IPoE dictionary problem trough DSLAM

IPoE related questions
Post Reply
felipepanini
Posts: 7
Joined: 11 Dec 2018, 12:35

IPoE dictionary problem trough DSLAM

Post by felipepanini »

Hi,
we have been using Accel with PPPoE for quite some time now, and been trying to implement IPoE for the past few months.
We are now in the following situation:
We managed to make it work when we connect to the Accel server trough a cisco with a VLAN using a TPlink SOHO router.Our Radius gives out the IP to the equipment. Works as expected.
The problem occurs when we add a DSLAM Huawei SmartAX5616 after the cisco, and connect a modem to it.
The modem gets DHCP, all the parameters are completed (IP, MASK, Gateway...) but it does not ping to the outside, and does reach the internet.
By making tests we discovered that when we set to the radius dictionary to not use the attribute "ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr" it works. But we lose the option to make our radius to give out the IP, and the Accel becomes responsible for this task instead.
Is there a way to now why the problem occurs when we add the DSLAM, but it works when we change the "radius attribute" configuration?
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: IPoE dictionary problem trough DSLAM

Post by dimka88 »

Hi
1) show me you accel-ppp.conf
2) Try set [ipoe]gw-ip-address=x.x.x.x/24 instead DHCP-Router-IP-Address and comment #attr-dhcp-router-ip=DHCP-Router-IP-Address

Code: Select all

[ipoe]
gw-ip-address=x.x.x.x/24
gw-ip-address=y.y.y.y/24
gw-ip-address=z.z.z.z/24
felipepanini
Posts: 7
Joined: 11 Dec 2018, 12:35

Re: IPoE dictionary problem trough DSLAM

Post by felipepanini »

Hi,

The IPOE section of the accel.conf is:

Code: Select all

[ipoe]
ip-unnumbered=1
verbose=10
username=lua:username
#password=password
lua-file=/etc/accel-ppp.lua
max-lease-time=900
lease-time=300
renew-time=300
unit-cache=0
attr-dhcp-client-ip=Framed-IP-Address
attr-dhcp-router-ip=DHCP-Router-IP-Address
#gw-ip-address=100.64.254.254/16
check-mac-change=1
soft-terminate=1
calling-sid=mac
##vlan-mon=enp6s0f0,1-4094
##vlan-timeout=900
##vlan-name=%I.%N
#interface=re:enp6s0f0.*
interface=enp0s20f0
interface=enp0s20f1
mode=L2
proxy-arp=1
shared=1
start=dhcpv4
ifcfg=1

interface=enp6s0f0.555,padi-limit=60
We already tried the:

Code: Select all


#attr-dhcp-router-ip=DHCP-Router-IP-Address
gw-ip-address=100.64.254.254/16

And it worked, but this way, the Accel server becomes responsible for the IP distribution instead of the radius, and we need the radius to be responsible.
The thing is, when the radius is responsible, it does not work when the DSLAM is being used. If there is no DSLAM in the middle, then the IPOE works fine.
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: IPoE dictionary problem trough DSLAM

Post by dimka88 »

1st, change [ipoe]renew-time=150 (lease-time/2)
2nd, [ipoe] does not understand option padi-limit, if you need balancing, use . offer-delay or weight

show me log with [log]level=5 when use DSLAM and attr-dhcp-router-ip=DHCP-Router-IP-Address
felipepanini
Posts: 7
Joined: 11 Dec 2018, 12:35

Re: IPoE dictionary problem trough DSLAM

Post by felipepanini »

