From 8c98ceeee57d062969456d1848b952ed9a3dd7fb Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Sun, 12 Feb 2023 12:55:39 +0000 Subject: T1993: PPPoE-server add section shaper and fwmark option Extended PPPoE-server rate-limiter to avoid shaping marked resources Often this feature needs for ISP, which provides access to some IX or its resources. set service pppoe-server shaper fwmark '223' --- data/templates/accel-ppp/config_shaper_radius.j2 | 10 ++++++++-- .../include/accel-ppp/shaper.xml.i | 21 +++++++++++++++++++++ interface-definitions/service_pppoe-server.xml.in | 1 + smoketest/scripts/cli/test_service_pppoe-server.py | 5 ++++- 4 files changed, 34 insertions(+), 3 deletions(-) create mode 100644 interface-definitions/include/accel-ppp/shaper.xml.i diff --git a/data/templates/accel-ppp/config_shaper_radius.j2 b/data/templates/accel-ppp/config_shaper_radius.j2 index c409c3718..b7bd9c128 100644 --- a/data/templates/accel-ppp/config_shaper_radius.j2 +++ b/data/templates/accel-ppp/config_shaper_radius.j2 @@ -1,7 +1,7 @@ -{% if authentication is defined and authentication.mode is defined and authentication.mode == 'radius' %} -{% if authentication is defined and authentication.radius is defined and authentication.radius.rate_limit is defined and authentication.radius.rate_limit.enable is defined %} +{% if authentication is defined and authentication.mode is defined and authentication.mode == 'radius' or shaper is defined %} [shaper] verbose=1 +{% if authentication is defined and authentication.radius is defined and authentication.radius.rate_limit is defined and authentication.radius.rate_limit.enable is defined %} attr={{ authentication.radius.rate_limit.attribute }} {% if authentication.radius.rate_limit.vendor is defined and authentication.radius.rate_limit.vendor is not none %} vendor={{ authentication.radius.rate_limit.vendor }} @@ -10,4 +10,10 @@ vendor={{ authentication.radius.rate_limit.vendor }} rate-multiplier={{ authentication.radius.rate_limit.multiplier }} {% endif %} {% endif %} +{% if shaper is defined %} +{% if shaper.fwmark is defined and shaper.fwmark is not none %} +fwmark={{ shaper.fwmark }} +down-limiter=htb +{% endif %} +{% endif %} {% endif %} diff --git a/interface-definitions/include/accel-ppp/shaper.xml.i b/interface-definitions/include/accel-ppp/shaper.xml.i new file mode 100644 index 000000000..b4f9536d2 --- /dev/null +++ b/interface-definitions/include/accel-ppp/shaper.xml.i @@ -0,0 +1,21 @@ + + + + Traffic shaper bandwidth parameters + + + + + Firewall mark value for traffic that excludes from shaping + + u32:1-2147483647 + Match firewall mark value + + + + + + + + + diff --git a/interface-definitions/service_pppoe-server.xml.in b/interface-definitions/service_pppoe-server.xml.in index 36bea6a7a..b8d344445 100644 --- a/interface-definitions/service_pppoe-server.xml.in +++ b/interface-definitions/service_pppoe-server.xml.in @@ -324,6 +324,7 @@ replace + #include Enable SNMP diff --git a/smoketest/scripts/cli/test_service_pppoe-server.py b/smoketest/scripts/cli/test_service_pppoe-server.py index 21d1028ce..e5acff265 100755 --- a/smoketest/scripts/cli/test_service_pppoe-server.py +++ b/smoketest/scripts/cli/test_service_pppoe-server.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2020 VyOS maintainers and contributors +# Copyright (C) 2020-2023 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -147,6 +147,8 @@ class TestServicePPPoEServer(BasicAccelPPPTest.TestCase): self.basic_config() subnet = '172.18.0.0/24' + fwmark = '223' + limiter = 'htb' self.set(['client-ip-pool', 'subnet', subnet]) start = '192.0.2.10' @@ -155,6 +157,7 @@ class TestServicePPPoEServer(BasicAccelPPPTest.TestCase): start_stop = f'{start}-{stop_octet}' self.set(['client-ip-pool', 'start', start]) self.set(['client-ip-pool', 'stop', stop]) + self.set(['shaper', 'fwmark', fwmark]) # commit changes self.cli_commit() -- cgit v1.2.3