Re: PPPoE vlan issue 6.4
To follow up in case anyone has similar issues in the future I have now got this working. It appears I had several issues. 1) ISP documentation stating to use VLAN2 This appears to be incorrect for my ISP. I had vlan2 set up on my DD-WRT router, when doing a TCP dump on the router I could see PPPoE traffic over vlan2 however when I plugged the router into another machine to tcpdump on the other end the VLAN was being stripped. This was what initially was misleading me. Disabling vlan2 on my setup for PPPoE resolved the issue where I was not getting any PADO responses from the PADI packets. 2) No IPv6 configured on the PPPoE interface During the PPPoE negotiation, my ISP sends an IPv6 address. This causes the PPP implementation to try and open an IPv6 interface which does not exist: "pppoe0: ipv6cp_open(): no IPv6 interface". This then results in OpenBSD sending a disconnect packet "pppoe0: lcp close(opened)" which then cancels the whole PPPoE initialization as the remote receives a disconnect. I've only read the PPPoE spec enough to debug my issue but I'm not sure a disconnect should be sent at this stage anyway as it prevents getting to the IPv4 address negotiation. To resolve the no IPv6 "ipv6cp_open(): no IPv6 interface" issue I needed to add an IPv6 statement to my /etc/hostname.pppoe0 file 3) IPv4 address not agreed error "ipcp parse opt values: address 10.20.21.253 [not agreed] send conf-nak" This looked strange, in my PPPoE config I had "inet 0.0.0.0 255.255.255.255" which means the interface should accept any address given. I then tried looking at the "sys/net/if_pppoe.c" and tracing back from there. Eventually, I discovered I had a subtle config issue in my /etc/hostname.pppoe file, mtu and llprio where on new lines: inet 0.0.0.0 255.255.255.255 NONE \ pppoedev em0 authproto pap \ authname 'username' authkey 'password' mtu 1492 llprio 1 dest 0.0.0.1 inet6 eui64 !/sbin/route add default -ifp pppoe0 0.0.0.1 !/sbin/route add ::/0 -ifp pppoe0 fe80::%pppoe0 Changing to the below resolved the issue: inet 0.0.0.0 255.255.255.255 NONE mtu 1492 llprio 1 \ pppoedev em0 authproto pap \ authname 'username' authkey 'password' dest 0.0.0.1 inet6 eui64 !/sbin/route add default -ifp pppoe0 0.0.0.1 !/sbin/route add ::/0 -ifp pppoe0 fe80::%pppoe0 Finally I had an active PPPoE connection. Hope this helps anyone in the future. -- Adam Evans On Sun, 10 Feb 2019, at 16:51, Adam Evans wrote: > Some more debugging, a lot further but still no success. > > I attached the DD-WRT modem directly to a computer to capture the PADI > packets. > > Capturing from the DD-WRT modem directly, PADI packets look like the below: > > 22:15:54.329145 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype > 802.1Q (0x8100), length 36: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI > [Service-Name] [Host-Uniq 0xEE72] > 0x: 0002 8863 1109 000c 0101 > 0103 ...c > 0x0010: 0004 ee72 ...r.. > > > On the other end of the wire at the client the packets look like: > 12:13:05.995412 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype > PPPoE D (0x8863), length 60: PPPoE PADI [Service-Name] [Host-Uniq > 0x622A] > 0x: 1109 000c 0101 0103 0004 622a ..b* > 0x0010: > 0x0020: 838c 7a4d zM > > 12:13:20.277749 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype > PPPoE D (0x8863), length 60: PPPoE PADI [Service-Name] [Host-Uniq > 0xF02A] > 0x: 1109 000c 0101 0103 0004 f02a ...* > 0x0010: > 0x0020: e929 b08f ...).. > > From the above it looks like the PPPoE Discovery is not done over the > vlan as it get's stripped. > > I updated the /etc/hostname.pppoe0 config to change pppodev from vlan2 > to em0. I then plugged the device in to the bridged modem and brought up > the PPPoE interface which returned the below. I do not have IPv6 setup > in my PPPoE config so it looks like the remote tries to send me a IPv6 > packet which causes OpenBSD to send a terminate session response. > > # ifconfig pppoe0 up > Feb 10 13:18:48 foo /bsd: pppoe0: lcp close(initial) > Feb 10 13:18:48 foo /bsd: pppoe0: lcp open(initial) > Feb 10 13:18:48 foo /bsd: pppoe0: lcp initial->starting > Feb 10 13:18:48 foo /bsd: pppoe0: phase establish > Feb 10 13:18:48 foo /bsd: pppoe0 (8863) state=1, session=0x0 output -> > ff:ff:ff:ff:ff:ff, len=18 > Feb 10 13:18:48 foo /bsd: pppoe0 (8863) state=2, session=0x0 output -> > 78:da:6e:de:db:d4, len=38 > Feb 10 13:18:48 foo /bsd: pppoe0: received unexpected PADO > Feb 10 13:18:48 foo last message repeated 10 times > Feb 10 13:18:48 foo /bsd: pppoe0: session 0xe84d connected > Feb 10 13:18:48 foo /bsd:
