welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1300 commits 1 branch 0 tags 3.7 MiB
Commit graph

331 commits

Author SHA1 Message Date
Samuel Thibault
b2942b3c53 cluster: Support running multiple instances on the same host 
With IP_MULTICAST_LOOP they can see each other. We "just" have to make sure
they use different IP addresses and route metrics to distinguish from each
other.
 2025-03-31 03:45:19 +02:00
Samuel Thibault
366faaea76 ipcp: try to re-send CHAP ack on timeout 
If it was lost, some clients (e.g. pppd) may not try to re-send their CHAP reply.
 2025-03-31 03:43:05 +02:00
Samuel Thibault
0845ec8a19 Add route_metric option 
To be able to keep different routes from several running l2tpns instances.
 2025-03-30 17:12:01 +02:00
Samuel Thibault
b793850d2f Add route_protocol option 
To be able to distinguish routes from several running l2tpns instances.
 2025-03-30 17:11:53 +02:00
Samuel Thibault
75144a546c l2tp: Add CHAP auth information in ICCN 
To support proxy auth.
 2025-03-28 20:38:19 +01:00
Samuel Thibault
499677627f l2tp: Expose a control receive window > 4 
The default 4 is really small, and imposes very sequential processing of
reconnections in case we lose all sessions. Nowadays we easily have
memory for a lot more.
 2025-03-23 19:06:07 +01:00
Samuel Thibault
40796d2adb l2tp: Add PAP auth information in ICCN 
To support proxy auth.
 2025-03-23 03:17:44 +01:00
Samuel Thibault
b5c198ae87 l2tplac: fast-forward session that triggered tunnel creation 
Previously, when we got a call to be forwarded to another LNS and we didn't
have a tunnel to it yet, we would wait for a PAP/CHAP re-send to trigger the
creation of a session in the fresh tunnel. We do not have to wait, we can
trigger that on SCCCN ack.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
b48dfb2697 l2tplac: Delay considering the tunnel to LNS open until SCCCN ack 
We are not really supposed to send ICRQ until we got our SCCCN acked, so better
wait for it.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
6f04a5c390 l2tp: Add Last Sent/Received LCP ConfReq in ICCN 
To support proxy LCP negotiation.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
cc012e18fa Add MessageAuthenticator support 
To address RadiusBLAST vulnerability.

Fixes #16
 2024-10-20 01:43:26 +02:00
Samuel Thibault
85044bc6a4 control: Queue packets received Out-of-Order 
Retransmissions are done very slowly, so we'd really better store the
Out-of-Order messages so that we can catch up quickly once we get the
missing piece.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
3ab80a9d66 IPV6CP: suggest an interface identifier option 
Some peers seem to be sending no such option. The rfc says in that case
to try to send an option with a suggested value. Don't insist on it
however if the peer still doesn't send any.

That can fix IPv6 for some peers.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
38bfd3f738 Add L2TP bridging offloading support 2024-05-13 20:14:58 +02:00
Samuel Thibault
a957ff08ee Throttle switching kernel acceleration 
Creating/destroying interfaces etc. does take some time. When e.g. receiving
a lot of sessions as new slave, we don't want to stay stuck creating
hundreds of interfaces while we are already receiving control messages
that we have to forward to master not too late. Switching kernel
acceleration can wait a bit most of the time.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
a22295d804 Fasten quitting l2tp game 
Drop routes as quickly as possible to lose as few packets as possible in the
meanwhile.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
0ac498d7d3 cli: Show acceleration interface name 
And allow selecting a session through it
 2024-05-13 20:14:56 +02:00
Samuel Thibault
58d038dc0b Add ICMPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
5dcbd68b75 Add DHCPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
a9e18411d3 Add L2TP offloading support 
Fixes #13

