Accel-PPP & vlan-mon config get invalid VLAN
Closed, ResolvedPublicBUG
Actions

Assigned To

Unknown Object (User)

Authored By

	GallySoft
	Oct 21 2020, 3:22 PM

Description

I am in the situation where I need to collect PPP sessions from some VLANs within others. So I made the following configuration:

interfaces {
    bonding bond0 {
        hash-policy layer3+4
        member {
            interface eth6
            interface eth7
        }
        mode 802.3ad
        mtu 9000
        vif 9 {
            address 10.110.2.8/28
            ip {
                ospf {
                    dead-interval 40
                    hello-interval 10
                    mtu-ignore
                    network broadcast
                    priority 1
                    retransmit-interval 5
                    transmit-delay 1
                }
            }
        }
        vif-s 995 {
            protocol 802.1q
            vif-c 130 {
                description VEAUA
            }
            vif-c 2092 {
                description VE_02
            }
            vif-c 2095 {
                description VE_01
            }
            vif-c 2102 {
                description PD_02
            }
            vif-c 2206 {
                description MI/FCO/2
            }
        }
    }
    ethernet eth6 {
        duplex full
        mtu 9000
        speed 10000
    }
    ethernet eth7 {
        duplex full
        mtu 9000
        speed 10000
    }
    loopback lo {
        address 10.110.255.249/32
    }
}
protocols {
    ospf {
        area 0 {
            network 10.110.2.0/28
        }
        parameters {
            abr-type cisco
            router-id 10.110.255.249
        }
        redistribute {
            connected {
                metric-type 1
            }
            static {
                metric-type 1
            }
        }
    }
    static {
    }
}
service {
    pppoe-server {
        access-concentrator BRAS6
        authentication {
            mode radius
            protocols pap
            protocols chap
            radius {
                rate-limit {
                    enable
                }
                server x.x.x.x {
                    key ****************
                }
            }
        }
        gateway-address 10.110.255.249
        interface bond0.995.130 {
            vlan-range 100-3999
        }
        interface bond0.995.2092 {
            vlan-range 100-3999
        }
        interface bond0.995.2095 {
            vlan-range 100-3999
        }
        interface bond0.995.2102 {
            vlan-range 100-3999
        }
        interface bond0.995.2206 {
            vlan-range 100-3999
        }
        mtu 1492
        name-server 8.8.8.8
        name-server 8.8.4.4
    }
    ssh {
        port 21996
    }
}
system {
    config-management {
        commit-revisions 100
    }
    host-name BRAS6
    login {
        user admin {
            authentication {
                encrypted-password ****************
                plaintext-password ****************
            }
        }
    }
    name-server 8.8.8.8
    name-server 8.8.4.4
    ntp {
        server 0.pool.ntp.org {
        }
        server 1.pool.ntp.org {
        }
        server 2.pool.ntp.org {
        }
    }
    syslog {
        global {
            facility all {
                level info
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone Europe/Rome
}

When I go to commit the configuration, however, I don't get any errors, but the router doesn't respond to PPPoE requests. Checking the log I find this:

Oct 17 11:37:39 BRAS6 accel-pppoe: vlan-mon=bond0.995.130,,100-3999: invalid vlan 0
Oct 17 11:37:39 BRAS6 accel-pppoe: vlan-mon=bond0.995.2092,,100-3999: invalid vlan 0
Oct 17 11:37:39 BRAS6 accel-pppoe: vlan-mon=bond0.995.2095,,100-3999: invalid vlan 0
Oct 17 11:37:39 BRAS6 accel-pppoe: vlan-mon=bond0.995.2102,,100-3999: invalid vlan 0
Oct 17 11:37:39 BRAS6 accel-pppoe: vlan-mon=bond0.995.2206,,100-3999: invalid vlan 0

Details

Version: VyOS 1.3-rolling-202010170146
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Unspecified (please specify)

Related Objects

Mentioned In: rVYOSONEX52846e063baf: T3006: add a range validator
rVYOSONEXa43db38e72da: pppoe-server: T3006: Add range to regex generator
rVYOSONEX5d6726b04c49: Merge pull request #1106 from DmitriyEshenko/equuleus-15122021
rVYOSONEX3b6504d4bfc8: pppoe-server: T3006: Add range to regex generator
rVYOSONEX7ac6b589e382: Merge pull request #1100 from DmitriyEshenko/sg-1x-03122021-02
rVYOSONEX45d2429aa5d2: T3006: add a range validator
rVYOSONEX7af98b0bb919: Merge pull request #1102 from dmbaturin/T3006

Event Timeline

GallySoft created this task.Oct 21 2020, 3:22 PM

pasik subscribed.Oct 21 2020, 6:09 PM

Unknown Object (User) claimed this task.Dec 3 2021, 5:46 PM

Unknown Object (User) edited projects, added VyOS 1.4 Sagitta, VyOS 1.3 Equuleus; removed vyos-pppoe-server, vyatta-cfg-op-pppoe.

