Re: passing vlan priority tag through bridge
On 2011-08-21 23:33, Christiano F. Haesbaert wrote: > > I have a partial diff for this. > > Unfortunately I couldn't test so I'll need more time. > > The idea is to flag the incoming packet with a new flag M_VLANPRIO > which signals vlan(4) to not touch the vlanprio in vlan_start(). > > It's a proof-of-concept only, having something like this will probably > involve a lot of talk. > > Sorry my diff is not showable at this time. Wonderful. No stress. Thx, Peter
Re: passing vlan priority tag through bridge
On Fri, Aug 19, 2011 at 09:07:42AM +0200, Peter Hallin wrote: > Hello, > > I have a question. > > We use bridging firewalls at Lund University with different vlan tags on > respective sides of the bridges. The frames are therefore "retagged" > when passing through the bridge and unforunatley the priority flag gets > reset and always ends up as 0 on the other side. > > We would love to be able to let the priority flag pass the bridge and I > wonder if this could be possible in a not so distant future. > > In if_vlan.c, there is a comment regarding the prio flag: > > /* > * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. > * Might be extended some day to also handle IEEE 802.1p priority > * tagging. This is sort of sneaky in the implementation, since > * we need to pretend to be enough of an Ethernet implementation > * to make arp work. The way we do this is by telling everyone > * that we are an Ethernet, and then catch the packets that > * ether_output() left on our output queue when it calls > * if_start(), rewrite them for use by the real outgoing > * interface, > * and ask it to send them. > * > * Some devices support 802.1Q tag insertion in firmware. The > * vlan interface behavior changes when the > * IFCAP_VLAN_HWTAGGING > * capability is set on the parent. In this case, > * vlan_start() > * will not modify the ethernet header. > */ > I have a partial diff for this. Unfortunately I couldn't test so I'll need more time. The idea is to flag the incoming packet with a new flag M_VLANPRIO which signals vlan(4) to not touch the vlanprio in vlan_start(). It's a proof-of-concept only, having something like this will probably involve a lot of talk. Sorry my diff is not showable at this time.
Re: TOS option to tcpbench ala pf.conf
Hi, So here is the final version using -T with IPv6 with some points addressed by jmc@ in the manual. ok to commit ? Index: tcpbench.1 === RCS file: /cvs/src/usr.bin/tcpbench/tcpbench.1,v retrieving revision 1.12 diff -d -u -p -w -r1.12 tcpbench.1 --- tcpbench.1 16 Mar 2011 08:06:10 - 1.12 +++ tcpbench.1 21 Aug 2011 22:04:58 - @@ -31,6 +31,7 @@ .Op Fl p Ar port .Op Fl r Ar interval .Op Fl S Ar space +.Op Fl T Ar toskeyword .Op Fl V Ar rtable .Ar hostname .Nm @@ -41,6 +42,7 @@ .Op Fl k Ar kvars .Op Fl p Ar port .Op Fl r Ar interval +.Op Fl T Ar toskeyword .Op Fl S Ar space .Op Fl V Ar rtable .Ek @@ -105,6 +107,21 @@ connections. It defaults to using TCP if .Fl u is not specified. +.It Fl T Ar toskeyword +Change the IPv4 TOS or IPv6 TCLASS value. +.Ar toskeyword +may be one of +.Ar critical , +.Ar inetcontrol , +.Ar lowdelay , +.Ar netcontrol , +.Ar throughput , +.Ar reliability , +or one of the DiffServ Code Points: +.Ar ef , +.Ar af11 ... af43 , +.Ar cs0 ... cs7 ; +or a number in either hex or decimal. .It Fl u Use UDP instead of TCP; this must be specified on both the