Re: PPPoE vlan issue 6.4
On 11.02.19 04:53, David Gwynne wrote: > Hi Adam, > > It sounds like you're on an ISP with very similar requirements to me. The > exec summary of what my ISP wants is pppoe on vlan2, with the vlan priority > forced to a single value. > > Our (OpenBSD's) understanding of the priority field in VLAN headers is that > it uses 802.1p for the fields value. 802.1p says that priories 0 and 1 are > swapped on the wire, and we use that consistently in the system, ie, the > priority you see in tcpdump on a vlan interface is the same as what you > configure for the priority value there, and visa versa. Everyone else seems > to think 0 is 0 and 1 is 1, which can be confusing. > > My ISP wants priority 0 on the wire, which means 1 in OpenBSD. > > I'm using an APU1, so I have re interfaces instead of em. I have re0 going to > the ISP, and re1 is my internal network. > > hostname.re0: > up > > hostname.vlan2: > vnetid 2 > parent re0 > link0 llprio 1 > up > > hostname.pppoe0: > == pppoe0 == > inet 0.0.0.0 255.255.255.255 0.0.0.1 > pppoedev vlan2 > authproto pap > authname 'dlg@the_isp' authkey 'secret' > group external > !/sbin/route add default -ifp pppoe0 0.0.0.1 > up > > hostname.re1: > inet 192.168.1.1/24 > Absolutely the same for me. Just a small addition, I also have the following in my /etc/pf.conf match on pppoe0 set prio 1 Works like a charm :-) -- Unix _IS_ user friendly - it's just selective about who its friends are!
Re: PPPoE vlan issue 6.4
Hi Adam, It sounds like you're on an ISP with very similar requirements to me. The exec summary of what my ISP wants is pppoe on vlan2, with the vlan priority forced to a single value. Our (OpenBSD's) understanding of the priority field in VLAN headers is that it uses 802.1p for the fields value. 802.1p says that priories 0 and 1 are swapped on the wire, and we use that consistently in the system, ie, the priority you see in tcpdump on a vlan interface is the same as what you configure for the priority value there, and visa versa. Everyone else seems to think 0 is 0 and 1 is 1, which can be confusing. My ISP wants priority 0 on the wire, which means 1 in OpenBSD. I'm using an APU1, so I have re interfaces instead of em. I have re0 going to the ISP, and re1 is my internal network. hostname.re0: up hostname.vlan2: vnetid 2 parent re0 link0 llprio 1 up hostname.pppoe0: == pppoe0 == inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev vlan2 authproto pap authname 'dlg@the_isp' authkey 'secret' group external !/sbin/route add default -ifp pppoe0 0.0.0.1 up hostname.re1: inet 192.168.1.1/24 In OpenBSD 6.5 the syntax for priority on vlan frames is different. Instead of "link0" and "llprio 1" you just set "txprio 1". While figuring this stuff out I used the APU as a bridge between the ISP supplied router and the modem. Hope this helps. dlg > On 10 Feb 2019, at 15:51, Adam Evans wrote: > > Some more debugging, a lot further but still no success. > > I attached the DD-WRT modem directly to a computer to capture the PADI > packets. > > Capturing from the DD-WRT modem directly, PADI packets look like the below: > > 22:15:54.329145 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype 802.1Q > (0x8100), length 36: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI > [Service-Name] [Host-Uniq 0xEE72] >0x: 0002 8863 1109 000c 0101 0103 ...c >0x0010: 0004 ee72 ...r.. > > > On the other end of the wire at the client the packets look like: > 12:13:05.995412 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype PPPoE > D (0x8863), length 60: PPPoE PADI [Service-Name] [Host-Uniq 0x622A] > 0x: 1109 000c 0101 0103 0004 622a ..b* > 0x0010: > 0x0020: 838c 7a4d zM > > 12:13:20.277749 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype PPPoE > D (0x8863), length 60: PPPoE PADI [Service-Name] [Host-Uniq 0xF02A] > 0x: 1109 000c 0101 0103 0004 f02a ...