Unknown Object (User) edited a custom field.

Unknown Object (User) set Issue type to Unspecified (please specify).

PR https://github.com/vyos/vyos-1x/pull/1100

Restricted Repository Identity mentioned this in rVYOSONEX7af98b0bb919: Merge pull request #1102 from dmbaturin/T3006.Dec 7 2021, 5:13 PM

dmbaturin mentioned this in rVYOSONEX45d2429aa5d2: T3006: add a range validator.Dec 7 2021, 5:13 PM

Restricted Repository Identity mentioned this in rVYOSONEX7ac6b589e382: Merge pull request #1100 from DmitriyEshenko/sg-1x-03122021-02.Dec 7 2021, 6:55 PM

Unknown Object (User) mentioned this in rVYOSONEX3b6504d4bfc8: pppoe-server: T3006: Add range to regex generator.Dec 7 2021, 6:55 PM

Unknown Object (User) changed the task status from In progress to Needs testing.Dec 7 2021, 6:56 PM

On VyOS 1.3-beta-202112150443 seems not working:

Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.130,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.132,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.247,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.359,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.393,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.1249,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.1537,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.1678,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.1698,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.1711,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.2092,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.2095,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.2102,,100-3999: invalid vlan 0
Dec 15 17:26:13 accel-pppoe[4520]: vlan-mon=bond0.995.2206,,100-3999: invalid vlan 0

Config:

service {
    pppoe-server {
        access-concentrator BRAS6
        authentication {
            mode radius
            protocols pap
            protocols chap
            radius {
                rate-limit {
                    enable
                }
                server x.x.x.x {
                    key ****************
                }
            }
        }
        gateway-address 10.110.255.249
        interface bond0.995.130 {
            vlan-range 100-3999
        }
        interface bond0.995.132 {
            vlan-range 100-3999
        }
        interface bond0.995.247 {
            vlan-range 100-3999
        }
        interface bond0.995.359 {
            vlan-range 100-3999
        }
        interface bond0.995.393 {
            vlan-range 100-3999
        }
        interface bond0.995.1249 {
            vlan-range 100-3999
        }
        interface bond0.995.1537 {
            vlan-range 100-3999
        }
        interface bond0.995.1678 {
            vlan-range 100-3999
        }
        interface bond0.995.1698 {
            vlan-range 100-3999
        }
        interface bond0.995.1711 {
            vlan-range 100-3999
        }
        interface bond0.995.2092 {
            vlan-range 100-3999
        }
        interface bond0.995.2095 {
            vlan-range 100-3999
        }
        interface bond0.995.2102 {
            vlan-range 100-3999
        }
        interface bond0.995.2206 {
            vlan-range 100-3999
        }
        mtu 1492
        name-server 8.8.8.8
        name-server 8.8.4.4
    }
}

Hi @GallySoft, this fix is still not in 1.3. Try to test it on 1.4 fresh rollings.

Hi @Dmitry, thank you.

I switched to VyOS 1.4-rolling-202112150318. Now there are no more errors in the logs. Apparently everything seems OK, accel-pppoe starts correctly:

Dec 15 18:31:03 systemd[1]: Starting Accel-PPP - High performance VPN server application for Linux...
Dec 15 18:31:03 systemd[1]: Started Accel-PPP - High performance VPN server application for Linux.

Now, however, the show pppoe-server interfaces command no longer returns any interfaces:

admin@BRAS6:~$ show pppoe-server interfaces
 interface:   connections:    state:
-----------------------------------

Sessions do not go up:

admin@BRAS6:~$ show pppoe-server statistics
 uptime: 0.00:17:13
cpu: 0%
mem(rss/virt): 5672/168892 kB
core:
  mempool_allocated: 133466
  mempool_available: 131810
  thread_count: 4
  thread_active: 1
  context_count: 6
  context_sleeping: 0
  context_pending: 0
  md_handler_count: 3
  md_handler_pending: 0
  timer_count: 0
  timer_pending: 0
sessions:
  starting: 0
  active: 0
  finishing: 0
pppoe:
  starting: 0
  active: 0
  delayed PADO: 0
  recv PADI: 0
  drop PADI: 0
  sent PADO: 0
  recv PADR(dup): 0(0)
  sent PADS: 0
  filtered: 0
radius(1, x.x.x.x):
  state: active
  fail count: 0
  request count: 0
  queue length: 0
  auth sent: 0
  auth lost(total/5m/1m): 0/0/0
  auth avg query time(5m/1m): 0/0 ms
  acct sent: 0
  acct lost(total/5m/1m): 0/0/0
  acct avg query time(5m/1m): 0/0 ms
  interim sent: 0
  interim lost(total/5m/1m): 0/0/0
  interim avg query time(5m/1m): 0/0 ms