hi,
This is the log when using DSLAM

Code: Select all

[2019-02-07 15:43:47]:  info: recv [RADIUS(1) Accounting-Response id=1]
[2019-02-07 15:43:47]:  info: ipoe: stop interface enp0s20f0
[2019-02-07 15:43:47]:  info: ipoe: stop interface enp0s20f1.187
[2019-02-07 15:43:48]:  warn: failed to load ipoe module
[2019-02-07 15:43:48]:  info: ipoe: start interface enp0s20f0 ()
[2019-02-07 15:43:48]:  info: ipoe: start interface enp0s20f1.187 ()
[2019-02-07 15:43:48]: error: ipoe: 'enp6s20f1.187': ioctl(SIOCGIFINDEX): No such device
[2019-02-07 15:43:48]:  warn: failed to load vlan_mon module
[2019-02-07 15:43:48]:  warn: shaper: requested 'htb' upstream limiter, but no 'ifb' specified, falling back to police...
[2019-02-07 15:44:00]: debug: cli: disconnect
[2019-02-07 15:44:20]:  info: enp0s20f1.187: recv [DHCPv4 Discover xid=84e68d15 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Discover> <Max-Message-Size 1024> <Client-ID 01ac84c6a1f1f1> <Host-Name TD-W9970> <Vendor-Class 4d53465420352e30> <Request-List Subnet,Router,DNS,Domain-Name,Vendor-Specific,44,46,47>]
[2019-02-07 15:44:20]:  info: ipoe0: create interface ipoe0 parent enp0s20f1.187
[2019-02-07 15:44:20]: debug: ipoe0: radius(1): req_enter 1
[2019-02-07 15:44:20]:  info: ipoe0: send [RADIUS(1) Access-Request id=1 <User-Name "ac:84:c6:a1:f1:f1"> <NAS-Identifier "accel2-ppp2"> <NAS-IP-Address 177.86.23.246> <NAS-Port 156121> <NAS-Port-Id "ipoe0"> <NAS-Port-Type Ethernet> <Calling-Station-Id "ac:84:c6:a1:f1:f1"> <Called-Station-Id "enp0s20f1.187"> <User-Password 0x1f86ec9039d6001cc8cab18f8ee440176897c26271c5f7cf5e748ff40515b5ac>]
[2019-02-07 15:44:20]:  warn: ipoe0: radius:packet: vendor 26 not found
[2019-02-07 15:44:20]:  warn: ipoe0: radius:packet: vendor 26 not found
[2019-02-07 15:44:20]:  warn: ipoe0: radius:packet: unknown attribute received (0,169)
[2019-02-07 15:44:20]:  warn: ipoe0: radius:packet: unknown attribute received (0,169)
[2019-02-07 15:44:20]:  warn: ipoe0: radius:packet: vendor 26 not found
[2019-02-07 15:44:20]: debug: ipoe0: radius(1): req_exit 0
[2019-02-07 15:44:20]:  info: ipoe0: recv [RADIUS(1) Access-Accept id=1 <DHCP-Router-IP-Address 177.86.23.246> <MS-Primary-DNS-Server 8.8.8.8> <Vendor-Specific 0x00000a4c1f06b1561009> <MS-Secondary-DNS-Server 8.8.4.4> <Vendor-Specific 0x00000a4c2106b156100a> <NAS-Port-Id "IPoE-13027"> <Acct-Interim-Interval 1200> <Vendor-Specific 0x00003a8c08233132323430306b2f3132323430306b20302f3020302f3020302f30203120302f30> <PPPD-Upstream-Speed-Limit 122400> <PPPD-Downstream-Speed-Limit 122400> <Cisco-AVPair "lcp:interface-config#1=rate-limit input 122400000 0 0 conform-action transmit exceed-action drop"> <Cisco-AVPair "lcp:interface-config#1=rate-limit output 122400000 0 0 conform-action transmit exceed-action drop"> <Framed-IP-Address 100.64.102.19>]
[2019-02-07 15:44:20]:  info: ipoe0: ac:84:c6:a1:f1:f1: authentication succeeded
[2019-02-07 15:44:20]:  info: ipoe0: send [DHCPv4 Offer xid=84e68d15 yiaddr=100.64.102.19 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Offer> <Server-ID y.y.y.y> <Lease-Time 300> <T1 150> <Router 177.86.23.246> <Subnet 255.255.255.255> <DNS 8.8.8.8,8.8.4.4>]
