I'm testing accel-ppp's ipoe support. My goal is to use it to authorize and shape GEPON services, without relying on pppoe and with as few special purpose hardware as possible. The host labeled BNG runs accel-ppp in debian 12. It also runs freeradius and kea.
Code: Select all
+-------+ +-------+ +-------+
| GEPON | 1 | | 254 1 | ISP |
| OLT |--------------| BNG |-----------------| ROUTER|
| | 192.0.2.0/24 | | 198.51.100.0/24 | |
+-------+ eth0 +-------+ eth1 +-------+
Is my stated goal feasible? Am I on the right track to achieve it?
I will thankfully receive your comments.
The contents of accel-ppp's configuration file is shown below. Sections ip-pool, common, ppp, auth, pptp, pppoe, l2tp, sstp, dns, wins, log-pgsql, pppd-compat, chap-secrets, ipv6-pool, ipv6-dns and ipv6-dhcp contain no configuration lines.
Code: Select all
# Beginning of /etc/accel-ppp.conf
[modules]
log_file
ipoe
auth_mschap_v2
auth_mschap_v1
auth_chap_md5
auth_pap
radius
shaper
net-snmp
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4
[ipoe]
username=lua:if_mac
password=empty
ifcfg=0
mode=L3
start=up
lua-file=/etc/accel-ppp.lua
idle-timeout=900
local-net=192.0.2.0/24
interface=eth0
[radius]
dictionary=/usr/share/accel-ppp/radius/dictionary
nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
server=127.0.0.1,testing123,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=10,weight=1
dae-server=127.0.0.1:3799,testing123
[client-ip-range]
0.0.0.0/0
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
log-debug=/var/log/accel-ppp/debug.log
copy=1
level=5
[shaper]
attr=Filter-Id
ifb=ifb0
up-limiter=htb
down-limiter=htb
[cli]
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
[snmp]
master=0
agent-name=accel-ppp
[connlimit]
limit=10/min
burst=3
timeout=60
# End of /etc/accel-ppp.conf
Code: Select all
# Beginning of /etc/freeradius/3.0/users
"AA:AA:AA:AA:AA:AA" Auth-Type := Accept
Filter-ID := "8000/2000"
"BB:BB:BB:BB:BB:BB" Auth-Type := Accept
Filter-ID := "4000/1000"
# End of first lines of /etc/freeradius/3.0/users.