@GallySoft could you please share your configuration commands?
Is S-VLAN 995 and C-VLAN 2092 as an example configured on the bond0 interface?

set interfaces bonding bond0 vif-s 995 vif-c 2092

Note: all parent interfaces should be created via CLI
In your case: bond0.995.2092 and ...

Restricted Repository Identity mentioned this in rVYOSONEX5d6726b04c49: Merge pull request #1106 from DmitriyEshenko/equuleus-15122021.Dec 15 2021, 9:51 PM

Unknown Object (User) mentioned this in rVYOSONEXa43db38e72da: pppoe-server: T3006: Add range to regex generator.Dec 15 2021, 9:51 PM

jestabro mentioned this in rVYOSONEX52846e063baf: T3006: add a range validator.Dec 16 2021, 2:30 PM

@Dmitry there it is:

admin@BRAS6:~$ show configuration commands
set interfaces bonding bond0 hash-policy 'layer3+4'
set interfaces bonding bond0 member interface 'eth6'
set interfaces bonding bond0 member interface 'eth7'
set interfaces bonding bond0 mode '802.3ad'
set interfaces bonding bond0 mtu '9000'
set interfaces bonding bond0 vif 9 address '10.110.2.8/28'
set interfaces bonding bond0 vif-s 995 protocol '802.1q'
set interfaces bonding bond0 vif-s 995 vif-c 130 description 'VEAUA'
set interfaces bonding bond0 vif-s 995 vif-c 132 description 'TV_01'
set interfaces bonding bond0 vif-s 995 vif-c 247 description 'FEAPA'
set interfaces bonding bond0 vif-s 995 vif-c 359 description 'ROBKA'
set interfaces bonding bond0 vif-s 995 vif-c 393 description 'VEAKA'
set interfaces bonding bond0 vif-s 995 vif-c 1249 description 'VEAKA'
set interfaces bonding bond0 vif-s 995 vif-c 1537 description 'PD_01'
set interfaces bonding bond0 vif-s 995 vif-c 1678 description 'VIBJA'
set interfaces bonding bond0 vif-s 995 vif-c 1698 description 'PDDQA'
set interfaces bonding bond0 vif-s 995 vif-c 1711 description 'ROACA'
set interfaces bonding bond0 vif-s 995 vif-c 2092 description 'VE_02'
set interfaces bonding bond0 vif-s 995 vif-c 2095 description 'VE_01'
set interfaces bonding bond0 vif-s 995 vif-c 2102 description 'PD_02'
set interfaces bonding bond0 vif-s 995 vif-c 2206 description 'MI/FCO/2'
set interfaces ethernet eth0 offload gro
set interfaces ethernet eth0 offload gso
set interfaces ethernet eth0 offload sg
set interfaces ethernet eth0 offload tso
set interfaces ethernet eth1 offload gro
set interfaces ethernet eth1 offload gso
set interfaces ethernet eth1 offload sg
set interfaces ethernet eth1 offload tso
set interfaces ethernet eth6 duplex 'full'
set interfaces ethernet eth6 mtu '9000'
set interfaces ethernet eth6 offload gro
set interfaces ethernet eth6 offload gso
set interfaces ethernet eth6 offload sg
set interfaces ethernet eth6 offload tso
set interfaces ethernet eth6 speed '10000'
set interfaces ethernet eth7 duplex 'full'
set interfaces ethernet eth7 mtu '9000'
set interfaces ethernet eth7 offload gro
set interfaces ethernet eth7 offload gso
set interfaces ethernet eth7 offload sg
set interfaces ethernet eth7 offload tso
set interfaces ethernet eth7 speed '10000'
set interfaces loopback lo address '10.110.255.249/32'
set protocols ospf area 0 network '10.110.2.0/28'
set protocols ospf interface bond0.9 dead-interval '40'
set protocols ospf interface bond0.9 hello-interval '10'
set protocols ospf interface bond0.9 mtu-ignore
set protocols ospf interface bond0.9 network 'broadcast'
set protocols ospf interface bond0.9 priority '1'
set protocols ospf interface bond0.9 retransmit-interval '5'
set protocols ospf interface bond0.9 transmit-delay '1'
set protocols ospf parameters abr-type 'cisco'
set protocols ospf parameters router-id '10.110.255.249'
set protocols ospf redistribute connected metric-type '1'
set protocols ospf redistribute static metric-type '1'
set protocols static
set service pppoe-server access-concentrator 'BRAS6'
set service pppoe-server authentication mode 'radius'
set service pppoe-server authentication protocols 'pap'
set service pppoe-server authentication protocols 'chap'
set service pppoe-server authentication radius rate-limit enable
set service pppoe-server authentication radius server x.x.x.x key 'xxxxxxxx'
set service pppoe-server gateway-address '10.110.255.249'
set service pppoe-server interface bond0.995.130 vlan-range '100-3999'
set service pppoe-server interface bond0.995.132 vlan-range '100-3999'
set service pppoe-server interface bond0.995.247 vlan-range '100-3999'
set service pppoe-server interface bond0.995.359 vlan-range '100-3999'
set service pppoe-server interface bond0.995.393 vlan-range '100-3999'
set service pppoe-server interface bond0.995.1249 vlan-range '100-3999'
set service pppoe-server interface bond0.995.1537 vlan-range '100-3999'
set service pppoe-server interface bond0.995.1678 vlan-range '100-3999'
set service pppoe-server interface bond0.995.1698 vlan-range '100-3999'
set service pppoe-server interface bond0.995.1711 vlan-range '100-3999'
set service pppoe-server interface bond0.995.2092 vlan-range '100-3999'
set service pppoe-server interface bond0.995.2095 vlan-range '100-3999'
set service pppoe-server interface bond0.995.2102 vlan-range '100-3999'
set service pppoe-server interface bond0.995.2206 vlan-range '100-3999'
set service pppoe-server mtu '1492'
set service pppoe-server name-server '8.8.8.8'
set service pppoe-server name-server '8.8.4.4'
set service ssh port '21996'
set system config-management commit-revisions '100'
set system conntrack modules ftp
set system conntrack modules h323
set system conntrack modules nfs
set system conntrack modules pptp
set system conntrack modules sip
set system conntrack modules sqlnet
set system conntrack modules tftp
set system host-name 'BRAS6'
set system login user admin authentication encrypted-password 'xxxxxxx'
set system login user admin authentication plaintext-password ''
set system name-server '8.8.8.8'
set system name-server '8.8.4.4'
set system ntp server 0.pool.ntp.org
set system ntp server 1.pool.ntp.org
set system ntp server 2.pool.ntp.org
set system syslog global facility all level 'info'
set system syslog global facility protocols level 'debug'
set system time-zone 'Europe/Rome'

