diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-11-02 13:58:48 +0000 |
---|---|---|
committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2023-11-02 15:55:55 +0000 |
commit | 27c6dce457781fcda791899b7c6e0f1b9c03efd4 (patch) | |
tree | eaee6072f69b1f086ef30a9e3329447a603bbb0a | |
parent | 0998a5da7b61bb6d5587183a57bb9c34eb56b5ca (diff) | |
download | vyos-1x-27c6dce457781fcda791899b7c6e0f1b9c03efd4.tar.gz vyos-1x-27c6dce457781fcda791899b7c6e0f1b9c03efd4.zip |
T5704: PPPoE L2TP SSTP IPoE add option max-concurrent-sessions
Add `max-starting` option:
[common]
max-starting=N
Specifies maximum concurrent session attempts which server may processed
set service pppoe-server max-concurrent-sessions '30'
Useful to prevent high CPU utilization and compat execution
scripts per time.
(cherry picked from commit 47645f9d0243ce48a473ab7f8cdbd22c19f69f28)
-rw-r--r-- | data/templates/accel-ppp/ipoe.config.j2 | 5 | ||||
-rw-r--r-- | data/templates/accel-ppp/l2tp.config.j2 | 5 | ||||
-rw-r--r-- | data/templates/accel-ppp/pppoe.config.j2 | 5 | ||||
-rw-r--r-- | data/templates/accel-ppp/pptp.config.j2 | 5 | ||||
-rw-r--r-- | data/templates/accel-ppp/sstp.config.j2 | 3 | ||||
-rw-r--r-- | interface-definitions/include/accel-ppp/max-concurrent-sessions.xml.i | 15 | ||||
-rw-r--r-- | interface-definitions/service-ipoe-server.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/service-pppoe-server.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/vpn-l2tp.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/vpn-pptp.xml.in | 1 | ||||
-rw-r--r-- | interface-definitions/vpn-sstp.xml.in | 1 |
11 files changed, 42 insertions, 1 deletions
diff --git a/data/templates/accel-ppp/ipoe.config.j2 b/data/templates/accel-ppp/ipoe.config.j2 index f59428509..555a033d3 100644 --- a/data/templates/accel-ppp/ipoe.config.j2 +++ b/data/templates/accel-ppp/ipoe.config.j2 @@ -14,6 +14,11 @@ ippool [core] thread-count={{ thread_count }} +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + [log] syslog=accel-ipoe,daemon copy=1 diff --git a/data/templates/accel-ppp/l2tp.config.j2 b/data/templates/accel-ppp/l2tp.config.j2 index a2f9c9fc7..b089d3e71 100644 --- a/data/templates/accel-ppp/l2tp.config.j2 +++ b/data/templates/accel-ppp/l2tp.config.j2 @@ -20,6 +20,11 @@ ipv6_dhcp [core] thread-count={{ thread_cnt }} +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + [log] syslog=accel-l2tp,daemon copy=1 diff --git a/data/templates/accel-ppp/pppoe.config.j2 b/data/templates/accel-ppp/pppoe.config.j2 index dd53edd28..e1ae3660e 100644 --- a/data/templates/accel-ppp/pppoe.config.j2 +++ b/data/templates/accel-ppp/pppoe.config.j2 @@ -62,10 +62,13 @@ wins{{ loop.index }}={{ server }} {# Common chap-secrets and RADIUS server/option definitions #} {% include 'accel-ppp/config_chap_secrets_radius.j2' %} -{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} [common] +{% if session_control is vyos_defined and session_control is not vyos_defined('disable') %} single-session={{ session_control }} {% endif %} +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} [ppp] verbose=1 diff --git a/data/templates/accel-ppp/pptp.config.j2 b/data/templates/accel-ppp/pptp.config.j2 index 0082e55bf..46a9f933a 100644 --- a/data/templates/accel-ppp/pptp.config.j2 +++ b/data/templates/accel-ppp/pptp.config.j2 @@ -16,6 +16,11 @@ ippool [core] thread-count={{ thread_cnt }} +[common] +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} + [log] syslog=accel-pptp,daemon copy=1 diff --git a/data/templates/accel-ppp/sstp.config.j2 