Problems with FreeBSD PPPOE server

Ljupco Vangelski ljupco.vangelski at gmail.com
Wed Nov 21 06:43:22 PST 2007 

Hi, first I want to apologize for the size of this mail, but I want to 
explain the situtation better. I'm using a FreeBSD PPPoE server and 
freeRadius RADIUS server for providing dsl services to clients. My 
configuratino is as follows:
- FreeBSD 6.0
- user PPP for PPPoE server
- freeRadius 1.1.6 for RADIUS server

I have multiple vlan's on one network interface, and I have different 
PPPoE severs listening on each one:
/usr/libexec/pppoed -d -P /var/run/pppoed-1.pid -a PPPoE-Service-1 -l 
ppppe-1 vlan1
/usr/libexec/pppoed -d -P /var/run/pppoed-2.pid -a PPPoE-Service-3 -l 
ppppe-2 vlan2
/usr/libexec/pppoed -d -P /var/run/pppoed-3.pid -a PPPoE-Service-3 -l 
ppppe-3 vlan3

My ppp.conf looks like this:

pppoe-1:
set log Chat Command Phase Alert Error TUN
enable pap
allow mode direct
disable ipv6cp
set mru 1492
set mtu 1492
set timeout 0
enable lqr echo
set lqrperiod 30
set ifaddr 10.0.1.1 10.0.1.2-10.0.1.255
set radius /etc/ppp/radius.conf
set rad_alive 60
set dns {ip-ns1} {ip-ns2}
accept dns           

pppoe-2:
set log Chat Command Phase Alert Error TUN
enable pap
allow mode direct
disable ipv6cp
set mru 1492
set mtu 1492
set timeout 0
enable lqr echo
set lqrperiod 30
set ifaddr 10.0.2.1 10.0.2.2-10.0.2.255
set radius /etc/ppp/radius.conf
set rad_alive 60
set dns {ip-ns1} {ip-ns2}
accept dns           

pppoe-3:
set log Chat Command Phase Alert Error TUN
enable pap
allow mode direct
disable ipv6cp
set mru 1492
set mtu 1492
set timeout 0
enable lqr echo
set lqrperiod 30
set ifaddr 10.0.3.1 10.0.3.2-10.0.3.255
set radius /etc/ppp/radius.conf
set rad_alive 60
set dns {ip-ns1} {ip-ns2}
accept dns           

I have few problems which I cannot solve:

* 1) First is a problem with a Linksys SPA3102 Voice Gateway with 
Router**** which is making an PPPoE connection to my server and responds 
with lqr packets with unexpected length. I've tried with the newest 
firmware from Linksys, but the same happens. After 5 LQR Echo packets 
are lost, the PPP session is terminated and the Linksys must reestablish 
it. This has something to do with the Linksys, but is there any 
workaround, can I tell the PPPoE server to accept LQR packets with 
length 6? In man ppp I only see parametars about lcq frequency. set 
openmode passive doesn't help as well. Here is the log from my server:
 pppoed ppp[22886]: tun99: LCP: deflink: SendEchoRequest(2) state = Opened
 pppoed ppp[22886]: tun99: LCP: deflink: RecvEchoReply(2) state = Opened
 pppoed ppp[22886]: tun99: Warning: lqr_RecvEcho: Got packet size 6, 
expecting 12 !

* 2) Sometimes when a client gets disconnected, the ppp process stays 
alive, keeping the tun interface up and the public IP address active. 
So, the freeRadius assigns that IP address to another client, and scince 
the stalled connection is active, the gateway for that IP address is the 
first tun interface and not the on on which the latter client which gets 
connected. And the latter client doesn't have any service, because 
previous ppp connection stays up instead of terminating when the client 
is disconnected (even though the client is disconnected at the RADIUS 
server, the ppp.linkdown script is executed).
Here is a log from the ppp.log file concerning this connection.

