On Mon, Mar 30, 2020 at 12:47:13PM +0200, Marko Cupać wrote: > On Sat, 28 Mar 2020 01:46:41 +0300 > Vitaliy Makkoveev <henscheltig...@yahoo.com> wrote: > > > Can you try latest snapshot? > > Unfortunately, the box that runs npppd is the most important machine on > my network (GRE/IPsec hub for multiple branch offices), I can't take the > risk. > > > Can you share your npppd.conf? > > Below, I have redacted sensitive information. Perhaps it is worth > mentioning that npppd listens on IP address of CARP interface. > > ---npppd.conf.start--- > # GLOBAL > set max-session 200 > set user-max-session 1 > > # TUNNEL > tunnel EXAMPLEORG protocol pptp { > listen on IP.ADD.RE.SS > pptp-hostname vpn.example.org > pptp-vendor-name "openbsd-npppd" > ingress-filter yes > pipex no > mppe required > mppe-key-length 128 > mppe-key-state stateless > idle-timeout 1800 > } > > # IPCP > ipcp KAPPASTAR { > pool-address "IP.ADD.RE.SS/24" > dns-servers IP.ADD.RE.SS > allow-user-selected-address no > } > > # INTERFACE > interface tun1 address IP.ADD.RE.SS ipcp EXAMPLEORG > > # AUTHENTICATION > authentication RADIUS type radius { > strip-nt-domain yes > strip-atmark-realm yes > authentication-server { > address IP.ADD.RE.SS secret "ThisIsNotRealPassword" > } > accounting-server { > address IP.ADD.RE.SS secret "ThisIsNotRealPassword" > } > } > > bind tunnel from EXAMPLEORG authenticated by RADIUS to tun1 > ---npppd.conf.end--- > > Thank you in advance for looking into it. > -- > Before enlightenment - chop wood, draw water. > After enlightenment - chop wood, draw water. > > Marko Cupać > https://www.mimar.rs/ >
You have pipex(4) disabled. Is it still hangs with disabled pipex(4)? As I discovered (https://marc.info/?t=158529976800001&r=1&w=2), npppd with pipex(4) enabled and non-NULL "idle-timeout" option will crash kernel. You can disable this option in yout npppd.conf an reenable pipex(4). Looks like crashes should gone.