Date: Mon, 17 May 2004 15:20:20 +0400 From: Alexander Lunyov <lan@startatom.ru> To: freebsd-net@freebsd.org Subject: ppp receiving wrong device number (cuaa10 instead of cuaaa, cuaa15 instead of cuaaf) Message-ID: <1373993879.20040517152020@startatom.ru>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Hello. We have a gateway for our inner clients, it is FreeBSD-4.8R-p14, three Cronyx Omega PCI multiport cards (24 ports in sum), mgetty listening on all those ports, and when user connects, mgetty run exppp (enchanced ppp incarnation, http://shs.sumy.ua). Freeradius handles authentication and accounting. When i've enable freeradius module rlm_ippool (ip addresses pooling module), dialup users start receiving error "server have not assign ip address" after connecting on some telephone numbers (not all, just some numbers), and when i dig some further, i found, that freeradius in such cases did not receive NAS-Port-Id attribute from exppp. Freeradius receive standard request, but without one attribute, in example: Service-Type = Framed-User User-Name = "bpv89" Framed-Protocol = PPP CHAP-Password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx CHAP-Challenge = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx NAS-Identifier = "zeus.domain.ru" NAS-Port-Type = Async Then i started to watch for ppp connections. And i found strange thing. Look at this (ppp log): Phase: Using interface: tun9 Phase: deflink: Created in closed state Command: default: set radius /etc/radius.conf Command: default: set dns 192.168.33.127 Command: default: set local_ip 62.33.65.0/24 Warning: Add local net: 62.33.65.0/24 Command: default: accept dns Command: default: enable lqr Command: default: enable pap Command: default: enable chap Command: default: enable mschap Command: default: enable mschapv2 Command: default: set rad_alive 20 Command: default: disable acfcomp protocomp Command: default: deny acfcomp Command: dialup: set timeout 900 Command: dialup: set mru 576 Command: dialup: set mtu 576 Phase: PPP Started (direct mode). Phase: bundle: Establish Phase: deflink: closed -> opening Phase: deflink: Connected! Phase: deflink: opening -> carrier > Phase: deflink: /dev/cuaa15: CD detected *** (1) Phase: deflink: carrier -> lcp Phase: bundle: Authenticate Phase: deflink: his = none, mine = CHAP 0x05 Phase: Chap Output: CHALLENGE Phase: Chap Input: RESPONSE (16 bytes from rim74) > Error: NAS-Port-Id borken: -1 *** (2) Phase: Radius: Request sent Phase: Radius(auth): ACCEPT received Phase: Octets limit 292770808 Phase: Chap Output: SUCCESS Phase: deflink: lcp -> open Phase: bundle: Network Then disconnection occures - freeradius didn't deliver ip address for this connection. (1) - But mgetty said that modem connects to /dev/cuaaf port! Where did come digit 15 from? This situation (decimal port number instead of hex) can also be seen on ports cuaa10 (cuaaa), cuaa11 (cuaab), cuaa12 (cuaac) etc till cuaa15 - port cuaag always comes in hex. (2) - This is my debug entry, that i insert in radius.c. Original code: if ((slot = physical_Slot(p)) >= 0) if (rad_put_int(rad, RAD_NAS_PORT, slot) != 0) { log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad)); rad_close(rad); return 0; } I've added debug 'else' for first 'if' (2). Thus physical_Slot() from physical.c returning '-1'. In physical.c: int physical_Slot(struct physical *p) { if (p->handler && p->handler->slot) return (*p->handler->slot)(p); return -1; } And p->handler is coming from tty.c (if i'm not missed the trail) in tty_iov2device(): memcpy(&dev->dev, &basettydevice, sizeof dev->dev); physical_SetupStack(p, dev->dev.name, PHYSICAL_NOFORCE); if (dev->Timer.state != TIMER_STOPPED) { dev->Timer.state = TIMER_STOPPED; p->handler = &dev->dev; /* For the benefit of StartTimer */ tty_StartTimer(p); } return &dev->dev; And i don't know where should i dig further. Must be some place, where hex numbers returns as decimal, but i don't know, where is it. Ports on multiport cards are: