Modify

Opened 6 years ago

Last modified 4 years ago

#11058 new enhancement

[PATCH] xl2tpd: enable kernel-mode L2TP in kernels 2.6.32+

Reported by: Igor Novgorodov <igor@…> Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: packages Version: Trunk
Keywords: Cc:

Description

The attached patch fixes xl2tpd <-> kernel api incompatibility and allow to use kernel-mode L2TP in trunk with significant drop of CPU usage. Tested in trunk on WNDR3800 and works fine so far.

Maybe we should even add kmod_l2tp and stuff as a dependency to the xl2tpd package.

Attachments (3)

xl2tpd-1.3.0-0001-Add-kernel-support-for-2.6.32.patch (10.5 KB) - added by Igor Novgorodov <igor@…> 6 years ago.
xl2tpd-lns.patch (779 bytes) - added by Sergey Fionov <fionov@…> 6 years ago.
pppol2tp.so parameters fix for LNS
xl2tpd-lns.2.patch (782 bytes) - added by Sergey Fionov <fionov@…> 6 years ago.
pppol2tp.so parameters fix for LNS (previous diff is buggy)

Download all attachments as: .zip

Change History (15)

Changed 6 years ago by Igor Novgorodov <igor@…>

comment:1 Changed 6 years ago by Sergey Fionov <fionov@…>

Hello, I've updated the patch.

  • Fixed UDP descriptor leak to pppd and it scripts
  • Terminate pppd even if xl2tpd killed with SIGTERM
  • Added automatic module load

Latest version is available at https://gist.github.com/1306094

comment:2 Changed 6 years ago by arokh <trondah@…>

Doesn't seem to work for me. Here's the log from when pppd is started:

May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: start_pppd: I'm running: 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "/usr/sbin/pppd" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "passive" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "nodetach" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "192.168.1.80:192.168.1.81" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "refuse-pap" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "auth" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "require-chap" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "name" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "OpenWrt L2TP" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "debug" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "file" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "/etc/ppp/options.xl2tpd" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "ipparam" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "77.17.103.96" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "plugin" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "pppol2tp.so" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "pppol2tp" 
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: "8" 
May  3 11:04:54 OpenWrt daemon.notice xl2tpd[6711]: Call established with 77.17.103.96, Local: 54367, Remote: 944, Serial: 1
May  3 11:04:54 OpenWrt daemon.info pppd[6712]: Plugin pppol2tp.so loaded.
May  3 11:04:54 OpenWrt daemon.info pppd[6712]: pppd options in effect:
May  3 11:04:54 OpenWrt daemon.info pppd[6712]: debug		# (from command line)
May  3 11:04:54 OpenWrt daemon.info pppd[6712]: nodetach		# (from command line)
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: network_thread: recv packet from 77.17.103.96, size = 12, tunnel = 30517, call = 0 ref=0 refhim=0
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: network_thread: recv packet from 77.17.103.96, size = 32, tunnel = 30517, call = 54367 ref=0 refhim=0
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: write_packet: tty is not open yet.
May  3 11:04:54 OpenWrt daemon.debug xl2tpd[6711]: network_thread: bad packet
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: network_thread: recv packet from 77.17.103.96, size = 42, tunnel = 30517, call = 54367 ref=0 refhim=0
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: handle_avps: handling avp's for tunnel 30517, call 54367
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: message_type_avp: message type 14 (Call-Disconnect-Notify)
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: assigned_call_avp: using peer's call 944
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: result_code_avp: result code endianness fix for buggy Apple client. network=768, le=3
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: result_code_avp: peer closing for reason 3 (Control channel already exists), error = 54367 ()
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: control_finish: message type is Call-Disconnect-Notify(14).  Tunnel is 17, call is 944.
May  3 11:04:55 OpenWrt daemon.info xl2tpd[6711]: control_finish: Connection closed to 77.17.103.96, serial 1 ()
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: Terminating pppd: sending TERM signal to pid 6712
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: network_thread: recv packet from 77.17.103.96, size = 42, tunnel = 30517, call = 0 ref=0 refhim=0
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: handle_avps: handling avp's for tunnel 30517, call 0
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: message_type_avp: message type 4 (Stop-Control-Connection-Notification)
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: assigned_tunnel_avp: using peer's tunnel 17
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: result_code_avp: result code endianness fix for buggy Apple client. network=256, le=1
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: result_code_avp: peer closing for reason 1 (General request to clear control connection), error = 54367 ()
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: control_finish: message type is Stop-Control-Connection-Notification(4).  Tunnel is 17, call is 0.
May  3 11:04:55 OpenWrt daemon.info xl2tpd[6711]: control_finish: Connection closed to 77.17.103.96, port 53308 (), Local: 30517, Remote: 17
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: build_fdset: closing down tunnel 30517
May  3 11:04:55 OpenWrt daemon.debug xl2tpd[6711]: network_thread: select returned error 9 (Bad file descriptor)