Also-by: Dominique Martinet <asmadeus@codewreck.org>
 2024-05-13 20:14:38 +02:00
Samuel Thibault
c3eb1be0b4 Separate out DHCP processing 
So we can later call it on UDP datagrams obtained from UDP socket.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
8c04e26f3f Consolidate adding/removing routes 
into routesset and routes6set.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
c7853de428 Consolidate stat update code 
into
update_session_in_stat
update_session_out_stat
 2024-05-13 20:14:38 +02:00
Samuel Thibault
5db476bb6e Add generic netlink infrastructure 2024-05-13 20:14:38 +02:00
Samuel Thibault
60329986b2 Rename netlink infrastructure to rtnetlink 
We will introduce genetlink infrastructure just after this.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
fdf19f5467 cli: Fix missing closing file descriptors 2024-05-13 20:14:38 +02:00
Samuel Thibault
05772e2295 Add periodic RA sends 
The RFC indeed say that we should send them periodically.  We were
previously only sending them along LCP echo replies, but echo requests
are typically sent only when there is no trafic, which RA need to be
sent even when there is trafic.
 2023-12-04 19:41:57 +01:00
Samuel Thibault
3be9b1657a Note what changed in versions 8, 9 and 10 2023-12-03 21:24:54 +01:00
Samuel Thibault
3667bdfe80 Also clamp MSS on IPv6 
Some routers erratically drop "Packet too big" icmp messages, and PMTU
discovery then doesn't work. We can however easily clamp MSS on IPv6 too.
 2023-11-05 17:21:14 +01:00
Samuel Thibault
8e7bfa9a77 Add mp_mrru option 
Some equipments seem not able to actually put options in Configure-Reject
messages, so we then have to disable MRRU by hand.
 2023-02-07 12:45:29 +01:00
Samuel Thibault
7623522726 Avoid warning 
The restart code is indeed only needed for reset cases, any other case
doesn't need anything there.
 2022-11-03 11:51:43 +01:00
Samuel Thibault
fbf0c191e1 Fix operator priority 
(notably ternary ?: is less prioritized than <=)
 2022-11-03 11:50:04 +01:00
Sebastien Badia
d1536bdcfb
New release: 2.4.1 2022-09-03 01:10:37 +02:00
sebian
40a02aa8d5 Merge branch '64bit' into 'master' 
Use 64bit counters for accounting

Closes #12

See merge request l2tpns/l2tpns!13
 2022-07-02 12:16:54 +00:00
Samuel Thibault
71a60411a1 Use newer radius port 1812 by default 
1645 has been marked as "old-radius" for a long time.
 2022-05-28 09:33:05 +02:00
Samuel Thibault
31dedbbe66 Use 64bit counters for accounting 
Otherwise with 5-minute reporting we overflow with >= ~100Mbps.

Fixes #12
 2022-01-24 00:40:26 +01:00
Baptiste Jonglez
832945bb4b Fix reported l2tpns version number 2021-10-15 21:55:31 +02:00
Julien Rabier
bc2d55725b New release: 2.3.2 2021-01-31 17:35:36 +01:00
Julien Rabier
4824735794 New release: 2.3.1 2020-11-07 15:11:48 +01:00
Julien Rabier
cff4a52c50 New release: 2.3.0 2020-11-05 18:31:52 +01:00
Sebastien Badia
745de1082a
(maint) Fixes common spelling error 
* minumum minimum
* remaing remaining
* Mismaching Mismatching
 2020-04-28 10:53:18 +02:00
fendo
84082b35b1 Fix: mismatch variable type (cluster_port). 2017-05-27 11:13:58 +02:00
fendo
0f20bfda6a Add cluster_port parameter for Multiple clusters 2017-05-27 00:09:19 +02:00
fendo
7034e6a018 Sending IPv6_ra more often. 2017-01-14 14:03:34 +01:00
fendo
07e1df5b92 Add of the ppp_keepalive option. 2015-09-22 23:19:01 +02:00
fendo
9c77145f71 Add of the RDNSS option to ICMPv6 Router Advertisement (RA). 2014-10-02 00:28:57 +02:00
fendo
8d94f2020d new feature: If the user attribute "Framed-IPv6-Address" is defined then the ICMPv6_RA advertise this IPv6 address. 
Fix: Incorrect delegation of IPv6 prefixes when multiple of 4 bits (nibble) (eg: /44, /52 ...).
 2014-09-18 18:16:21 +02:00
fendo
e98fe68174 Added ability to define up to 5 IPv6 prefix delegation by user 2014-09-16 17:34:39 +02:00
fendo
b3f40f41f7 Add DHCPv6 functionality. 2014-09-11 16:19:57 +02:00
fendo
6b70732490 add attribut >no_throttle_local_IP 2013-11-12 21:33:42 +01:00