024-05-13 20:14:38 +02:00
Samuel Thibault
b2bc6da827 Add support for deleting all kernel tunnels/sessions 
Unfortunately, tunnels and session can survive us, so we have to drop any
tunnel/session left from a previous instance that might have crashed.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
1f4d79ce85 Add L2TP kernel infrastructure 
This essentially exposes the kernel features, without using them yet.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
5db476bb6e Add generic netlink infrastructure 2024-05-13 20:14:38 +02:00
Samuel Thibault
60329986b2 Rename netlink infrastructure to rtnetlink 
We will introduce genetlink infrastructure just after this.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
fdf19f5467 cli: Fix missing closing file descriptors 2024-05-13 20:14:38 +02:00
Samuel Thibault
e9c1c31682 cluster: Save counters before we leave 2024-03-12 19:45:20 +01:00
sthibaul
cbe2b3910f Merge branch 'chap_passwd' into 'master' 
Fix the password used when acting as LAC

See merge request l2tpns/l2tpns!22
 2024-03-12 00:49:17 +00:00