Here's my xl2tpd.conf:

[global]
port = 1701
;auth file = /etc/xl2tpd/xl2tp-secrets
access control = no
force userspace = yes
;ipsec saref = yes
;debug tunnel = yes
;debug avp = yes
;debug network = yes
;debug state = yes

[lns default]
exclusive = yes
ip range = 192.168.1.81-192.168.1.89
local ip = 192.168.1.80
;hidden bit = no
length bit = yes
name = OpenWrt L2TP
ppp debug = yes
require authentication = yes
unix authentication = no
require chap = yes
refuse pap = yes
pppoptfile = /etc/ppp/options.xl2tpd

And my options.xl2tpd:

lock
auth
name "l2tp-server"
dump
# CCP seems to confuse Android clients, better turn it off
noccp
novj
novjccomp
nopcomp
noaccomp
require-mschap
require-mschap-v2
ms-dns 192.168.1.80
lcp-echo-interval 120
lcp-echo-failure 10
idle 1800
connect-delay 5000
nodefaultroute
noipdefault

proxyarp
mtu 1400
mru 1400

Exact same configuration works when "force userspace = yes". Any ideas?

Changed 6 years ago by Sergey Fionov <fionov@…>

pppol2tp.so parameters fix for LNS

comment:3 Changed 6 years ago by Sergey Fionov <fionov@…>

arokh, what hardware you use as a client? Can you please try the attached patch for xl2tpd lns mode ?

comment:4 Changed 6 years ago by arokh <trondah@…>

Same result with the lns patch. I've only tried my iphone as client.

Changed 6 years ago by Sergey Fionov <fionov@…>

pppol2tp.so parameters fix for LNS (previous diff is buggy)

comment:5 Changed 6 years ago by arokh <trondah@…>

Still no luck :(

comment:6 Changed 6 years ago by anonymous

Similar to arokh, kernel-mode L2TP seems to break IP SARef integration.
I can only get xl2tpd working with saref if I either set "force userspace = yes" in the xl2tpd.conf or unload the kernel module (rmmod l2tp_ppp) prior to starting xl2tpd. Using latest trunk.

comment:7 Changed 5 years ago by anonymous

Still getting the same issue using the iPhone as a client. The previous comment about using force userspace = yes or rmmod l2tp_ppp works

comment:8 Changed 5 years ago by anonymous

You could try to add following 3 lines into /etc/ppp/options.xl2tpd

mtu 1400
noccp
connect-delay 5000

comment:9 follow-up: Changed 4 years ago by niklas@…

I have the same problem, rmmod l2tp_ppp works, but CPU load is very high of course..

my setup:
Router Model NETGEAR WNDR3700
Firmware Version OpenWrt Attitude Adjustment 12.09 / LuCI 0.11.1 Release (0.11.1)
Kernel Version 3.3.8

comment:10 in reply to: ↑ 9 Changed 4 years ago by niklas@…

Replying to niklas@…:

I have the same problem, rmmod l2tp_ppp works, but CPU load is very high of course..

my setup:
Router Model NETGEAR WNDR3700
Firmware Version OpenWrt Attitude Adjustment 12.09 / LuCI 0.11.1 Release (0.11.1)
Kernel Version 3.3.8

I made it work by commenting out the following options in ppp/options.xl2tpd

dump
novj
novjccomp

comment:11 Changed 4 years ago by anonymous

On my Netgear WNDR3700v1 with OpenWrt Trunk r39733 kernel 3.10.32 I've used /etc/ppp/options.xl2tpd config listed below

## Frequently Used Options ##
lock
auth
## Options ##
name "l2tp-server"
#dump
noccp
novj
novjccomp
nopcomp
noaccomp
#require-mschap
require-mschap-v2
ms-dns 192.168.1.80
lcp-echo-interval 120
lcp-echo-failure 10
idle 1800
connect-delay 5000
nodefaultroute
noipdefault


proxyarp
mtu 1400
mru 1400

and it works like a charm

comment:12 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.