[2019-02-07 15:44:21]:  info: ipoe0: recv [DHCPv4 Request xid=84e68d15 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Request> <Max-Message-Size 1024> <Client-ID 01ac84c6a1f1f1> <Host-Name TD-W9970> <Vendor-Class 4d53465420352e30> <Request-IP 100.64.102.19> <Server-ID 177.86.23.246> <Request-List Subnet,Router,DNS,Domain-Name,Vendor-Specific,44,46,47>]
[2019-02-07 15:44:21]: debug: ipoe0: ipoe: activate session
[2019-02-07 15:44:21]:  info: ipoe0: rename interface to 'IPoE-13027'
[2019-02-07 15:44:21]: debug: IPoE-13027: radius(1): req_enter 1
[2019-02-07 15:44:21]:  info: IPoE-13027: send [RADIUS(1) Accounting-Request id=1 <User-Name "ac:84:c6:a1:f1:f1"> <NAS-Identifier "accel2-ppp2"> <NAS-IP-Address 177.86.23.246> <NAS-Port 156121> <NAS-Port-Id "IPoE-13027"> <NAS-Port-Type Ethernet> <Calling-Station-Id "ac:84:c6:a1:f1:f1"> <Called-Station-Id "enp0s20f1.187"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "CBD4E7AF5525A577"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address 100.64.102.19>]
[2019-02-07 15:44:21]:  info: IPoE-13027: send [DHCPv4 Ack xid=84e68d15 yiaddr=100.64.102.19 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Ack> <Server-ID 177.86.23.246> <Lease-Time 300> <T1 150> <Router 177.86.23.246> <Subnet 255.255.255.255> <DNS 8.8.8.8,8.8.4.4>]
[2019-02-07 15:44:21]: debug: IPoE-13027: radius(1): req_exit 0
[2019-02-07 15:44:21]:  info: IPoE-13027: recv [RADIUS(1) Accounting-Response id=1]
[2019-02-07 15:44:21]:  info: IPoE-13027: ipoe: session started
[2019-02-07 15:48:45]:  info: IPoE-13027: recv [DHCPv4 Request xid=84e68d15 ciaddr=100.64.102.19 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Request> <Max-Message-Size 1024> <Client-ID 01ac84c6a1f1f1> <Host-Name TD-W9970> <Vendor-Class 4d53465420352e30> <Request-List Subnet,Router,DNS,Domain-Name,Vendor-Specific,44,46,47>]
[2019-02-07 15:48:45]:  info: IPoE-13027: send [DHCPv4 Ack xid=84e68d15 ciaddr=100.64.102.19 yiaddr=100.64.102.19 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Ack> <Server-ID 177.86.23.246> <Lease-Time 300> <T1 150> <Router 177.86.23.246> <Subnet 255.255.255.255> <DNS 8.8.8.8,8.8.4.4>]
[2019-02-07 15:53:09]:  info: IPoE-13027: recv [DHCPv4 Request xid=84e68d15 ciaddr=100.64.102.19 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Request> <Max-Message-Size 1024> <Client-ID 01ac84c6a1f1f1> <Host-Name TD-W9970> <Vendor-Class 4d53465420352e30> <Request-List Subnet,Router,DNS,Domain-Name,Vendor-Specific,44,46,47>]
[2019-02-07 15:53:09]:  info: IPoE-13027: send [DHCPv4 Ack xid=84e68d15 ciaddr=100.64.102.19 yiaddr=100.64.102.19 chaddr=ac:84:c6:a1:f1:f1 <Message-Type Ack> <Server-ID 177.86.23.246> <Lease-Time 300> <T1 150> <Router 177.86.23.246> <Subnet 255.255.255.255> <DNS 8.8.8.8,8.8.4.4>]

dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: IPoE dictionary problem trough DSLAM

Post by dimka88 »

You client assign ip (100.64.102.19) with netmask /32, and client does not see gw-ip-address (177.86.23.246).
Try comment #attr-dhcp-router-ip=DHCP-Router-IP-Address again and set

Code: Select all

[ipoe]
gw-ip-address=100.64.254.254/16
You radius return Framed-IP-Address 100.64.102.19 than client need gw 100.64.102.X/(16,24...)

Or just send with radius DHCP-Router-IP-Address like 100.64.0.X/(16,24...) and attribute with mask (DHCP-Mask not 32, for example send 24 or 16 )

Code: Select all

[ipoe]
attr-dhcp-client-ip=Framed-IP-Address
attr-dhcp-router-ip=DHCP-Router-IP-Address
attr-dhcp-mask=DHCP-Mask
Post Reply