It is currently Thu Nov 23, 2017 3:42 pm

All times are UTC [ DST ]




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Re: mpd 5 as l2tp client
PostPosted: Mon Jul 05, 2010 11:58 am 
Site Admin

Joined: Sun Jul 27, 2008 1:39 pm
Posts: 122
thor wrote:
Hi, I have Ubuntu 10 with openl2tpd as server and FreeBSD 8.0 with mpd5 as client and have trouble with connect.
Quote:
# system

# peer profiles
peer profile create profile_name=thor
peer profile modify profile_name=thor \
ppp_profile_name=thor \
peer_ipaddr=10.172.23.234 \
tunnel_profile_name=thor \

# tunnel profiles
tunnel profile create profile_name=thor
tunnel profile modify profile_name=thor \
auth_mode=none \
peer_profile_name=thor \
ppp_profile_name=thor \


# session profiles

# ppp profiles
ppp profile create profile_name=thor
ppp profile modify profile_name=thor \
local_ipaddr=10.4.4.4 \
remote_ipaddr=10.4.4.1 \

# locally created tunnels and sessions


mpd5 config

Quote:
l2tp
create bundle static l2tp
create link static l2tp l2tp
set link action bundle l2tp
set link keep-alive 10 60
set link mtu 1460
set l2tp peer 172.17.30.16
set auth authname 123
set auth password 321
set link max-redial 0
open


openl2tpd dump
Quote:
FUNC: tunl 7749: inherited ppp profile 'thor' from tunnel profile
FUNC: tunl 7749: allocated context using profile 'thor', created by network request
XPRT: RX: tunl 7749/0: len=95 ns/nr=0/0, our ns/nr=0/0, peer ns/nr=0/0
XPRT: tunl 7749: peer ns/nr is 0/0
DATA: RX: tunl 7749/0: rcv 95 bytes from peer 10.172.23.234, packet ns/nr 0/0 type 0
XPRT: tunl 7749: update nr from 0 to 1
AVP: tunl 7749: SCCRQ message decode of 75 bytes started
AVPDATA: HOST_NAME: name=thor-net
AVPDATA: VENDOR_NAME: name=FreeBSD MPD
AVPDATA: BEARER_CAP: cap=3
AVPDATA: RX_WINDOW_SIZE: size=8
AVPDATA: PROTOCOL_VERSION: ver=1 rev=0
AVPDATA: FRAMING_CAP: cap=3
AVPDATA: TUNNEL_ID: id=62501
PROTO: tunl 7749: SCCRQ received from peer 62501
FSM: CCE(7749) event SCCRQ_ACCEPT in state IDLE
PROTO: tunl 7749: adjust tx_window_size: peer=8, ours=10
AVP: tunl 7749: building SCCRP message, 9 AVPs
PROTO: tunl 7749: sending SCCRP to peer 62501
XPRT: tunl 7749: queuing tx packet, type 2, len 146, ns/nr 0/1
XPRT: tunl 7749: update ns to 1
XPRT: tunl 7749: adding packet to ackq, type 2, len 146, ns/nr 0/1
DATA: TX: tunl 7749/0: send 146 bytes to peer 10.172.23.234, packet ns/nr 0/1 type 2, retry 0
FSM: CCE(7749) state change: IDLE --> WAITCTLCONN
XPRT: tunl 40996: retry failure
XPRT: tunl 7749: send zlb ack, ns/nr=1/1
FSM: CCE(40996) event XPRT_DOWN in state WAITCTLCONN
AVP: tunl 40996: building STOPCCN message, 3 AVPs
PROTO: tunl 40996: sending STOPCCN to peer 62501
XPRT: tunl 40996: queuing tx packet, type 4, len 38, ns/nr 1/1
XPRT: tunl 40996: tx window closed
FUNC: tunl 40996: starting cleanup timer
FSM: CCE(40996) state change: WAITCTLCONN --> CLOSING
XPRT: tunl 7749: set retry interval to 2
XPRT: tunl 40996: set retry interval to 2
XPRT: tunl 40996: retry failure
FSM: CCE(40996) event XPRT_DOWN in state CLOSING
XPRT: tunl 7749: set retry interval to 4
DATA: TX: tunl 7749/0: resend 146 bytes to peer 10.172.23.234, packet ns/nr 0/1 type 2, retry 1
XPRT: tunl 7749: set retry interval to 8
DATA: TX: tunl 7749/0: resend 146 bytes to peer 10.172.23.234, packet ns/nr 0/1 type 2, retry 2
DATA: TX: tunl 7749/0: resend 146 bytes to peer 10.172.23.234, packet ns/nr 0/1 type 2, retry 3
DATA: TX: tunl 7749/0: resend 146 bytes to peer 10.172.23.234, packet ns/nr 0/1 type 2, retry 4
DATA: TX: tunl 7749/0: resend 146 bytes to peer 10.172.23.234, packet ns/nr 0/1 type 2, retry 5
XPRT: tunl 7749: retry failure
FSM: CCE(7749) event XPRT_DOWN in state WAITCTLCONN
AVP: tunl 7749: building STOPCCN message, 3 AVPs
PROTO: tunl 7749: sending STOPCCN to peer 62501
XPRT: tunl 7749: queuing tx packet, type 4, len 38, ns/nr 1/1
XPRT: tunl 7749: tx window closed
FUNC: tunl 7749: starting cleanup timer
FSM: CCE(7749) state change: WAITCTLCONN --> CLOSING
XPRT: tunl 7749: set retry interval to 2
XPRT: tunl 7749: retry failure
FSM: CCE(7749) event XPRT_DOWN in state CLOSING


FreeBSD tcpdump

Quote:
17:19:25.982541 IP 10.172.23.234.36971 > 172.17.30.16.l2f: l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *HOST_NAME(thor-net) *VENDOR_NAME(FreeBSD MPD) |...
17:19:25.984843 IP 172.17.30.16.56020 > 10.172.23.234.36971: UDP, length 146
17:19:25.984855 IP 10.172.23.234 > 172.17.30.16: ICMP 10.172.23.234 udp port 36971 unreachable, length 36
17:19:26.511028 IP 172.17.30.16.56020 > 10.172.23.234.36971: UDP, length 12
17:19:26.511046 IP 10.172.23.234 > 172.17.30.16: ICMP 10.172.23.234 udp port 36971 unreachable, length 36
17:19:36.760174 IP 172.17.30.16.36706 > 10.172.23.234.36971: UDP, length 12
17:19:36.760187 IP 10.172.23.234 > 172.17.30.16: ICMP 10.172.23.234 udp port 36971 unreachable, length 36
17:19:38.510133 IP 172.17.30.16.36706 > 10.172.23.234.36971: UDP, length 146
17:19:38.510149 IP 10.172.23.234 > 172.17.30.16: ICMP 10.172.23.234 udp port 36971 unreachable, length 36
17:19:39.760160 IP 172.17.30.16.36706 > 10.172.23.234.36971: UDP, length 146
17:19:39.760170 IP 10.172.23.234 > 172.17.30.16: ICMP 10.172.23.234 udp port 36971 unreachable, length 36


with that mpd config i can connect to rp-l2tpd server
tcpdump

Quote:
15:40:11.219836 IP 10.172.23.234.24653 > 172.17.30.8.l2f: l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *HOST_NAME(thor-net) *VENDOR_NAME(FreeBSD MPD) |...
15:40:11.221979 IP 172.17.30.8.l2f > 10.172.23.234.24653: l2tp:[TLS](18059/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0) *RANDOM_VECTOR(3a9311d5a30aade54fb41df249ce14a6) |...
15:40:11.222408 IP 10.172.23.234.24653 > 172.17.30.8.l2f: l2tp:[TLS](6994/0)Ns=1,Nr=0 *MSGTYPE(SCCCN) *HOST_NAME(thor-net) *VENDOR_NAME(FreeBSD MPD) |...
15:40:11.325042 IP 172.17.30.8.l2f > 10.172.23.234.24653: l2tp:[TLS](18059/0)Ns=1,Nr=2 ZLB
15:40:11.325076 IP 10.172.23.234.24653 > 172.17.30.8.l2f: l2tp:[TLS](6994/0)Ns=2,Nr=1 *MSGTYPE(ICRQ) *ASSND_SESS_ID(42613) *CALL_SER_NUM(4640004)
15:40:11.327166 IP 172.17.30.8.l2f > 10.172.23.234.24653: l2tp:[TLS](18059/42613)Ns=1,Nr=3 *MSGTYPE(ICRP) *RANDOM_VECTOR(0675d7dd2120c2a56fa30cfe6d1e6bdb) *?ASSND_SESS_ID(???)
15:40:11.327491 IP 10.172.23.234.24653 > 172.17.30.8.l2f: l2tp:[TLS](6994/53665)Ns=3,Nr=2 *MSGTYPE(ICCN) *TX_CONN_SPEED(10000000) *FRAMING_TYPE(S)

Sorry for the late reply.

The above packet traces for the working case suggest you are using an encrypted connection for L2TP. Have you setup IPSec for OpenL2TP? Are you using its ipsec.so plugin? The OpenL2TP log suggests that it isn't receiving an ACK from the peer for the SCCRP control message that it sends.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group