* > 0x0010: > 0x0020: e929 b08f ...).. > > From the above it looks like the PPPoE Discovery is not done over the vlan as > it get's stripped. > > I updated the /etc/hostname.pppoe0 config to change pppodev from vlan2 to > em0. I then plugged the device in to the bridged modem and brought up the > PPPoE interface which returned the below. I do not have IPv6 setup in my > PPPoE config so it looks like the remote tries to send me a IPv6 packet which > causes OpenBSD to send a terminate session response. > > # ifconfig pppoe0 up > Feb 10 13:18:48 foo /bsd: pppoe0: lcp close(initial) > Feb 10 13:18:48 foo /bsd: pppoe0: lcp open(initial) > Feb 10 13:18:48 foo /bsd: pppoe0: lcp initial->starting > Feb 10 13:18:48 foo /bsd: pppoe0: phase establish > Feb 10 13:18:48 foo /bsd: pppoe0 (8863) state=1, session=0x0 output -> > ff:ff:ff:ff:ff:ff, len=18 > Feb 10 13:18:48 foo /bsd: pppoe0 (8863) state=2, session=0x0 output -> > 78:da:6e:de:db:d4, len=38 > Feb 10 13:18:48 foo /bsd: pppoe0: received unexpected PADO > Feb 10 13:18:48 foo last message repeated 10 times > Feb 10 13:18:48 foo /bsd: pppoe0: session 0xe84d connected > Feb 10 13:18:48 foo /bsd: pppoe0: lcp up(starting) > Feb 10 13:18:48 foo /bsd: pppoe0: lcp starting->req-sent > Feb 10 13:18:48 foo /bsd: pppoe0: lcp output 05-06-0f-4a-92-53-01-04-05-d4> > Feb 10 13:18:48 foo /bsd: pppoe0 (8864) state=3, session=0xe84d output -> > 78:da:6e:de:db:d4, len=22 > Feb 10 13:18:48 foo /bsd: pppoe0: lcp input(req-sent): len=18 > 01-04-05-d4-03-04-c0-23-05-06-b1-df-b5-ab-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00> > Feb 10 13:18:48 foo /bsd: pppoe0: lcp parse opts: mru auth-proto magic > Feb 10 13:18:48 foo /bsd: pppoe0: lcp parse opt values: mru 1492 auth-proto > magic 0xb1dfb5ab send conf-ack > Feb 10 13:18:48 foo /bsd: pppoe0: lcp output 01-04-05-d4-03-04-c0-23-05-06-b1-df-b5-ab> > Feb 10 13:18:48 foo /bsd: pppoe0 (8864) state=3, session=0xe84d output -> > 78:da:6e:de:db:d4, len=26 > Feb 10 13:18:48 foo /bsd: pppoe0: lcp req-sent->ack-sent > Feb 10 13:18:48 foo /bsd: pppoe0: lcp input(ack-sent): len=14 > 05-06-0f-4a-92-53-01-04-05-d4-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00> > Feb
Re: PPPoE vlan issue 6.4
On 2/10/19 4:51 PM, Adam Evans wrote: > When I do a 'route show' with PPPoE established it hangs with no output, > disabling PPPoE 'route show' displays output. Maybe this goes without saying, but you probably should be using 'route -n show' (or 'netstat -nr') to avoid getting stuck on DNS lookups. hth
Re: PPPoE vlan issue 6.4
Some more debugging, a lot further but still no success. I attached the DD-WRT modem directly to a computer to capture the PADI packets. Capturing from the DD-WRT modem directly, PADI packets look like the below: 22:15:54.329145 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 36: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xEE72] 0x: 0002 8863 1109 000c 0101 0103 ...c 0x0010: 0004 ee72 ...r.. On the other end of the wire at the client the packets look like: 12:13:05.995412 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype PPPoE D (0x8863), length 60: PPPoE PADI [Service-Name] [Host-Uniq 0x622A] 0x: 1109 000c 0101 0103 0004 622a ..b* 0x0010: 0x0020: 838c 7a4d zM 12:13:20.277749 a0:63:91:47:81:07 (oui Unknown) > Broadcast, ethertype PPPoE D (0x8863), length 60: PPPoE PADI [Service-Name] [Host-Uniq 0xF02A] 0x: 1109 000c 0101 0103 0004 f02a ...