Date: Thu, 17 Mar 2011 11:32:58 +1000 From: Da Rock <freebsd-net@herveybayaustralia.com.au> To: freebsd-net@freebsd.org Subject: mpd- no ng_l2tp coming up Message-ID: <4D8164CA.80501@herveybayaustralia.com.au>
next in thread | raw e-mail | index | archive | help
I tried this on -questions@ but the consensus is to try here.
I'm running into all sorts of issues setting up l2tp networking. I think
I have the IPSEC part worked out, but testing parts at a time l2tp dies
in a hole.
I've resorted to mpd as it seems to be widely used in BSD (and linux
too..), but the result seems to be the same for other servers as well
such as l2tpd. Mpd gave me the most debug info- so it won the toss.
I can start the server, it says ok and runs; I check sockstat, l2tp
ports are open; I can even check the console (mpd), its says all systems
go. I run the client- the connection dies, and so does the server.
I've tried to get a clear outline of what is required for a lns (the
docs and sample config only define a lac)- there are plenty of client
howtos but not many servers. That said I can't see what the hold up is:
startup:
log +all
set web self 0.0.0.0 5006
set web open
# set web auth disable
set user <web console login>
default:
load l2tp_vpn
l2tp_vpn:
set ippool add pool1 192.168.0.42 192.168.0.45
create bundle template B1
set iface enable tcpmssfix
set iface idle 1800
set ipcp ranges 192.168.0.40/32 ippool pool1
set ipcp dns 192.168.0.20
set ipcp enable vjcomp
set bundle enable compression
create link template L1 l2tp
set l2tp self 0.0.0.0
# set l2tp hostname <l2tp server fqdn>
set l2tp secret <secret>
set l2tp disable outcall
# set l2tp enable hidden
set link action bundle B1
set link no pap chap eap
set link yes pap chap
set link enable multilink
set link mtu 1460
set link enable acfcomp protocomp
set link enable incoming
# set radius server
This is for mpd5, though mpd4 fails similarly as well. Obviously the
config is adjusted accordingly, and I have seen one of each in examples
found on google. I've gone for a simple as possible to help debug this.
mpd.log:
Mar 15 23:15:14 bell mpd: Multi-link PPP daemon for FreeBSD
Mar 15 23:15:14 bell mpd:
Mar 15 23:15:14 bell mpd: process 2762 started, version 5.5
(root@bell.herveybayaustralia.com.au 10:40 7-Mar-2011)
Mar 15 23:15:14 bell mpd: web: listening on 0.0.0.0 5006
Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ MsgEvent()
at msg.c:72
Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ MsgEvent()
done at msg.c:72
Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ
L2tpServerEvent() at l2tp.c:1636
Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ
L2tpServerEvent() done at l2tp.c:1636
Mar 15 23:15:14 bell mpd: L2TP: waiting for connection on 0.0.0.0 1701
Mar 15 23:15:14 bell mpd: EVENT: Processing event EVENT_TIMEOUT
ConfigRead() done
Mar 15 23:15:36 bell mpd: EVENT: Processing event EVENT_READ
L2tpServerEvent()
Mar 15 23:15:36 bell mpd: Incoming L2TP packet from 192.168.0.200 47973
Mar 15 23:15:36 bell mpd: L2TP: ppp_l2tp_ctrl_create invoked
Mar 15 23:15:36 bell mpd: L2TP: Control connection 0x286f3d08 0.0.0.0
1701 <-> 192.168.0.200 47973 accepted
Mar 15 23:15:36 bell mpd: EVENT: Processing event EVENT_READ
L2tpServerEvent() done
Mar 15 23:15:36 bell mpd: L2TP: RECV [MESSAGE_TYPE SCCRQ]
[PROTOCOL_VERSION 1.0] [HOST_NAME "anonymous"] [FRAMING_CAPABILITIES
sync=1 async=1] [ASSIGNED_TUNNEL_ID 0x0d78] [RECEIVE_WINDOW_SIZE 1]
[CHALLENGE
c819a7182517daa2a777da6a7e7e581712745f00e3c707a3f381fb3561faa56e]
Mar 15 23:15:36 bell mpd: L2TP: rec'd SCCRQ in state idle
Mar 15 23:15:36 bell mpd: L2TP: connected to "anonymous", version=1.0
Mar 15 23:15:36 bell mpd: L2TP: XMIT [MESSAGE_TYPE SCCRP] [HOST_NAME
"bell.herveybayaustralia.com.au"] [VENDOR_NAME "FreeBSD MPD"]
[BEARER_CAPABILITIES digital=1 analog=1] [RECEIVE_WINDOW_SIZE 8]
[PROTOCOL_VERSION 1.0] [FRAMING_CAPABILITIES sync=1 async=1]
[ASSIGNED_TUNNEL_ID 0x7008] [CHALLENGE 481df3c95b9e9579adf0cae17d58e680]
[CHALLENGE_RESPONSE d6f82bd055e8479f6e8dbe943a5b11c0]
Mar 15 23:15:43 bell mpd: L2TP: RECV [MESSAGE_TYPE SCCCN]
Mar 15 23:15:43 bell mpd: L2TP: rec'd SCCCN in state wait-ctl-conn