cuaa[1-8] - first card cuaa[9-g] - second card cuaa[h-o] - third card And next strange thing is that this problem rising only on ports cuaa[10-15] (!), in hex is cuaa[a-f] - and i'm surprised that cuaag is working fine! The most surprising thing is that all ports on third card (cuaa[h-o]) is working as they should! But still, 6 of 24 modems are out of order :( Where those decimal port numbers come from? I found only one similar problem, but there is no answer to it: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=313299+0+archive/2000/freebsd-bugs/20000702.freebsd-bugs I've contacted Cronyx company (they produce those multiport cards), and their specialist said that this is not their driver issue and he can prove it. And i believe him :) # uname -a FreeBSD zeus.domain.ru 4.8-RELEASE-p14 FreeBSD 4.8-RELEASE-p14 #4: Tue Mar 30 10:17:02 MSD 2004 root@zeus.domain.ru:/usr/src/sys/compile/zeus i386 # pkg_info -I freeradius\* mgetty\* freeradius-0.9.3 A free RADIUS server implementation mgetty-1.1.28.01.10 Handle external logins, send and receive faxes p.s.: fragments of code in this message have not changed in exppp, they are same as in original ppp p.p.s.: dmesg and all config files are in attachement, if more debug will be needed - i'll give it. -- Alexander Lunyov, lan_mailing@startatom.ru [-- Attachment #2 --] # /var/run/dmesg.boot Copyright (c) 1992-2003 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.8-RELEASE-p14 #4: Tue Mar 30 10:17:02 MSD 2004 root@zeus.startatom.ru:/usr/src/sys/compile/zeus Timecounter "i8254" frequency 1193182 Hz CPU: Intel(R) Celeron(R) CPU 1.80GHz (1804.10-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf13 Stepping = 3 Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM> real memory = 536788992 (524208K bytes) avail memory = 518144000 (506000K bytes) Preloaded elf kernel "kernel" at 0xc0328000. Pentium Pro MTRR support enabled md0: Malloc disk Using $PIR table, 12 entries at 0xc00f23b0 apm0: <APM BIOS> on motherboard apm0: found APM BIOS v1.2, connected at v1.2 npx0: <math processor> on motherboard npx0: INT 16 interface pcib0: <Host to PCI bridge> on motherboard pci0: <PCI bus> on pcib0 agp0: <Intel Generic host to PCI bridge> mem 0xf8000000-0xfbffffff at device 0.0 on pci0 pcib1: <PCI to PCI bridge (vendor=8086 device=2561)> at device 1.0 on pci0 pci1: <PCI bus> on pcib1 pci1: <ATI model 5446 graphics accelerator> at 0.0 irq 15 pcib2: <Intel 82801BA/BAM (ICH2) Hub to PCI bridge> at device 30.0 on pci0 pci2: <PCI bus> on pcib2 pci2: <unknown card> (vendor=0x14e4, dev=0x4401) at 5.0 irq 10 tx0: <SMC EtherPower II 10/100> port 0xa800-0xa8ff mem 0xf1800000-0xf1800fff irq 7 at device 9.0 on pci2 qsphy0: <QS6612 10/100 media interface> on miibus0 qsphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto tx0: address 00:e0:29:0c:4d:1b, type SMC9432TX atapci0: <Promise TX2 ATA133 controller> port 0x9000-0x900f,0x9400-0x9403,0x9800-0x9807,0xa000-0xa003,0xa400-0xa407 mem 0xf1000000-0xf100ffff irq 5 at device 10.0 on pci2 ata2: at 0xa400 on atapci0 ata3: at 0x9800 on atapci0 xl0: <3Com 3c905C-TX Fast Etherlink XL> port 0x8800-0x887f mem 0xf0800000-0xf080007f irq 11 at device 11.0 on pci2 xl0: Ethernet address: 00:04:75:c0:b0:dd miibus1: <MII bus> on xl0 ukphy0: <Generic IEEE 802.3u media interface> on miibus1 ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto siopci0: <Cronyx Omega-PCI Serial Adapter> port 0x7800-0x780f,0x8000-0x807f,0x8400-0x847f irq 10 at device 12.0 on pci2 sio1: type ST16650A with 64 bytes FIFO sio2: type ST16650A with 64 bytes FIFO sio3: type ST16650A with 64 bytes FIFO sio4: type ST16650A with 64 bytes FIFO sio5: type ST16650A with 64 bytes FIFO sio6: type ST16650A with 64 bytes FIFO sio7: type ST16650A with 64 bytes FIFO sio8: type ST16650A with 64 bytes FIFO siopci1: <Cronyx Omega-PCI Serial Adapter> port 0x6800-0x680f,0x7000-0x707f,0x7400-0x747f irq 7 at device 13.0 on pci2 sio9: type ST16650A with 64 bytes FIFO sio10: type ST16650A with 64 bytes