* 0x0010: 0x0020: e929 b08f ...).. >From the above it looks like the PPPoE Discovery is not done over the vlan as >it get's stripped. I updated the /etc/hostname.pppoe0 config to change pppodev from vlan2 to em0. I then plugged the device in to the bridged modem and brought up the PPPoE interface which returned the below. I do not have IPv6 setup in my PPPoE config so it looks like the remote tries to send me a IPv6 packet which causes OpenBSD to send a terminate session response. # ifconfig pppoe0 up Feb 10 13:18:48 foo /bsd: pppoe0: lcp close(initial) Feb 10 13:18:48 foo /bsd: pppoe0: lcp open(initial) Feb 10 13:18:48 foo /bsd: pppoe0: lcp initial->starting Feb 10 13:18:48 foo /bsd: pppoe0: phase establish Feb 10 13:18:48 foo /bsd: pppoe0 (8863) state=1, session=0x0 output -> ff:ff:ff:ff:ff:ff, len=18 Feb 10 13:18:48 foo /bsd: pppoe0 (8863) state=2, session=0x0 output -> 78:da:6e:de:db:d4, len=38 Feb 10 13:18:48 foo /bsd: pppoe0: received unexpected PADO Feb 10 13:18:48 foo last message repeated 10 times Feb 10 13:18:48 foo /bsd: pppoe0: session 0xe84d connected Feb 10 13:18:48 foo /bsd: pppoe0: lcp up(starting) Feb 10 13:18:48 foo /bsd: pppoe0: lcp starting->req-sent Feb 10 13:18:48 foo /bsd: pppoe0: lcp output Feb 10 13:18:48 foo /bsd: pppoe0 (8864) state=3, session=0xe84d output -> 78:da:6e:de:db:d4, len=22 Feb 10 13:18:48 foo /bsd: pppoe0: lcp input(req-sent): Feb 10 13:18:48 foo /bsd: pppoe0: lcp parse opts: mru auth-proto magic Feb 10 13:18:48 foo /bsd: pppoe0: lcp parse opt values: mru 1492 auth-proto magic 0xb1dfb5ab send conf-ack Feb 10 13:18:48 foo /bsd: pppoe0: lcp output Feb 10 13:18:48 foo /bsd: pppoe0 (8864) state=3, session=0xe84d output -> 78:da:6e:de:db:d4, len=26 Feb 10 13:18:48 foo /bsd: pppoe0: lcp req-sent->ack-sent Feb 10 13:18:48 foo /bsd: pppoe0: lcp input(ack-sent): Feb 10 13:18:48 foo /bsd: pppoe0: lcp ack-sent->opened Feb 10 13:18:48 foo /bsd: pppoe0: lcp tlu Feb 10 13:18:48 foo /bsd: pppoe0: phase authenticate Feb 10 13:18:48 foo /bsd: pppoe0: pap output Feb 10 13:18:48 foo /bsd: pppoe0 (8864) state=3, session=0xe84d output -> 78:da:6e:de:db:d4, len=37 Feb 10 13:18:48 foo /bsd: pppoe0: pap success Feb 10 13:18:48 foo /bsd: pppoe0: phase network Feb 10 13:18:48 foo /bsd: pppoe0: ipcp open(starting) Feb 10 13:18:48 foo /bsd: pppoe0: ipv6cp_open(): no IPv6 interface Feb 10 13:18:48 foo /bsd: pppoe0: lcp close(opened) Feb 10 13:18:48 foo /bsd: pppoe0: lcp opened->closing Feb 10 13:18:48 foo /bsd: pppoe0: lcp output Feb 10 13:18:48 foo /bsd: pppoe0 (8864) state=3, session=0xe84d output -> 78:da:6e:de:db:d4, len=12 Feb 10 13:18:48 foo /bsd: pppoe0: phase terminate Feb 10 13:18:48 foo /bsd: pppoe0: lcp input(closing): Feb 10 13:18:48 foo /bsd: pppoe0: lcp closing->closed Feb 10 13:18:48 foo /bsd: pppoe0: phase dead Feb 10 13:18:48 foo /bsd: pppoe0: timeout Feb 10 13:18:48 foo /bsd: pppoe0: disconnecting Feb 10 13:18:48 foo /bsd: pppoe0: lcp down(closed) Feb 10 13:18:48 foo /bsd: pppoe0: lcp closed->initial Feb 10 13:18:48 foo /bsd: pppoe0: Down event (carrier loss), taking interface down. Looking at the below packet dump it looks to go through the PPPoE doing auth etc but then terminates at the end. 12:47:39.116857 a0:63:91:47:81:07 Broadcast 8863 32: PPPoE-Discovery code Initiation, version 1, type 1, id 0x, length 12 tag Service-Name, length 0 tag Host-Uniq, length 4 M\014\216| : a063 9147 8107 8863 1109 ...c.G...c.. 0010: 000c 0101 0103 0004 4d0c 8e7c M..| 12:47:39.123577 a4:6c:2a:25:7d:d4 a0:63:91:47:81:07 8863 99: PPPoE-Discovery code Offer, version 1, type 1, id 0x,
Re: PPPoE vlan issue 6.4
Sorry, a copy and paste error Below is the ifconfig -A output, note I've updated llprio to 1 on the vlan which now looks to send down the wire as prio=0 when testing on a client. Ref: http://openbsd-archive.7691.n7.nabble.com/use-link0-on-vlan-4-to-force-the-vlan-priority-to-llprio-td339390.html. With llprio=1 on the pppoe0 device I get the below OpenBSD: 22:10:52.275405 00:0d:b9:4f:74:98 Broadcast 8100 36: 802.1Q vid 2 pri 1 PPPoE-Discovery code Initiation, version 1, type 1, id 0x, length 12 tag Service-Name, length 0 tag Host-Uniq, length 4 \307\270\216T : 000d b94f 7498 8100 0002 .Ot. 0010: 8863 1109 000c 0101 0103 0004 .c.. 0020: c7b8 8e54...T Imac client: 22:00:24.885745 00:0d:b9:4f:74:98 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 