Mar 15 23:15:43 bell mpd: L2TP: SCCRP lacks challenge response
Mar 15 23:15:43 bell mpd: L2TP: XMIT [MESSAGE_TYPE StopCCN]
[ASSIGNED_TUNNEL_ID 0x7008] [RESULT_CODE result=4 error=0 errmsg=""]
Mar 15 23:15:43 bell mpd: L2TP: Control connection 0x286f3d08 0.0.0.0
1701 <-> 192.168.0.200 47973 connected
Mar 15 23:15:43 bell mpd: L2TP: Control connection 0x286f3d08
terminated: 0 ()
Mar 15 23:15:43 bell mpd: ASSERT "ctrl->state == CS_DYING" failed: file
"l2tp_ctrl.c", line 1426
Mar 15 23:15:43 bell mpd: fatal error, exiting
Mar 15 23:15:43 bell mpd: [B1] Bundle: Shutdown
Mar 15 23:15:43 bell mpd: [L1] Link: Shutdown
Mar 15 23:15:43 bell mpd: L2TP: stop waiting for connection on 0.0.0.0 1701
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
L2tpServerEvent() at l2tp.c:1671
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
L2tpServerEvent() done at l2tp.c:1671
Mar 15 23:15:43 bell mpd: PPTP: Total shutdown
Mar 15 23:15:43 bell mpd: L2TP: Total shutdown
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
EcpNgDataEvent() at ecp.c:193
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
EcpNgDataEvent() done at ecp.c:193
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
CcpNgCtrlEvent() at ccp.c:190
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
CcpNgCtrlEvent() done at ccp.c:190
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
CcpNgDataEvent() at ccp.c:193
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
CcpNgDataEvent() done at ccp.c:193
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
LinkNgDataEvent() at link.c:182
Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ
LinkNgDataEvent() done at link.c:182
Mar 15 23:15:43 bell mpd: process 2762 terminated
ngctl list:
There are 4 total nodes:
Name: mpd4493-cso Type: socket ID: 00000048 Num hooks: 0
Name: mpd4493-eso Type: socket ID: 00000049 Num hooks: 0
Name: mpd4493-lso Type: socket ID: 00000047 Num hooks: 0
Name: ngctl4494 Type: socket ID: 0000004a Num hooks: 0
I will note here though that I can get ng_l2tp in that list and a hook
between two parts, but the rest are 0. I just don't always get it... :(
The result remains exactly the same though.
Accessing the web console it shows the l2tp link and the bundle on
separate lines.
I also had an unscheduled reboot (power failure) and that showed up a
warning: "attempt to domain_add(netgraph) after domainfinalize()" which
I could never quite figure was fatal or not.
I'll also note here that I've tried both public internet and connecting
on the local net- these logs are from a local net connection (but that
should be obvious looking at the logs).
I've read and googled as much as I can in my free time working on this,
trying my foo on the errors quoted, abstract concepts- nothing. Or at
least the answers are only in russian- and my russian isn't all that
good :P I didn't jump on the list straight up due to lack of time to
respond and I wanted to crack it myself anyway. I'd still like to, but
I'm going to have to be a like a little kid crossing a road and hold
someone's hand :) In other words, a point in the right direction may be
enough to get me going.
Incidentally, I've read up on netgraph and how to use and create nodes-
I'm not familiar with it, but I've studied the docs- but I don't quite
know how mpd relates to it. I notice that it creates the ng nodes using
the config, but is line by line? Semi-intelligent?
It appears the control connection is setup and then fails for some
inexplicable reason. The client (android) logs show the same, but it is
definitely the server that kills the connection. Anything I've missed?
A few things stood out to me (confirmed from -questions@) is the
challenge response section in the logs, the mpd assertion failure
because of this; and I couldn't find much on the result codes and their
meaning. I've noticed variations of 4 and 6 here.
If I need to post anything else let me know. Links would be _very_ much
appreciated- I'd really like to research this thoroughly myself, but the
info can be hard to find at times.
Cheers
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D8164CA.80501>