client and the server. Index: tcpbench.c === RCS file: /cvs/src/usr.bin/tcpbench/tcpbench.c,v retrieving revision 1.23 diff -d -u -p -w -r1.23 tcpbench.c --- tcpbench.c 20 Aug 2011 11:11:30 - 1.23 +++ tcpbench.c 21 Aug 2011 05:42:21 - @@ -65,6 +65,7 @@ struct { int Sflag;/* Socket buffer size (tcp mode) */ u_int rflag;/* Report rate (ms) */ int sflag;/* True if server */ + int Tflag;/* ToS if != -1 */ int vflag;/* Verbose */ int uflag;/* UDP mode */ kvm_t*kvmh; /* Kvm handler */ @@ -113,7 +114,7 @@ static void client_init(struct addrinfo static int clock_gettime_tv(clockid_t, struct timeval *); static voidudp_server_handle_sc(int, short, void *); static voidudp_process_slice(int, short, void *); - +static int map_tos(char *, int *); /* * We account the mainstats here, that is the stats * for all connections, all variables starting with slice @@ -173,9 +174,10 @@ usage(void) fprintf(stderr, "usage: tcpbench -l\n" " tcpbench [-uv] [-B buf] [-k kvars] [-n connections] [-p port]\n" - "[-r interval] [-S space] [-V rtable] hostname\n" + "[-r interval] [-S space] [-T toskeyword] [-V rtable]\n" + "hostname\n" " tcpbench -s [-uv] [-B buf] [-k kvars] [-p port]\n" - "[-r interval] [-S space] [-V rtable]\n"); + "[-r interval] [-S space] [-T toskeyword] [-V rtable]\n"); exit(1); } @@ -680,6 +682,16 @@ again: r |= O_NONBLOCK; if (fcntl(sock, F_SETFL, r) == -1) err(1, "fcntl(F_SETFL, O_NONBLOCK)"); + if (ptb->Tflag != -1 && ss.ss_family == AF_INET) { + if (setsockopt(sock, IPPROTO_IP, IP_TOS, + &ptb->Tflag, sizeof(ptb->Tflag))) + err(1, "setsockopt IP_TOS"); + } + if (ptb->Tflag != -1 && ss.ss_family == AF_INET6) { + if (setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, + &ptb->Tflag, sizeof(ptb->Tflag))) + err(1, "setsockopt IPV_TCLASS"); + } /* Alloc client structure and register reading callback */ if ((sc = calloc(1, sizeof(*sc))) == NULL) err(1, "calloc"); @@ -729,6 +741,16 @@ server_init(struct addrinfo *aitop, stru err(1, "setsockopt SO_RTABLE"); } } + if (ptb->Tflag != -1 && ai->ai_family == AF_INET) { + if (setsockopt(sock, IPPROTO_IP, IP_TOS, + &ptb->Tflag, sizeof(ptb->Tflag))) + err(1, "setsockopt IP_TOS"); + } + if (ptb->Tflag != -1 && ai->ai_family == AF_INET6) { + if (setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, + &ptb->Tflag, sizeof(ptb->Tflag))) + err(1, "setsockopt IPV_TCLASS"); + } if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1) warn("reuse port"); @@ -821,6 +843,16 @@ client_init(struct addrinfo *aitop, int warn("socket"); continue; } + if (ptb->Tflag != -1 && ai->ai_family == AF_INET) { + if (setsockopt(sock, IPPROTO_IP, IP_TOS, + &ptb->Tflag, sizeof(ptb->T
Re: LAC & LNS server with OpenBSD
Hello, On Sun, 21 Aug 2011 19:17:36 +0200 (CEST) "Gruel Bruno" wrote: > Thank's for your reply it's works. Thank you for your feedbacks. > But i have still some question. > It's not realy secure to do that, no (a VPN without password )?? It depends on your network which you use L2TP on. Until your case, npppd has been developed for L2TP on IPsec or L2TP on trusted network. > Do you plan to implement tunnel auth in npppd ? I'll plan to implement it if you (or maybe somebody) use it. :) --yasuoka On Sun, 21 Aug 2011 19:17:36 +0200 (CEST) "Gruel Bruno" wrote: > Hello, > > Thank's for your reply it's works. > > By disable tunnel auth in MPD the client, can get ip configuration via the > L2TP tunnel. > > But i have still some question. > > It's not realy secure to do that, no (a VPN without password )?? > Do you plan to implement tunnel auth in npppd ? > > So thank's for your work and you availability. > > Bruno Gruel > >> Original Message >>From: YASUOKA Masahiko >>To: b.gr...