| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Add info [ipoe]session-timeout and [ipoe]idle-timeout to accel-ppp.conf.5
|
|
Add info [modules]connlimit to accel-ppp.conf.5
|
|
Fix: ipv6-dns accel-ppp.conf.5
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
following bind option formats are valid:
bind=x.x.x.x
bind=2001:db8::1
bind=unix:/var/run/sstp.socket
bind=unix:@sstp
port option is meaningful for ipv4 and ipv6 only
|
|
currently the only ssl value is supported
|
|
|
|
|
|
new config options:
[ipoe]
weight=N - global weight
interface=ethX,weight=N - per-interface weight
How it works:
On reception of DHCPDISCOVER accel-ppp sends broadcast DHCP message to port 67 with same xid and add special vendor-specific option
where encodes its current session count multipled by weight.
On reception of such message accel-ppp searches session with same xid and compares weight.
If received weight is less than session's weight then it terminates this session.
per-interface weight=0 has special meaning as backup (fail-over) interface, f.e. it terminates session on any received weight.
By default weight based load balancing is disabled.
To enable need to specify global or/and per-interface weight.
|
|
If pool specified with /128 prefix length, then initialize intf_id by gw_ip6_address and peer_intf_id by generated pool address.
|
|
config changes:
[ip-pool]
x.x.x.x/mask,name=pool1
y.y.y.y/mask,name=pool2,next=pool1
|
|
Reuse exsisting radius functionality and allow set iterface name
template for pppoe/pptp/l2tp, '%d' specification will be replaced
automagically to the next available index by kernel.
PPP interface rename allows to easy differ client's interfaces from
the other ppp ones, for example, with just netfilter interface rules.
Example:
[pptp]
ifname=pptp%d will produce pptp0, pptp1, ...
|
|
|
|
|
|
accept-any-service to provide backward compatibility with old accel-ppp
|
|
If set to 1 then allocate unit (interface) before authorization, so Nas-Port and Nas-Port-Id would be defined in Access-Request phase
|
|
If start=auto is specified then accel-pppd automatically starts session with username = interface name on shared=0 interfaces.
Use it with conjuction vlan_mon. So any packet may start session.
|
|
local-net is used to filter incomming packets which may start UP session
|
|
|
|
|
|
|
|
This option specifies value of Calling-Station-Id value.
Available options are 'mac' and 'ip'.
|
|
Default behaviour of accel-ppp when it receives DHCP request with same Option 82 but different MAC address
is termination of old session (with previous MAC address).
This option can turn off such behaviour, so multiple sessions with same Option 82 but different MAC may coesist.
|
|
|
|
If password=csid then password will we same as Calling-Station-Id.
|
|
If specified then fwmark filters will be installed to bypass shaper
|
|
shaper: introduced moderate-quantum option
If fixed quantum is not specified and moderate-quantum is specified then shaper module
will check for quantum value to be in valid range (1000-200000).
This suppresses annoying kernel messages.
Remark: quantum is rate/r2q, rate is in bytes/sec.
|
|
If authentication rejects session, but l4-redirect-on-reject is specified in config then
temporary session will be created and l4 redirect rule will be applied to IP of that session.
Session will be terminated after specified number of seconds.
Also if l4-redirect-ip-pool option is specified then IP will be allocated from that special pool.
|
|
|
|
If verbose=0 then cli won't produce any logging
if verbose=1 then log only connections
if verbose=2 then log also executed commands
|
|
|
|
Parameters are same as for tc:
[shaper]
leaf-qdisc=fq_codel [ limit PACKETS ] [flows NUMBER ] [ target TIME ] [ interval TIME ] [ quantum BYTES ] [ [no]ecn ]
|
|
If specified then accel-ppp will send tunnel type as string (pppoe,pptp,l2tp,ipoe).
|
|
New options are applied to server option as server=...[,weight=x][,backup]
Weight is used for multi-server configurations (larger weight takes more users).
Backup is used to mark backup server f.e. server which will be used only if all other servers are failed.
|
|
By default list of IP address is serial at startup.
This option shuffles initial IP list so it becomes more random.
|
|
This new option will control how to represent Called-Station-ID.
Its value maybe ifname,mac or ifname:mac.
By default mac is used to keep compatibility with old versions.
Also old option ifname-in-sid is removed from documentation, but is still supported for compatibility.
|
|
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
* Set default retransmission timeout to 1 second. Since we now have
exponential backoff, we can afford a smaller value.
* Add the rtimeout-cap option to set the maximum value the
retransmission timer has to respect during exponential backoff.
* Store the maximun number of retransmissions in tunnel's structure
(like other retransmission parameters).
* Describe all these changes in man page and reset them to their
default values if they're removed from configuration file before a
reload.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