FIFO sio11: type ST16650A with 64 bytes FIFO sio12: type ST16650A with 64 bytes FIFO sio13: type ST16650A with 64 bytes FIFO sio14: type ST16650A with 64 bytes FIFO sio15: type ST16650A with 64 bytes FIFO sio16: type ST16650A with 64 bytes FIFO siopci2: <Cronyx Omega-PCI Serial Adapter> port 0x5800-0x580f,0x6000-0x607f,0x6400-0x647f irq 14 at device 14.0 on pci2 sio17: type ST16650A with 64 bytes FIFO sio18: type ST16650A with 64 bytes FIFO sio19: type ST16650A with 64 bytes FIFO sio20: type ST16650A with 64 bytes FIFO sio21: type ST16650A with 64 bytes FIFO sio22: type ST16650A with 64 bytes FIFO sio23: type ST16650A with 64 bytes FIFO sio24: type ST16650A with 64 bytes FIFO isab0: <PCI to ISA bridge (vendor=8086 device=24c0)> at device 31.0 on pci0 isa0: <ISA bus> on isab0 atapci1: <Intel ICH4 ATA100 controller> irq 14 at device 31.1 on pci0 atapci1: ATA channel disabled by BIOS orm0: <Option ROMs> at iomem 0xc0000-0xc7fff,0xd8000-0xd87ff on isa0 fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0 fdc0: FIFO enabled, 8 bytes threshold fd0: <1440-KB 3.5" drive> on fdc0 drive 0 ata0 at port 0x1f0-0x1f7,0x3f6 irq 14 on isa0 ata1 at port 0x170-0x177,0x376 irq 15 on isa0 atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0 atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0 kbd0 at atkbd0 vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 sc0: <System console> at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 sio0: type 16550A ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to deny, logging limited to 10000 packets/entry by default DUMMYNET initialized (011031) ar0: 38146MB <ATA RAID1 array> [4863/255/63] status: READY subdisks: 0 READY ad4: 38166MB <ST340014A> [77545/16/63] at ata2-master UDMA100 1 READY ad6: 38166MB <ST340014A> [77545/16/63] at ata3-master UDMA100 Mounting root from ufs:/dev/ar0s1a [-- Attachment #3 --] # /usr/local/etc/mgetty+sendfax/login.config /AutoPPP/ - - /usr/local/bin/exppp_2 -direct dialup [-- Attachment #4 --] # /usr/local/etc/mgetty+sendfax/mgetty.config debug 4 speed 57600 toggle-dtr YES toggle-dtr-waittime 500 data-only YES modem-type data init-chat "" AT&F1 OK ATM0L0S0=0S33=32S32=98s27=64 OK answer-chat "" AT&F1 OK ATM0L0S0=0S33=32S32=98s27=64 OK ATA CONNECT \c \r modem-check-time 36000 rings 2 answer-chat-timeout 80 autobauding NO ringback NO ringback-time 30 ignore-carrier false issue-file /etc/issue prompt-waittime 500 login-prompt FreeBSD on @ (\L) \n\r\D \T\n\n\rlogin: login-time 240 diskspace 1024 notify root fax-owner uucp fax-group modem fax-mode 0660 port cuaa1 port cuaa2 port cuaa3 port cuaa4 port cuaa5 port cuaa6 port cuaa7 port cuaa8 port cuaa9 port cuaaa port cuaab port cuaac port cuaad port cuaae port cuaaf port cuaag rings 2 init-chat "" AT&F OK ATM0L0S0=0 OK answer-chat "" AT&F OK ATM0L0S0=0 OK ATA CONNECT \c \r port cuaah port cuaai port cuaaj port cuaak port cuaal port cuaam port cuaan port cuaao [-- Attachment #5 --] # /etc/ppp/ppp.conf default: allow mode direct #turn on ppp bridging ident [VERSION] set log Phase IPCP Command Error Alert Warning #turn on some logging. set radius /etc/radius.conf #turn on radius auth and use this file set dns 192.168.33.127 set local_ip 62.33.65.0/24 accept dns enable lqr enable pap #turn on chap and pap accounting enable chap #turn on chap and pap accounting enable mschap enable mschapv2 set rad_alive 20 # Интервал Alive записей для радиуса - 60 сек disable acfcomp protocomp deny acfcomp pppoe: set timeout 0 set mru 1472 #set mru below 1500 (PPPoE MTU issue) set mtu 1472 #set mtu below 1500 (PPPoE MTU issue) dialup: set timeout 900 set mru 576 set mtu 576 [-- Attachment #6 --] # /usr/local/etc/raddb/mgetty.config prefix = /usr/local exec_prefix = ${prefix} sysconfdir = ${prefix}/etc localstatedir = /var sbindir = ${exec_prefix}/sbin logdir = ${localstatedir}/log/radius raddbdir = ${sysconfdir}/raddb radacctdir = ${logdir}/radacct confdir = ${raddbdir} run_dir = ${localstatedir}/run/radiusd log_file = ${logdir}/radius.log libdir = ${exec_prefix}/lib pidfile = ${run_dir}/radiusd.pid max_request_time = 30 delete_blocked_requests = no cleanup_delay = 5 max_requests = 1024 bind_address = * port = 0 hostname_lookups = no allow_core_dumps = no regular_expressions = yes extended_expressions = yes log_stripped_names = no log_auth = yes log_auth_badpass = yes log_auth_goodpass = no usercollide = yes lower_user = before lower_pass = no nospace_user = no nospace_pass = no checkrad = ${sbindir}/checkrad security { max_attributes = 200 reject_delay = 1 status_server = no } proxy_requests = yes $INCLUDE ${confdir}/proxy.conf $INCLUDE ${confdir}/clients.conf snmp = no $INCLUDE ${confdir}/snmp.conf thread pool { start_servers = 5 max_servers = 32 min_spare_servers = 3 max_spare_servers = 10 max_requests_per_server = 0 } modules { sqlcounter monthlytraffic { counter-name = Monthly-Traffic check-name = Max-Monthly-Traffic sqlmod-inst = sql key = User-Name reset = monthly query = "SELECT (sum(AcctInputOctets)+sum(AcctOutputOctets)) FROM radacct WHERE UserName='%u' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'" } pap { encryption_scheme = clear } chap { authtype = CHAP } pam { pam_auth = radiusd } unix { cache = no cache_reload = 600 radwtmp = ${localstatedir}/log/wtmp } eap { default_eap_type = md5 timer_expire = 60 md5 { } leap { } } mschap { authtype = MS-CHAP } ldap { server = "ldap.domain.ru" identity = "cn=admin,dc=domain,dc=ru" password = secrettpass basedn = "ou=users,dc=domain,dc=ru" filter = "(uid=%u)" start_tls = no tls_mode = no default_profile = "cn=radprofile,dc=domain,dc=ru" access_group = "cn=dialup-group,dc=domain,dc=ru" access_attr = "dialupAccess" dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 password_attribute = userPassword timeout = 4 timelimit = 3 net_timeout = 1 } realm realmslash { format = prefix delimiter = "/" } realm suffix { format = suffix delimiter = "@" } realm realmpercent { format = suffix delimiter = "%" } preprocess { huntgroups = ${confdir}/huntgroups hints = ${confdir}/hints with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no } files { usersfile = ${confdir}/users acctusersfile = ${confdir}/acct_users compat = no } detail { detailperm = 0600 } acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port-Id" } $INCLUDE ${confdir}/sql.conf radutmp { filename = ${logdir}/radutmp username = %{User-Name} case_sensitive = yes check_with_nas = yes perm = 0600 callerid = "yes" } radutmp sradutmp { filename = ${logdir}/sradutmp perm = 0644 callerid = "no" } attr_filter { attrsfile = ${confdir}/attrs } counter daily { filename = ${raddbdir}/db.daily key = User-Name count-attribute = Acct-Session-Time reset = daily counter-name = Daily-Session-Time check-name = Max-Daily-Session allowed-servicetype = Framed-User cache-size = 5000 } always fail { rcode = fail } always reject { rcode = reject } always ok { rcode = ok simulcount = 0 mpp = no } expr { } digest { } exec { wait = yes input_pairs = request } exec echo { wait = yes program = "/bin/echo %{User-Name}" input_pairs = request output_pairs = reply } ippool legal_pool { range-start = 192.168.253.2 range-stop = 192.168.253.254 netmask = 255.255.255.0 cache-size = 800 session-db = ${raddbdir}/db.legalpool ip-index = ${raddbdir}/db.legalindex override = yes } ippool illegal_pool { range-start = 192.168.252.2 range-stop = 192.168.252.254 netmask = 255.255.255.0 cache-size = 800 session-db = ${raddbdir}/db.illegalpool ip-index = ${raddbdir}/db.illegalindex override = yes } $INCLUDE ${confdir}/perl.conf } instantiate { expr sql } authorize { chap mschap files ldap files perl_limits } authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } unix eap } preacct { preprocess suffix files } accounting { acct_unique unix radutmp sradutmp legal_pool illegal_pool sql } session { radutmp sql } post-auth { legal_pool illegal_pool } pre-proxy { } post-proxy { eap }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1373993879.20040517152020>