60: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xC7B88E54] 0x: 1109 000c 0101 0103 0004 c7b8 0x0010: 8e54 .T.. 0x0020: .. In the morning I'll try doing a packet capture on the DD-WRT device that works plugged in to another machine to grab it's PADI packets. Ifconfig (note ethernet cable unpluged on em0 at the time): lo0: flags=8049 mtu 32768 index 5 priority 0 llprio 3 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff00 em0: flags=8843 mtu 1500 lladdr 00:0d:b9:4f:74:98 index 1 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier em1: flags=8802 mtu 1500 lladdr 00:0d:b9:4f:74:99 index 2 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier em2: flags=8843 mtu 1500 lladdr 00:0d:b9:4f:74:9a index 3 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier enc0: flags=0<> index 4 priority 0 llprio 3 groups: enc status: active pppoe0: flags=8851 mtu 1492 index 6 priority 0 llprio 1 dev: vlan2 state: PADI sent sid: 0x0 PADI retries: 33 PADR retries: 0 sppp: phase establish authproto pap authname "redacted" groups: pppoe egress status: no carrier inet 0.0.0.1 --> 0.0.0.0 netmask 0xff00 vlan2: flags=8843 mtu 1500 lladdr 00:0d:b9:4f:74:98 index 7 priority 0 llprio 1 encap: vnetid 2 parent em0 groups: vlan media: Ethernet autoselect (none) status: no carrier pflog0: flags=141 mtu 33136 index 8 priority 0 llprio 3 groups: pflog -- Adam Evans On Sat, 9 Feb 2019, at 21:35, Sebastien Marie wrote: > On Sat, Feb 09, 2019 at 05:51:27PM +1100, Adam Evans wrote: > > Hi, i'm trying to set up an OpenBSD router (6.4) on a PcEngines APU2D4 with > > Intel i210AT nics however I am having difficulties with PPPoE. I can see > > the discovery PADI packets going out using tcpdump but do not see any PADO > > response so PPPoE times out and retries sending the PADI packets. > > > > More confusing is my Netgear R7000 running DD-WRT that I want to replace > > with the APU handles PPPoE just fine and bizarrely the PADI packets look > > the same however the packets from OpenBSD don't get a response but the > > R7000 does. > > > > > > If config output: > > the ifconfig output is a bit odd. > > > lo0: flags=8049 mtu 32768 > > index 5 priority 0 llprio 3 > > groups: lo > > inet6 ::1 prefixlen 128 > > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 > > inet 127.0.0.1 netmask 0xff00 > > em0: flags=8843 mtu 1492 > > lladdr 00:0d:b9:4f:74:98 > > index 1 priority 0 llprio 3 > > media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) > > status: active > > em1: flags=8802 mtu 1500 > > lladdr 00:0d:b9:4f:74:99 > > index 2 priority 0 llprio 3 > > media: Ethernet autoselect (none) > > status: no carrier > > em1: flags=8802 mtu 1500 > > lladdr 00:0d:b9:4f:74:99 > > index 2 priority 0 llprio 3 > > media: Ethernet autoselect (none) > > status: no carrier > > em1 is listed twice > > > em2: flags=8843 mtu 1500 > > lladdr 00:0d:b9:4f:74:9a > > index 3 priority 0 llprio 3 > > groups: egress > > media: Ethernet autoselect (none) > > status: no carrier > > inet 192.168.2.103 netmask 0xff00 broadcast 192.168.2.255 > > enc0: flags=0<> > > index 4 priority 0 llprio 3 > > groups: enc > > status: active > > pflog0: flags=141 mtu 33136 > > index 6 priority 0 llprio 3 > > groups: pflog > > pppoe0: flags=8851 mtu 1492 > > index 7 priority 0 llprio
Re: PPPoE vlan issue 6.4
Thanks for the suggestion of plugging it into another machine to do a packet dump. There's a miss-match on the priority from what OpenBSD is reporting to what the client sees on the other end. OpenBSD priority=0, client has priority=1. OpenBSD: 21:01:37.959968 00:0d:b9:4f:74:98 Broadcast 8100 36: 802.1Q vid 2 pri 0 PPPoE-Discovery code Initiation, version 1, type 1, id 0x, length 12 tag Service-Name, length 0 tag Host-Uniq, length 4 \215\205\320] : 000d b94f 7498 8100 2002 .Ot... . 0010: 8863 1109 000c 0101 0103 0004 .c.. 0020: 8d85 d05d...] On the client (IMac) 21:01:40.169419 00:0d:b9:4f:74:98 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 60: vlan 2, p 1, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0x8D85D05D] 0x: 1109 000c 0101 0103 0004 8d85 0x0010: d05d .].. 