summaryrefslogtreecommitdiff
path: root/data/templates/accel-ppp/pppoe.config.tmpl
blob: 8f1b9e7c55282409981b773c25cd4d9b6574efe5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
### generated by accel_pppoe.py ###
[modules]
log_syslog
pppoe
{{ "radius" if authentication.mode is defined and authentication.mode == 'radius' }}
chap-secrets
ippool
{% if ppp_options.ipv6 is defined and ppp_options.ipv6 != 'deny' %}
ipv6pool
ipv6_nd
ipv6_dhcp
{% endif %}
{% for protocol in authentication.protocols %}
{#   this should be fixed in the CLI by a migrator #}
{%   if protocol == 'chap' %}
auth_chap_md5
{%   elif protocol == 'mschap' %}
auth_mschap_v1
{%   else %}
auth_{{ protocol.replace('-', '_') }}
{%   endif %}
{% endfor %}
shaper
{% if snmp is defined %}
net-snmp
{% endif %}
{% if limits is defined %}
connlimit
{% endif %}

[core]
thread-count={{ thread_count }}

[log]
syslog=accel-pppoe,daemon
copy=1
level=5

{% if snmp is defined and snmp.master_agent is defined %}
[snmp]
master=1
{% endif %}

[client-ip-range]
disable

{# Common IP pool definitions #}
{% include 'accel-ppp/config_ip_pool.j2' %}

{# Common IPv6 pool definitions #}
{% include 'accel-ppp/config_ipv6_pool.j2' %}

{# Common DNS name-server definition #}
{% include 'accel-ppp/config_name_server.j2' %}

{% if wins_server is defined and wins_server is not none %}
[wins]
{%   for server in wins_server %}
wins{{ loop.index }}={{ server }}
{%   endfor %}
{% endif %}

{% if authentication.mode is defined and authentication.mode == 'local' %}
[chap-secrets]
chap-secrets={{ chap_secrets_file }}
{% elif authentication.mode is defined and authentication.mode == 'radius' %}
[radius]
verbose=1
{%   for server, options in authentication.radius.server.items() if not options.disable is defined %}
server={{ server }},{{ options.key }},auth-port={{ options.port }},acct-port={{ options.acct_port }},req-limit=0,fail-time={{ options.fail_time }}
{%   endfor %}
{%   if authentication.radius.acct_interim_jitter is defined and authentication.radius.acct_interim_jitter is not none %}
acct-interim-jitter={{ authentication.radius.acct_interim_jitter }}
{%   endif %}
acct-timeout={{ authentication.radius.acct_timeout }}
timeout={{ authentication.radius.timeout }}
max-try={{ authentication.radius.max_try }}
{%   if authentication.radius.nas_identifier is defined and authentication.radius.nas_identifier is not none %}
nas-identifier={{ authentication.radius.nas_identifier }}
{%   endif %}
{%   if authentication.radius.nas_ip_address is defined and authentication.radius.nas_ip_address is not none %}
nas-ip-address={{ authentication.radius.nas_ip_address }}
{%   endif %}
{%   if authentication.radius.source_address is defined and authentication.radius.source_address is not none %}
bind={{ authentication.radius.source_address }}
{%   endif %}
{% if authentication.radius.called_sid_format is defined and authentication.radius.called_sid_format is not none %}
called-sid={{ authentication.radius.called_sid_format }}
{% endif %}
{%   if authentication.radius.dynamic_author.server is defined and authentication.radius.dynamic_author.server is not none %}
dae-server={{ authentication.radius.dynamic_author.server }}:{{ authentication.radius.dynamic_author.port }},{{ authentication.radius.dynamic_author.key }}
{%   endif -%}
{% endif %}

{% if gateway_address is defined and gateway_address is not none %}
gw-ip-address={{ gateway_address }}
{% endif %}

{% if session_control is defined and session_control != 'disable' %}
[common]
single-session={{ session_control }}
{% endif %}

[ppp]
verbose=1
check-ip=1
ccp={{ "1" if ppp_options.ccp is defined else "0" }}
unit-preallocate={{ "1" if authentication.radius.preallocate_vif is defined else "0" }}
{% if ppp_options.min_mtu is defined and ppp_options.min_mtu is not none %}
min-mtu={{ ppp_options.min_mtu }}
{% else %}
min-mtu={{ mtu }}
{% endif %}
{% if ppp_options.mru is defined and ppp_options.mru is not none %}
mru={{ ppp_options.mru }}
{% endif %}
mppe={{ ppp_options.mppe }}
lcp-echo-interval={{ ppp_options.lcp_echo_interval }}
lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }}
lcp-echo-failure={{ ppp_options.lcp_echo_failure }}
{% if ppp_options.ipv4 is defined and ppp_options.ipv4 is not none %}
ipv4={{ ppp_options.ipv4 }}
{% endif %}
{# IPv6 #}
{% if ppp_options.ipv6 is defined and ppp_options.ipv6 is not none %}
ipv6={{ ppp_options.ipv6 }}
{%   if ppp_options.ipv6_intf_id is defined and ppp_options.ipv6_intf_id is not none %}
ipv6-intf-id={{ ppp_options.ipv6_intf_id }}
{%   endif %}
{%   if ppp_options.ipv6_peer_intf_id is defined and ppp_options.ipv6_peer_intf_id is not none %}
ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }}
{%   endif %}
ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is defined else "0" }}
{% endif %}
{# MTU #}
mtu={{ mtu }}

[pppoe]
verbose=1
ac-name={{ access_concentrator }}

{% if interface %}
{%   for iface in interface %}
interface={{ iface }}
{%     if interface[iface].vlan_id is defined or interface[iface].vlan_range is defined %}
vlan-mon={{ iface }},{{ interface[iface].vlan_id | join(',') }},{{ interface[iface].vlan_range | join(',') }}
interface=re:{{ interface.name }}\.\d+
{%     endif %}
{%   endfor %}
{% endif %}

{% if service_name %}
service-name={{ service_name | join(',') }}
{% endif -%}

{% if pado_delay %}
pado-delay={{ pado_delay }}
{% endif %}

{% if limits is defined %}
[connlimit]
{%   if limits.connection_limit is defined and limits.connection_limit is not none %}
limit={{ limits.connection_limit }}
{%   endif %}
{%   if limits.burst is defined and limits.burst %}
burst={{ limits.burst }}
{%   endif %}
{%   if limits.timeout is defined and limits.timeout is not none %}
timeout={{ limits.timeout }}
{%   endif %}
{% endif %}

[cli]
tcp=127.0.0.1:2001