@woody.hopto.org >>Cc: tech@openbsd.org >>Sent: Dim, Aou 21, 2011, 17:32 PM >>Subject: Re: LAC & LNS server with OpenBSD >> >>Hello, >> >>On Fri, 19 Aug 2011 20:26:25 +0200 (CEST) >>"Gruel Bruno" wrote: >>> Now i have got that: >>> >>> 2011-08-19 16:11:33:WARNING: l2tpd ctrl=13 Received AVP (CHALLENGE/11) is >>> not >>> supported, but it's mandatory >>> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Started RecvSCCRQ >>> from=172.16.1.1:33203/udp tunnel_id=13/35887 protocol=1.0 winsize=8 >>> hostname=LAC vendor=FreeBSD MPD firm= >>> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendSCCRP >>> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 RecvStopCCN result=UNAUTHORIZED/4 >>> error=none/0 tunnel_id=35887 message="" >>> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendZLB >>> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Finished >>> 2011-08-19 16:11:33:INFO: l2tpd Received from=172.16.1.1:33203: bad control >>> message: tunnelId=13 is not found. mestype=SCCCN >>> >>> I suppose that is what you say. Unable to authenticate via the L2TP no ?? >> >>Yes. MPD seems to be using `L2TP tunnel authentication'. Npppd >>doesn't support `L2TP tunnel authentication' You need to disable it >>on MPD. >> >>--yasuoka >> >>On Fri, 19 Aug 2011 20:26:25 +0200 (CEST) >>"Gruel Bruno" wrote: >>> Hello, >>> >>> Thank's for your quick reply. >>> So i'm intersting about tunnel authentication because it's the final point >>> off >>> my project. >>> >>> I do what you say, disable hidden in MPD but there is still error message. >>> >>> Now i have got that: >>> >>> 2011-08-19 16:11:33:WARNING: l2tpd ctrl=13 Received AVP (CHALLENGE/11) is >>> not >>> supported, but it's mandatory >>> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Started RecvSCCRQ >>> from=172.16.1.1:33203/udp tunnel_id=13/35887 protocol=1.0 winsize=8 >>> hostname=LAC vendor=FreeBSD MPD firm= >>> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendSCCRP >>> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 RecvStopCCN result=UNAUTHORIZED/4 >>> error=none/0 tunnel_id=35887 message="" >>> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendZLB >>> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Finished >>> 2011-08-19 16:11:33:INFO: l2tpd Received from=172.16.1.1:33203: bad control >>> message: tunnelId=13 is not found. mestype=SCCCN >>> >>> I suppose that is what you say. Unable to authenticate via the L2TP no ?? >>> >>> Thank's >>> >>> Bruno. >>> Original Message From: YASUOKA Masahiko To: b.gr...@woody.hopto.org Cc: tech@openbsd.org Sent: Ven, Aou 19, 2011, 16:37 PM Subject: Re: LAC & LNS server with OpenBSD Hi, On Fri, 19 Aug 2011 16:05:27 +0200 (CEST) "Gruel Bruno" wrote: > Since several days i do some test in my lab but i have a problem. > > According to my picture >>> http://fai.woody.hopto.org/Docs/bsdrp-example-pppoe-l2tp.png > > R1 is a openbsd 4.9 wh make a ppoe call > R2 is a freebsd with the MPD5 daemon who run as an LAC > R3 is a openbsd 4.9 with npppd who run as a LNS. (snip) > But when th R2 (LAC) try to establish the L2TP VPN i got this error : > > 2011-08-19 15:21:38:WARNING: l2tpd ctrl=33 