0x0020: .. This looks to be wrong? The client (directly connected imac) should not be seeing a priority of 1? It's strange on the OpenBSD side it has a priority of one on the packet dump unless it's modified further along? Also I'm not sure where what looks to be padding comes from, if that is on the openbsd side or the mac side? This is my first time using OpenBSD but looking through the changelogs the llprio set on the interface should be correctly setting the priority? The tcpdump on the OpenBSD side looks to support that. Re the modem, I have a ISP provided modem which is locked down like ISP's do so I do not have access to set vlans on that manually. I have been using it in bridge mode with DD-WRT for about 2 years and DD-WRT had the WAN port set to vlan 2. -- Adam Evans On Sat, 9 Feb 2019, at 20:33, Stuart Henderson wrote: > On 2019-02-09, Adam Evans wrote: > > Hi, i'm trying to set up an OpenBSD router (6.4) on a PcEngines APU2D4 with > > Intel i210AT nics however I am having difficulties with PPPoE. I can see > > the discovery PADI packets going out using tcpdump but do not see any PADO > > response so PPPoE times out and retries sending the PADI packets. > > > > More confusing is my Netgear R7000 running DD-WRT that I want to replace > > with the APU handles PPPoE just fine and bizarrely the PADI packets look > > the same however the packets from OpenBSD don't get a response but the > > R7000 does. > > > > Using tcpdump the PADI message form OpenBSD looks like below: > > > > 15:21:47.340929 a0:63:91:47:81:07 ff:ff:ff:ff:ff:ff 8100 36: 802.1Q vid > > 2 pri 0 PPPoE-Discovery > > code Initiation, version 1, type 1, id 0x, length 12 > > tag Service-Name, length 0 > > tag Host-Uniq, length 4 \210\352\235\232 > > > > From the router running DD-WRT we can see the PADI packet followed by the > > response PADO: > > > > 01:14:57.164338 a0:63:91:47:81:07 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q > > (0x8100), length 36: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI > > [Service-Name] [Host-Uniq 0x5544] > > > > 01:14:57.171736 78:da:6e:de:df:d4 > a0:63:91:47:81:07, ethertype 802.1Q > > (0x8100), length 103: vlan 2, p 0, ethertype PPPoE D, PPPoE PADO > > [Vendor-Specific "..AVC30861999"] [Service-Name] [Host-Uniq > > 0x5544] [AC-Name "syd-gls-har-bras24"] [AC-Cookie "po.N?f'..D27"] > > > > To me, the PADI packets look the same, I even spoofed the MAC on the > > OpenBSD box so it looks like the DD-WRT router although this shouldn't be > > necessary I just wanted to verify. > > Can you get a more complete dump? (e.g. tcpdump -s1500 -X -e -i em0/eth0) > > Can you get a dump of the PADI from another machine plugged into em0 to check > that it actually makes it onto the wire with the expected tag/prio?? > > > em0: flags=8843 mtu 1492 > > I don't expect it to make a difference this early in the negotiation but > em0 should be mtu 1500, you'll run into problems later with 1492. > > FWIW normally I do the vlan handling in the modem rather than on the router > and pppoe setup is usually straightforward, though it should work either way. > >
Re: PPPoE vlan issue 6.4
On Sat, Feb 09, 2019 at 05:51:27PM +1100, Adam Evans wrote: > Hi, i'm trying to set up an OpenBSD router (6.4) on a PcEngines APU2D4 with > Intel i210AT nics however I am having difficulties with PPPoE. I can see the > discovery PADI packets going out using tcpdump but do not see any PADO > response so PPPoE times out and retries sending the PADI packets. > > More confusing is my Netgear R7000 running DD-WRT that I want to replace with > the APU handles PPPoE just fine and bizarrely the PADI packets look the same > however the packets from OpenBSD don't get a response but the R7000 does. > > > If config output: the ifconfig output is a bit odd. > lo0: flags=8049 mtu 32768 > index 5 priority 0 llprio 3 > groups: lo > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 > inet 127.0.0.1 netmask 0xff00 > em0: flags=8843 mtu 1492 > lladdr 00:0d:b9:4f:74:98 > index 1 