This is show interfaces:

admin@BRAS6:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
bond0            -                                 u/u
bond0.9          10.110.2.8/28                     u/u
bond0.995        -                                 u/u
bond0.995.130    -                                 u/u  VEAUA
bond0.995.132    -                                 u/u  TV_01
bond0.995.247    -                                 u/u  FEAPA
bond0.995.359    -                                 u/u  ROBKA
bond0.995.393    -                                 u/u  VEAKA
bond0.995.1249   -                                 u/u  VEAKA
bond0.995.1537   -                                 u/u  PD_01
bond0.995.1678   -                                 u/u  VIBJA
bond0.995.1698   -                                 u/u  PDDQA
bond0.995.1711   -                                 u/u  ROACA
bond0.995.2092   -                                 u/u  VE_02
bond0.995.2095   -                                 u/u  VE_01
bond0.995.2102   -                                 u/u  PD_02
bond0.995.2206   -                                 u/u  MI/FCO/2
eth0             -                                 u/D
eth1             -                                 u/D
eth6             -                                 u/u
eth7             -                                 u/u
lo               127.0.0.1/8                       u/u
                 10.110.255.249/32
                 ::1/128

I think this is the limitation with the Linux interface name, it should not be higher than 16 characters. In you config I see, as an example (bond0.995.130 = 13 chars and additional part .100 = 4) = 17
I know how we can fix it manually, but I'm not sure that it is a good idea.
Accel-PPP supports name changing for created interface by vlan_mon module

[pppoe]
vlan-name=e0.%P.%N
interface=re:^e0\.\d+\.\d+

you can try to change this manually (edit /run/accel-ppp/pppoe.conf) and restart pppoe-server

Unknown Object (User) closed this task as Resolved.Feb 15 2022, 3:35 PM

syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Aug 29 2022, 12:15 PM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.

syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.

Accel-PPP & vlan-mon config get invalid VLANClosed, ResolvedPublicBUGActions

Description

Details

Related Objects

Event Timeline

Accel-PPP & vlan-mon config get invalid VLAN
Closed, ResolvedPublicBUG
Actions