summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhagbard <vyosdev@derith.de>2018-11-23 14:57:47 -0800
committerhagbard <vyosdev@derith.de>2018-11-23 14:57:47 -0800
commit1d581d18e8bbf6e63c00307579c4c9e28968bdd4 (patch)
tree1f77edc1d0d068fd6548f243828da8c37a2687a2
parentdc90c83f59f422f21bdb457678b3e27a6ca3dd7e (diff)
downloadvyos-documentation-1d581d18e8bbf6e63c00307579c4c9e28968bdd4.tar.gz
vyos-documentation-1d581d18e8bbf6e63c00307579c4c9e28968bdd4.zip
Fixes: T1038 Write documentation for setting up a pppoe server
-rw-r--r--docs/services.rst50
1 files changed, 50 insertions, 0 deletions
diff --git a/docs/services.rst b/docs/services.rst
index a635f076..320555d4 100644
--- a/docs/services.rst
+++ b/docs/services.rst
@@ -1095,6 +1095,55 @@ mDNS repeater can be temporarily disabled without deleting the service using
.. note:: You can not run this in a VRRP setup, if multiple mDNS repeaters
are launched in a subnet you will experience the mDNS packet storm death!
+PPPoE server
+------------
+
+VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server.
+
+**Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing PPPoE connections from connected users, in order to become effective.**
+
+Configuration
+^^^^^^^^^^^^^
+
+The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves only requests in the interface eth1.
+
+.. code-block:: sh
+
+ set service pppoe-server access-concentrator 'ACN'
+ set service pppoe-server authentication local-users username foo password 'bar'
+ set service pppoe-server authentication mode 'local'
+ set service pppoe-server client-ip-pool start '10.1.1.100'
+ set service pppoe-server client-ip-pool stop '10.1.1.111'
+ set service pppoe-server dns-servers server-1 '10.100.100.1'
+ set service pppoe-server dns-servers server-2 '10.100.200.1'
+ set service pppoe-server interface 'eth1'
+ set service pppoe-server local-ip '10.1.1.2'
+
+
+Connections can be locally checked via the command
+
+.. code-block:: sh
+
+ show pppoe-server sessions
+ ifname | username | calling-sid | ip | type | comp | state | uptime
+ -------+----------+-------------------+------------+-------+------+--------+----------
+ ppp0 | foo | 08:00:27:fa:3e:50 | 10.1.1.100 | pppoe | | active | 00:04:15
+
+
+To use a radius server, you need to switch to authentication mode radius and of course need to specify an IP for the server. You can have multiple RADIUS server configured, if you wish to
+achieve redundancy.
+
+.. code-block:: sh
+
+ set service pppoe-server access-concentrator 'ACN'
+ set service pppoe-server authentication mode 'radius'
+ set service pppoe-server authentication radius-server 10.1.100.1 secret 'secret'
+ set service pppoe-server interface 'eth1'
+ set service pppoe-server local-ip '10.1.1.2'
+
+RADIUS provides the IP addresses in the example above via Framed-IP-Address.
+
+
UDP broadcast relay
-------------------
@@ -1626,3 +1675,4 @@ The size of the proxy cache can be adjusted by the user.
.. _TFTP: https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
.. _Squid3: http://www.squid-cache.org/
.. _Squidguard: http://www.squidguard.org/
+.. _`accel-ppp`: https://accel-ppp.org/