priority 0 llprio 3 > media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) > status: active > em1: flags=8802 mtu 1500 > lladdr 00:0d:b9:4f:74:99 > index 2 priority 0 llprio 3 > media: Ethernet autoselect (none) > status: no carrier > em1: flags=8802 mtu 1500 > lladdr 00:0d:b9:4f:74:99 > index 2 priority 0 llprio 3 > media: Ethernet autoselect (none) > status: no carrier em1 is listed twice > em2: flags=8843 mtu 1500 > lladdr 00:0d:b9:4f:74:9a > index 3 priority 0 llprio 3 > groups: egress > media: Ethernet autoselect (none) > status: no carrier > inet 192.168.2.103 netmask 0xff00 broadcast 192.168.2.255 > enc0: flags=0<> > index 4 priority 0 llprio 3 > groups: enc > status: active > pflog0: flags=141 mtu 33136 > index 6 priority 0 llprio 3 > groups: pflog > pppoe0: flags=8851 mtu 1492 > index 7 priority 0 llprio 0 > dev: vlan2 state: PADI sent > sid: 0x0 PADI retries: 10 PADR retries: 0 > sppp: phase establish authproto pap authname "b8nfv2em" > groups: pppoe > status: no carrier > inet 0.0.0.1 --> 0.0.0.0 netmask 0xff00 > vlan2: flags=8843 mtu 1492 > lladdr 00:0d:b9:4f:74:98 > index 8 priority 0 llprio vlan2 isn't attached to anything: you should have a line like: encap: vnetid 2 parent em0 txprio packet > Config files: > ## /etc/hostname.em0: > mtu 1492 up > > > ## /etc/hostname.vlan2: > vnetid 2 parent em0 > llprio 0 > mtu 1492 > up the configuration file seems fine. > ## /etc/hostname.pppoe0: > inet 0.0.0.0 255.255.255.255 NONE \ >pppoedev vlan2 authproto pap \ >authname 'redacted' authkey 'redacted' up >mtu 1492 >llprio 0 >dest 0.0.0.1 >!/sbin/route add default -ifp pppoe0 0.0.0.1 so, could you check the configuration file of hostname.vlan2 is really applied on the running system ? else, could you send the whole output of ifconfig ? (but feel free to remove pppoe0 authentification information). thanks. -- Sebastien Marie
Re: PPPoE vlan issue 6.4
On 2019-02-09, Adam Evans wrote: > Hi, i'm trying to set up an OpenBSD router (6.4) on a PcEngines APU2D4 with > Intel i210AT nics however I am having difficulties with PPPoE. I can see the > discovery PADI packets going out using tcpdump but do not see any PADO > response so PPPoE times out and retries sending the PADI packets. > > More confusing is my Netgear R7000 running DD-WRT that I want to replace with > the APU handles PPPoE just fine and bizarrely the PADI packets look the same > however the packets from OpenBSD don't get a response but the R7000 does. > > Using tcpdump the PADI message form OpenBSD looks like below: > > 15:21:47.340929 a0:63:91:47:81:07 ff:ff:ff:ff:ff:ff 8100 36: 802.1Q vid 2 > pri 0 PPPoE-Discovery > code Initiation, version 1, type 1, id 0x, length 12 > tag Service-Name, length 0 > tag Host-Uniq, length 4 \210\352\235\232 > > From the router running DD-WRT we can see the PADI packet followed by the > response PADO: > > 01:14:57.164338 a0:63:91:47:81:07 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q > (0x8100), length 36: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI > [Service-Name] [Host-Uniq 0x5544] > > 01:14:57.171736 78:da:6e:de:df:d4 > a0:63:91:47:81:07, ethertype 802.1Q > (0x8100), length 103: vlan 2, p 0, ethertype PPPoE D, PPPoE PADO > [Vendor-Specific "..AVC30861999"] [Service-Name] [Host-Uniq > 0x5544] [AC-Name "syd-gls-har-bras24"] [AC-Cookie "po.N?f'..D27"] > > To me, the PADI packets look the same, I even spoofed the MAC on the OpenBSD > box so it looks like the DD-WRT router although this shouldn't be necessary I > just wanted to verify. Can you get a more complete dump? (e.g. tcpdump -s1500 -X -e -i em0/eth0) Can you get a dump of the PADI from another machine plugged into em0 to check that it actually makes it onto the wire with the expected tag/prio?? > em0: flags=8843 mtu 1492 I don't expect it to make a difference this early in the negotiation but em0 should be mtu 1500, you'll run into problems later with 1492. FWIW normally I do the vlan handling in the modem rather than on the router and pppoe setup is usually straightforward, though it should work either way.
