ppp interfaces in network namespace

Questions related to general functionality
Post Reply
proca
Posts: 14
Joined: 07 Dec 2018, 17:24

ppp interfaces in network namespace

Post by proca »

Dear members,

First of all I want to express my gratitude for the accel-ppp team for creating a great product.
My servers peaked 2500 pppoe users and 3Gbps in+out on a single 1x10G X710 intel card running on pcie 2.0 port.

I'm experimenting with the idea of having pppoe users redirected to a portal in certain scenarios so we can present messages to them.
iptables would be one way to go about it but I was seeing netns supported also.

My question: is there any way that I can tell accel-ppp to bring up a certain ppp interface inside a netns ?
This way I could change the default gateway inside that specific netns and route the user to a captive portal.

Thanks.
proca
Posts: 14
Joined: 07 Dec 2018, 17:24

Re: ppp interfaces in network namespace

Post by proca »

I managed to do this via ip-up scripts so far and it seems to work. I can run a sql query in the ip-up to dertermine where the user should go. would have liked a radius option though, less stress on the db.

I do see one warning message in the accel-ppp.log:
warn: ppp0: failed to get interface statistics

I presume since the interface is in another namespace we cannot get stats, so accounting does not work:
<Acct-Session-Time 1615> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0>

can i trigger a disable for the interface statistics of a specific ppp interface so i get rid of the error ?
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: ppp interfaces in network namespace

Post by dimka88 »

Hi, do you use `NAS-Port-Id=ns/` or pppd_compat(ip-up) script?
viewtopic.php?f=4&t=670
proca
Posts: 14
Joined: 07 Dec 2018, 17:24

Re: ppp interfaces in network namespace

Post by proca »

hi,

I've successfully used pppd_compat but this creates a small strain on the database as another sql query inside the ip-up script is needed to determine the routing table.
How can I use NAS-Port-Id=ns/ ? this atribute is used in the access-request and accounting.

I would need to get the NS as I get the framedipaddress for example.

Thanks
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: ppp interfaces in network namespace

Post by dimka88 »

Hi, you need just send `NAS-Port-Id=<name space>/ ` in Access-Accept, This is all
proca
Posts: 14
Joined: 07 Dec 2018, 17:24

Re: ppp interfaces in network namespace

Post by proca »

So if I edit the radius dictionary and add a new string atribute NAS-Port-Id for the radius reply it should do the trick ?
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: ppp interfaces in network namespace

Post by dimka88 »

NAS-Port-Id this is default radius attribute, and as I remember it has type string.
proca
Posts: 14
Joined: 07 Dec 2018, 17:24

Re: ppp interfaces in network namespace

Post by proca »

Thanks, it worked in the lab after sending the attribute

[2020-06-04 19:53:32.466] ens192: 015191e682973db1: recv [RADIUS(2) Access-Accept id=1 <Framed-IP-Address 1.2.3.4> <NAS-Port-Id "suspendat/">]

root@vpppoe-1:/home/proca# accel-cmd show sessions ifname,username,calling-sid,called-sid,ip,type,state,uptime,netns
ifname | username | calling-sid | called-sid | ip | type | state | uptime | netns
--------+----------+-------------------+------------+---------------+-------+--------+----------+-----------
ppp0 | Zamfir1 | 00:0c:29:db:53:ae | ens192 | 1.2.3.4 | pppoe | active | 00:00:18 | suspendat

ip netns exec suspendat ip route
default via 172.16.35.33 dev ens256
1.2.3.4 dev ppp0 proto kernel scope link src 10.0.0.3
172.16.35.32/29 dev ens256 proto kernel scope link src 172.16.35.36
Post Reply