Page MenuHomeVyOS Platform

IPoE-server ethX vlan must not be used with client-subnet
Closed, ResolvedPublicBUG

Description

IPoE-server interface ethX vlan (vlan-mon) must not be used with client-subnet

set service ipoe-server authentication mode 'noauth'
set service ipoe-server interface eth1 client-subnet '100.64.204.0/24'
set service ipoe-server interface eth1 network 'vlan'
set service ipoe-server interface eth1 vlan '2000-2021'

It generates the next configuration:

[email protected]# cat /run/accel-pppd/ipoe.conf | grep "\[ipoe" -A 10
[ipoe]
verbose=1
interface=re:^eth1\.(200\d|201\d|202[0-1])$,shared=0,mode=L2,ifcfg=1,range=100.64.204.0/24,start=dhcpv4,ipv6=1
vlan-mon=eth1,2000-2021
noauth=1
proxy-arp=1

vlan-mon means that VLANs (2000-2021) will be added dynamically and attached to eth1 interface
But instead of using the shared network range for all VLANs it will generate a configuration that each VLAN uses separately and the same range 100.64.204.0/24
I.e

eth1.2000 range 100.64.204.0/24 (the first client gets address from 100.64.204.2)
eth2.2001 range 100.64.204.0/24 (the first client gets address from 100.64.204.2)

It causes the clients in different VLANs get the same IP addresses which is a wrong behavior

[email protected]:~$ show ipoe-server sessions 
ifname   | username |    calling-sid    |      ip      | rate-limit | type | comp | state  |  uptime  
-----------+----------+-------------------+--------------+------------+------+------+--------+----------
 eth1.2004 |          | 00:50:79:66:68:0c | 100.64.204.2 |            | ipoe |      | active | 00:00:22 
 eth1.2005 |          | 00:50:79:66:68:0d | 100.64.204.2 |            | ipoe |      | active | 00:00:14
[email protected]:~$

We need to disable such options in the verify section. And use named ip-polls instead. set service ipoe-server client-ip-pool name.

Details

Difficulty level
Normal (likely a few hours)
Version
VyOS 1.4-rolling-202303071039
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

Viacheslav renamed this task from IPoE-server network vlan must not be used with client-subnet to IPoE-server ethX vlan must not be used with client-subnet.Tue, Mar 7, 3:27 PM
Viacheslav changed the task status from Open to In progress.
Viacheslav claimed this task.
Viacheslav updated the task description. (Show Details)
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.