Received AVP (RANDOM_VECTOR/36) >>> is not supported, but it's mandatory > 2011-08-19 15:21:38:ERR: l2tpd ctrl=33 Received bad SCCRQ: invalid packet >>> size BEARER_CAPABILITIES 15==10) > 2011-08-19 15:21:38:DEBUG: l2tpd ctrl=33 l2tp_ctrl_stop() unexpected >>> state=idle > 2011-08-19 15:21:38:NOTICE: l2tpd ctrl=33 logtype=Finishe > > Have you got a suggestion ?? mpd seems to be using `hidden AVP' but npppd doesn't support that. Disabling `hidden AVP' on mpd may save this problem. Npppd also doesn't support `tunnel authentication'. It's not difficult to add them if some of you use them. Thanks, --yasuoka On Fri, 19 Aug 2011 16:05:27 +0200 (CEST) "Gruel Bruno" wrote: > Hello, > > Since
Re: LAC & LNS server with OpenBSD
Hello, Thank's for your reply it's works. By disable tunnel auth in MPD the client, can get ip configuration via the L2TP tunnel. But i have still some question. It's not realy secure to do that, no (a VPN without password )?? Do you plan to implement tunnel auth in npppd ? So thank's for your work and you availability. Bruno Gruel > Original Message >From: YASUOKA Masahiko >To: b.gr...@woody.hopto.org >Cc: tech@openbsd.org >Sent: Dim, Aou 21, 2011, 17:32 PM >Subject: Re: LAC & LNS server with OpenBSD > >Hello, > >On Fri, 19 Aug 2011 20:26:25 +0200 (CEST) >"Gruel Bruno" wrote: >> Now i have got that: >> >> 2011-08-19 16:11:33:WARNING: l2tpd ctrl=13 Received AVP (CHALLENGE/11) is not >> supported, but it's mandatory >> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Started RecvSCCRQ >> from=172.16.1.1:33203/udp tunnel_id=13/35887 protocol=1.0 winsize=8 >> hostname=LAC vendor=FreeBSD MPD firm= >> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendSCCRP >> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 RecvStopCCN result=UNAUTHORIZED/4 >> error=none/0 tunnel_id=35887 message="" >> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendZLB >> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Finished >> 2011-08-19 16:11:33:INFO: l2tpd Received from=172.16.1.1:33203: bad control >> message: tunnelId=13 is not found. mestype=SCCCN >> >> I suppose that is what you say. Unable to authenticate via the L2TP no ?? > >Yes. MPD seems to be using `L2TP tunnel authentication'. Npppd >doesn't support `L2TP tunnel authentication' You need to disable it >on MPD. > >--yasuoka > >On Fri, 19 Aug 2011 20:26:25 +0200 (CEST) >"Gruel Bruno" wrote: >> Hello, >> >> Thank's for your quick reply. >> So i'm intersting about tunnel authentication because it's the final point off >> my project. >> >> I do what you say, disable hidden in MPD but there is still error message. >> >> Now i have got that: >> >> 2011-08-19 16:11:33:WARNING: l2tpd ctrl=13 Received AVP (CHALLENGE/11) is not >> supported, but it's mandatory >> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Started RecvSCCRQ >> from=172.16.1.1:33203/udp tunnel_id=13/35887 protocol=1.0 winsize=8 >> hostname=LAC vendor=FreeBSD MPD firm= >> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendSCCRP >> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 RecvStopCCN result=UNAUTHORIZED/4 >> error=none/0 tunnel_id=35887 message="" >> 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendZLB >> 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Finished >> 2011-08-19 16:11:33:INFO: l2tpd Received from=172.16.1.1:33203: bad control >> message: tunnelId=13 is not found. mestype=SCCCN >> >> I suppose that is what you say. Unable to authenticate via the L2TP no ?? >> >> Thank's >> >> Bruno. >> >>> Original Message >>>From: YASUOKA Masahiko >>>To: b.gr...