diff options
author | hagbard <vyosdev@derith.de> | 2018-11-23 14:57:47 -0800 |
---|---|---|
committer | hagbard <vyosdev@derith.de> | 2018-11-23 14:57:47 -0800 |
commit | 1d581d18e8bbf6e63c00307579c4c9e28968bdd4 (patch) | |
tree | 1f77edc1d0d068fd6548f243828da8c37a2687a2 | |
parent | dc90c83f59f422f21bdb457678b3e27a6ca3dd7e (diff) | |
download | vyos-documentation-1d581d18e8bbf6e63c00307579c4c9e28968bdd4.tar.gz vyos-documentation-1d581d18e8bbf6e63c00307579c4c9e28968bdd4.zip |
Fixes: T1038 Write documentation for setting up a pppoe server
-rw-r--r-- | docs/services.rst | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/docs/services.rst b/docs/services.rst index a635f076..320555d4 100644 --- a/docs/services.rst +++ b/docs/services.rst @@ -1095,6 +1095,55 @@ mDNS repeater can be temporarily disabled without deleting the service using .. note:: You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death! +PPPoE server +------------ + +VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server. + +**Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing PPPoE connections from connected users, in order to become effective.** + +Configuration +^^^^^^^^^^^^^ + +The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves only requests in the interface eth1. + +.. code-block:: sh + + set service pppoe-server access-concentrator 'ACN' + set service pppoe-server authentication local-users username foo password 'bar' + set service pppoe-server authentication mode 'local' + set service pppoe-server client-ip-pool start '10.1.1.100' + set service pppoe-server client-ip-pool stop '10.1.1.111' + set service pppoe-server dns-servers server-1 '10.100.100.1' + set service pppoe-server dns-servers server-2 '10.100.200.1' + set service pppoe-server interface 'eth1' + set service pppoe-server local-ip '10.1.1.2' + + +Connections can be locally checked via the command + +.. code-block:: sh + + show pppoe-server sessions + ifname | username | calling-sid | ip | type | comp | state | uptime + -------+----------+-------------------+------------+-------+------+--------+---------- + ppp0 | foo | 08:00:27:fa:3e:50 | 10.1.1.100 | pppoe | | active | 00:04:15 + + +To use a radius server, you need to switch to authentication mode radius and of course need to specify an IP for the server. You can have multiple RADIUS server configured, if you wish to +achieve redundancy. + +.. code-block:: sh + + set service pppoe-server access-concentrator 'ACN' + set service pppoe-server authentication mode 'radius' + set service pppoe-server authentication radius-server 10.1.100.1 secret 'secret' + set service pppoe-server interface 'eth1' + set service pppoe-server local-ip '10.1.1.2' + +RADIUS provides the IP addresses in the example above via Framed-IP-Address. + + UDP broadcast relay ------------------- @@ -1626,3 +1675,4 @@ The size of the proxy cache can be adjusted by the user. .. _TFTP: https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol .. _Squid3: http://www.squid-cache.org/ .. _Squidguard: http://www.squidguard.org/ +.. _`accel-ppp`: https://accel-ppp.org/ |