PPPoE vlan issue 6.4
Hi, i'm trying to set up an OpenBSD router (6.4) on a PcEngines APU2D4 with Intel i210AT nics however I am having difficulties with PPPoE. I can see the discovery PADI packets going out using tcpdump but do not see any PADO response so PPPoE times out and retries sending the PADI packets. More confusing is my Netgear R7000 running DD-WRT that I want to replace with the APU handles PPPoE just fine and bizarrely the PADI packets look the same however the packets from OpenBSD don't get a response but the R7000 does. Using tcpdump the PADI message form OpenBSD looks like below: 15:21:47.340929 a0:63:91:47:81:07 ff:ff:ff:ff:ff:ff 8100 36: 802.1Q vid 2 pri 0 PPPoE-Discovery code Initiation, version 1, type 1, id 0x, length 12 tag Service-Name, length 0 tag Host-Uniq, length 4 \210\352\235\232 >From the router running DD-WRT we can see the PADI packet followed by the >response PADO: 01:14:57.164338 a0:63:91:47:81:07 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 2, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0x5544] 01:14:57.171736 78:da:6e:de:df:d4 > a0:63:91:47:81:07, ethertype 802.1Q (0x8100), length 103: vlan 2, p 0, ethertype PPPoE D, PPPoE PADO [Vendor-Specific "..AVC30861999"] [Service-Name] [Host-Uniq 0x5544] [AC-Name "syd-gls-har-bras24"] [AC-Cookie "po.N?f'..D27"] To me, the PADI packets look the same, I even spoofed the MAC on the OpenBSD box so it looks like the DD-WRT router although this shouldn't be necessary I just wanted to verify. Does anyone have any ideas? My ISP requires me to use vlan 2, the packets look like they are using vlan 2. I also set priority to 0 to match the dd-wrt router. I've also tried to disable pflog in case that was blocking ingress with no luck. I'm out of ideas as the egress PADI broadcasts look identical from both devices. Any help is appreciated. If config output: lo0: flags=8049 mtu 32768 index 5 priority 0 llprio 3 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff00 em0: flags=8843 mtu 1492 lladdr 00:0d:b9:4f:74:98 index 1 priority 0 llprio 3 media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause) status: active em1: flags=8802 mtu 1500 lladdr 00:0d:b9:4f:74:99 index 2 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier em1: flags=8802 mtu 1500 lladdr 00:0d:b9:4f:74:99 index 2 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier em2: flags=8843 mtu 1500 lladdr 00:0d:b9:4f:74:9a index 3 priority 0 llprio 3 groups: egress media: Ethernet autoselect (none) status: no carrier inet 192.168.2.103 netmask 0xff00 broadcast 192.168.2.255 enc0: flags=0<> index 4 priority 0 llprio 3 groups: enc status: active pflog0: flags=141 mtu 33136 index 6 priority 0 llprio 3 groups: pflog pppoe0: flags=8851 mtu 1492 index 7 priority 0 llprio 0 dev: vlan2 state: PADI sent sid: 0x0 PADI retries: 10 PADR retries: 0 sppp: phase establish authproto pap authname "b8nfv2em" groups: pppoe status: no carrier inet 0.0.0.1 --> 0.0.0.0 netmask 0xff00 vlan2: flags=8843 mtu 1492 lladdr 00:0d:b9:4f:74:98 index 8 priority 0 llprio Config files: ## /etc/hostname.em0: mtu 1492 up ## /etc/hostname.vlan2: vnetid 2 parent em0 llprio 0 mtu 1492 up ## /etc/hostname.pppoe0: inet 0.0.0.0 255.255.255.255 NONE \ pppoedev vlan2 authproto pap \ authname 'redacted' authkey 'redacted' up mtu 1492 llprio 0 dest 0.0.0.1 !/sbin/route add default -ifp pppoe0 0.0.0.1 -- Adam Evans