@woody.hopto.org >>>Cc: tech@openbsd.org >>>Sent: Ven, Aou 19, 2011, 16:37 PM >>>Subject: Re: LAC & LNS server with OpenBSD >>> >>>Hi, >>> >>>On Fri, 19 Aug 2011 16:05:27 +0200 (CEST) >>>"Gruel Bruno" wrote: Since several days i do some test in my lab but i have a problem. According to my picture >> http://fai.woody.hopto.org/Docs/bsdrp-example-pppoe-l2tp.png R1 is a openbsd 4.9 wh make a ppoe call R2 is a freebsd with the MPD5 daemon who run as an LAC R3 is a openbsd 4.9 with npppd who run as a LNS. >>>(snip) But when th R2 (LAC) try to establish the L2TP VPN i got this error : 2011-08-19 15:21:38:WARNING: l2tpd ctrl=33 Received AVP (RANDOM_VECTOR/36) >> is not supported, but it's mandatory 2011-08-19 15:21:38:ERR: l2tpd ctrl=33 Received bad SCCRQ: invalid packet >> size BEARER_CAPABILITIES 15==10) 2011-08-19 15:21:38:DEBUG: l2tpd ctrl=33 l2tp_ctrl_stop() unexpected >> state=idle 2011-08-19 15:21:38:NOTICE: l2tpd ctrl=33 logtype=Finishe Have you got a suggestion ?? >>> >>>mpd seems to be using `hidden AVP' but npppd doesn't support that. >>>Disabling `hidden AVP' on mpd may save this problem. Npppd also >>>doesn't support `tunnel authentication'. >>> >>>It's not difficult to add them if some of you use them. >>> >>>Thanks, >>> >>>--yasuoka >>> >>> >>>On Fri, 19 Aug 2011 16:05:27 +0200 (CEST) >>>"Gruel Bruno" wrote: Hello, Since several days i do some test in my lab but i have a problem. According to my picture >> http://fai.woody.hopto.org/Docs/bsdrp-example-pppoe-l2tp.png R1 is a openbsd 4.9 wh make a ppoe call R2 is a freebsd with the MPD5 daemon who run as an LAC R3 is a openbsd 4.9 with npppd who run as a LNS. This is the R3 npppd configuration file # # Simplest npppd.conf sample # # $Id: HOWTO_PIPEX_NPPPD.txt,v 1.3 2010/09/26 06:54:44 yasuoka Exp $ interface_list: tun0 interface.tun0.ip4addr: 10.0.0.1 # IP address pool pool.dyna_pool: 10.0.0.0/25 pool.pool: 10.0.0.
Re: LAC & LNS server with OpenBSD
Hello, On Fri, 19 Aug 2011 20:26:25 +0200 (CEST) "Gruel Bruno" wrote: > Now i have got that: > > 2011-08-19 16:11:33:WARNING: l2tpd ctrl=13 Received AVP (CHALLENGE/11) is not > supported, but it's mandatory > 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Started RecvSCCRQ > from=172.16.1.1:33203/udp tunnel_id=13/35887 protocol=1.0 winsize=8 > hostname=LAC vendor=FreeBSD MPD firm= > 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendSCCRP > 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 RecvStopCCN result=UNAUTHORIZED/4 > error=none/0 tunnel_id=35887 message="" > 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendZLB > 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Finished > 2011-08-19 16:11:33:INFO: l2tpd Received from=172.16.1.1:33203: bad control > message: tunnelId=13 is not found. mestype=SCCCN > > I suppose that is what you say. Unable to authenticate via the L2TP no ?? Yes. MPD seems to be using `L2TP tunnel authentication'. Npppd doesn't support `L2TP tunnel authentication' You need to disable it on MPD. --yasuoka On Fri, 19 Aug 2011 20:26:25 +0200 (CEST) "Gruel Bruno" wrote: > Hello, > > Thank's for your quick reply. > So i'm intersting about tunnel authentication because it's the final point off > my project. > > I do what you say, disable