== Establishing connection ==
Nov 17 08:46:50 pppoed ppp[95701]: Phase: Using interface: tun56
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: enable pap
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: disable ipv6cp
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set mru 1492
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set mtu 1492
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set timeout 0
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: enable lqr echo
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set lqrperiod 30
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set ifaddr 
10.0.2.1 10.0.2.2-10.0.2.255
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set radius 
/etc/ppp/radius.conf
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set rad_alive 60
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: set dns 
80.77.144.10 80.77.144.11
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: pppoe-2: accept dns
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: PPP Started (direct mode).
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: bundle: Establish
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: closed -> opening
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: Link is a 
netgraph node
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: Connected!
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: opening -> carrier
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: carrier -> lcp
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: bundle: Authenticate
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: his = none, 
mine = PAP
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: Pap Input: REQUEST 
(almqwr14h)
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: Radius: Request sent
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: Radius(auth): ACCEPT 
received
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase:  Session-Timeout 43200
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase:  IP 88.85.109.31
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase:  Netmask 255.255.255.255
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: Pap Output: SUCCESS
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: deflink: lcp -> open
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: bundle: Network
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Phase: Radius(acct): START 
data sent
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Command: breezeaccess-vodno: 
bg /etc/ppp/addClient.sh USER connect HISADDR INTERFACE PPPoE-Service-2 
PROCESSID
Nov 17 08:46:50 pppoed ppp[95701]: tun56: Warning: ff02:45::/32: Change 
route failed: errno: Network is unreachable

== Terminating connection ==
Nov 17 08:50:50 pppoed ppp[95701]: tun56: Phase: deflink: open -> lcp
Nov 17 08:50:50 pppoed ppp[95701]: tun56: Warning: ff02:45::/32: Change 
route failed: errno: Network is unreachable
Nov 17 08:50:50 pppoed ppp[95701]: tun56: Phase: Radius(acct): STOP data 
sent
Nov 17 08:50:50 pppoed ppp[95701]: tun56: Command: pppoe-2: bg 
/etc/ppp/removeClient.sh USER connect HISADDR INTERFACE PPPoE-Service-2 
PROCESSID
Nov 17 08:50:51 pppoed ppp[95701]: tun56: Phase: bundle: Terminate

But, the process holding the interface tun56 stays up and still holds 
the IP 88.85.109.31

* 3) I have ppp processes which keep tun interfaces up, but aren't 
associated with any RADIUS user. For example
tun44: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
        inet 10.0.2.1 --> 10.0.2.63 netmask 0xffffffff
        Opened by PID 8455
tun45: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
        inet 10.0.2.1 --> 10.0.2.188 netmask 0xffffffff
        Opened by PID 51922

Information about the process:
[root at pppoed ~]# ps -auwx | grep 8455
root   8455  0.0  0.2  3252  1900  ??  Ss   13Nov07   0:22.31 
/usr/sbin/ppp -direct pppoe-2

First the MTU is 1500 (not specified anywhere in my /etc/ppp/ppp.conf) 
and the addresses are not from the ippool of the freeradius. Why do 
these connections stay up and don't terminate? Can this cause a DoS 
attack on my router? For example a client starts establishing may ppp 
connections. Is there a way to limit the number of pppoe connections 
(total or per MAC address)? If I set the timeout value, I guess that the 
connections will terminate after that amount of seconds, but can I add 
priority to the Session-Timeout attribute of the RADIUS server, because 
the set timeout is set for all clients.

* 4) Though I think that this is purely freeRadius issue, I would 
appreciate any suggestions, scince I can't solve this annoyng problem. 
The freeRadius assigns duplicate IP addresses to different clients, even 
though the requests come from the same NAS and different PORT type. I 
use freeRadius 1.1.6 with ippool. The feature works great, but once in 
week or so - this happens. It can be resolved only by terminating both 
of the processes, restarting the radius and clearing the

Here is an extraction from my radiusd.conf concerning pools.
        ippool soho-1 {
                range-start = 88.85.109.1
                range-stop = 88.85.109.128
                netmask = 255.255.255.255
                cache-size = 0
                session-db = ${raddbdir}/nov-pool-soho-1
                ip-index = ${raddbdir}/nov-pool-index-1
                override = yes
                maximum-timeout = 0
        }
        ippool soho-2 {
                range-start = 88.85.109.129
                range-stop = 88.85.109.192
                netmask = 255.255.255.255
                cache-size = 0
                session-db = ${raddbdir}/nov-pool-soho-2
                ip-index = ${raddbdir}/nov-pool-index-2
                override = yes
                maximum-timeout = 0
        }
        ippool soho-3 {
                range-start = 88.85.109.193
                range-stop = 88.85.109.255
                netmask = 255.255.255.255
                cache-size = 0
                session-db = ${raddbdir}/pool-soho-3
                ip-index = ${raddbdir}/pool-index-3
                override = yes
                maximum-timeout = 0
        }

I also have them in the accounting and post-auth sections:
accounting {
...
soho-1
soho-2
soho-3
...
}

post-auth {
...
soho-1
soho-2
soho-3
...
}


Thank You very much for Your time,

-- 
Ljupco

More information about the freebsd-isp mailing list