b/data/templates/accel-ppp/sstp.config.j2 index 7ee28dd21..cf1d23f54 100644 --- a/data/templates/accel-ppp/sstp.config.j2 +++ b/data/templates/accel-ppp/sstp.config.j2 @@ -16,6 +16,9 @@ thread-count={{ thread_count }} [common] single-session=replace +{% if max_concurrent_sessions is vyos_defined %} +max-starting={{ max_concurrent_sessions }} +{% endif %} [log] syslog=accel-sstp,daemon diff --git a/interface-definitions/include/accel-ppp/max-concurrent-sessions.xml.i b/interface-definitions/include/accel-ppp/max-concurrent-sessions.xml.i new file mode 100644 index 000000000..f6ef41019 --- /dev/null +++ b/interface-definitions/include/accel-ppp/max-concurrent-sessions.xml.i @@ -0,0 +1,15 @@ +<!-- include start from accel-ppp/max-concurrent-sessions.xml.i --> +<leafNode name="max-concurrent-sessions"> + <properties> + <help>Maximum number of concurrent session start attempts</help> + <valueHelp> + <format>u32:0-65535</format> + <description>Maximum number of concurrent session start attempts</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--allow-range --range 0-65535"/> + </constraint> + <constraintErrorMessage>Maximum concurent sessions must be in range 0-65535</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/service-ipoe-server.xml.in b/interface-definitions/service-ipoe-server.xml.in index b6e6503d3..9ac0c8fdf 100644 --- a/interface-definitions/service-ipoe-server.xml.in +++ b/interface-definitions/service-ipoe-server.xml.in @@ -102,6 +102,7 @@ #include <include/accel-ppp/vlan.xml.i> </children> </tagNode> + #include <include/accel-ppp/max-concurrent-sessions.xml.i> #include <include/name-server-ipv4-ipv6.xml.i> <node name="client-ip-pool"> <properties> diff --git a/interface-definitions/service-pppoe-server.xml.in b/interface-definitions/service-pppoe-server.xml.in index 022ac2885..44b689fe1 100644 --- a/interface-definitions/service-pppoe-server.xml.in +++ b/interface-definitions/service-pppoe-server.xml.in @@ -73,6 +73,7 @@ </children> </tagNode> #include <include/accel-ppp/gateway-address.xml.i> + #include <include/accel-ppp/max-concurrent-sessions.xml.i> #include <include/accel-ppp/mtu-128-16384.xml.i> <node name="limits"> <properties> diff --git a/interface-definitions/vpn-l2tp.xml.in b/interface-definitions/vpn-l2tp.xml.in index ee0edc3e3..60a1d323b 100644 --- a/interface-definitions/vpn-l2tp.xml.in +++ b/interface-definitions/vpn-l2tp.xml.in @@ -13,6 +13,7 @@ <help>Remote access L2TP VPN</help> </properties> <children> + #include <include/accel-ppp/max-concurrent-sessions.xml.i> #include <include/accel-ppp/mtu-128-16384.xml.i> <leafNode name="outside-address"> <properties> diff --git a/interface-definitions/vpn-pptp.xml.in b/interface-definitions/vpn-pptp.xml.in index 5a8b4a78a..964c4d21e 100644 --- a/interface-definitions/vpn-pptp.xml.in +++ b/interface-definitions/vpn-pptp.xml.in @@ -13,6 +13,7 @@ <help>Remote access PPTP VPN</help> </properties> <children> + #include <include/accel-ppp/max-concurrent-sessions.xml.i> #include <include/accel-ppp/mtu-128-16384.xml.i> <leafNode name="outside-address"> <properties> diff --git a/interface-definitions/vpn-sstp.xml.in b/interface-definitions/vpn-sstp.xml.in index 9e912063f..9c818ba60 100644 --- a/interface-definitions/vpn-sstp.xml.in +++ b/interface-definitions/vpn-sstp.xml.in @@ -25,6 +25,7 @@ </node> </children> </node> + #include <include/accel-ppp/max-concurrent-sessions.xml.i> #include <include/interface/mtu-68-1500.xml.i> #include <include/accel-ppp/gateway-address.xml.i> #include <include/name-server-ipv4-ipv6.xml.i> |