hidden in MPD but there is still error message. > > Now i have got that: > > 2011-08-19 16:11:33:WARNING: l2tpd ctrl=13 Received AVP (CHALLENGE/11) is not > supported, but it's mandatory > 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Started RecvSCCRQ > from=172.16.1.1:33203/udp tunnel_id=13/35887 protocol=1.0 winsize=8 > hostname=LAC vendor=FreeBSD MPD firm= > 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendSCCRP > 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 RecvStopCCN result=UNAUTHORIZED/4 > error=none/0 tunnel_id=35887 message="" > 2011-08-19 16:11:33:INFO: l2tpd ctrl=13 SendZLB > 2011-08-19 16:11:33:NOTICE: l2tpd ctrl=13 logtype=Finished > 2011-08-19 16:11:33:INFO: l2tpd Received from=172.16.1.1:33203: bad control > message: tunnelId=13 is not found. mestype=SCCCN > > I suppose that is what you say. Unable to authenticate via the L2TP no ?? > > Thank's > > Bruno. > >> Original Message >>From: YASUOKA Masahiko >>To: b.gr...@woody.hopto.org >>Cc: tech@openbsd.org >>Sent: Ven, Aou 19, 2011, 16:37 PM >>Subject: Re: LAC & LNS server with OpenBSD >> >>Hi, >> >>On Fri, 19 Aug 2011 16:05:27 +0200 (CEST) >>"Gruel Bruno" wrote: >>> Since several days i do some test in my lab but i have a problem. >>> >>> According to my picture > http://fai.woody.hopto.org/Docs/bsdrp-example-pppoe-l2tp.png >>> >>> R1 is a openbsd 4.9 wh make a ppoe call >>> R2 is a freebsd with the MPD5 daemon who run as an LAC >>> R3 is a openbsd 4.9 with npppd who run as a LNS. >>(snip) >>> But when th R2 (LAC) try to establish the L2TP VPN i got this error : >>> >>> 2011-08-19 15:21:38:WARNING: l2tpd ctrl=33 Received AVP (RANDOM_VECTOR/36) > is not supported, but it's mandatory >>> 2011-08-19 15:21:38:ERR: l2tpd ctrl=33 Received bad SCCRQ: invalid packet > size BEARER_CAPABILITIES 15==10) >>> 2011-08-19 15:21:38:DEBUG: l2tpd ctrl=33 l2tp_ctrl_stop() unexpected > state=idle >>> 2011-08-19 15:21:38:NOTICE: l2tpd ctrl=33 logtype=Finishe >>> >>> Have you got a suggestion ?? >> >>mpd seems to be using `hidden AVP' but npppd doesn't support that. >>Disabling `hidden AVP' on mpd may save this problem. Npppd also >>doesn't support `tunnel authentication'. >> >>It's not difficult to add them if some of you use them. >> >>Thanks, >> >>--yasuoka >> >> >>On Fri, 19 Aug 2011 16:05:27 +0200 (CEST) >>"Gruel Bruno" wrote: >>> Hello, >>> >>> Since several days i do some test in my lab but i have a problem. >>> >>> According to my picture > http://fai.woody.hopto.org/Docs/bsdrp-example-pppoe-l2tp.png >>> >>> R1 is a openbsd 4.9 wh make a ppoe call >>> R2 is a freebsd with the MPD5 daemon who run as an LAC >>> R3 is a openbsd 4.9 with npppd who run as a LNS. >>> >>> This is the R3 npppd configuration file >>> >>> # >>> # Simplest npppd.conf sample >>> # >>> # $Id: HOWTO_PIPEX_NPPPD.txt,v 1.3 2010/09/26 06:54:44 yasuoka Exp $ >>> >>> interface_list: tun0 >>> interface.tun0.ip4addr: 10.0.0.1 >>> >>> # IP address pool >>> pool.dyna_pool: 10.0.0.0/25 >>> pool.pool: 10.0.0.128/25 >>> >>> # Authentication >>> auth.local.realm_list: local >>> auth.local.realm.acctlist: /etc/npppd/npppd-users.csv >>> realm.local.concentrate:tun0 >>> >>> lcp.mru:1400 >>> auth.method:mschapv2 chap >>> >>> # L2TP daemon >>> l2tpd.enabled: true >>> l2tpd.ip4_allow:0.0.0.0/0 >>> l2tpd.require_ipsec:false >>> l2tpd.accept_dialin:true >>> >>> # PPPoE daemon >>> pppoed.enabled:true >>> pppoed.interface: