It is currently Mon Nov 20, 2017 6:38 am

All times are UTC [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: OpenL2TP hangs sometimes while setting up tunnel
PostPosted: Sat Feb 25, 2012 10:17 pm 

Joined: Sat Feb 25, 2012 9:58 pm
Posts: 3
I've got a router (mips) with OpenWRT and using OpenL2TP to connect to the ISP.
It runs Linux 3.2.5, OpenL2TP 1.8 + some patches from SF.net, pppd 2.4.5
When OpenL2TP starts it, sometimes, does not fires up PPPD and just sits there waiting for something:
Code:
# /usr/sbin/openl2tpd -f -d all -D -p /usr/lib/openl2tp/ppp_unix.so
Start, trace_flags=ffffffff (debug enabled)
OpenL2TP V1.8, (c) Copyright 2004-2010 Katalix Systems Ltd.
Loading plugin /usr/lib/openl2tp/ppp_unix.so, version V1.5
Using config file: /etc/openl2tpd.conf
FUNC: tunl 30932: allocated context using profile 'default'
FSM: CCE(30932) event OPEN_REQ in state IDLE
AVP: tunl 30932: building SCCRQ message, 9 AVPs
PROTO: tunl 30932: sending SCCRQ
XPRT: tunl 30932: queuing tx packet, type 1, len 134, ns/nr 0/0
XPRT: tunl 30932: update ns to 1
XPRT: tunl 30932: adding packet to ackq, type 1, len 134, ns/nr 0/0
DATA: TX: tunl 30932/0: send 134 bytes to peer 85.21.0.255, packet ns/nr 0/0 type 1, retry 0
FSM: CCE(30932) state change: IDLE --> WAITCTLREPLY
FUNC: tunl 30932 created
FSM: LAIC(30932/49501) event INCALL_IND in state IDLE
PROTO: tunl 30932/49501: waiting for tunnel up
FSM: LAIC(30932/49501) state change: IDLE --> WAITTUNNEL
30932/49501: creating UNIX pppd context
30932/49501: using ppp profile 'default'


Looking with tcpdump it just sends one packet and then:
Code:
01:07:02.279590 IP 10.184.32.32.40646 > vpn253-l0.msk.corbina.net.l2f:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP(AD) FIRM_VER(264) *HOST_NAME(simf-router) VENDOR_NAME(Katalix Systems Ltd. Linux-3.2.5 (mips)) *ASSND_TUN_ID(56659) *RECV_WIN_SIZE(10)


Config:
Code:
peer profile modify profile_name=default lac_lns=lac
ppp profile modify profile_name=default mtu=1460 auth_pap=no auth_eap=no default_route=no auth_none=no lcp_echo_interval=10 idle_timeout=0
tunnel create tunnel_name=corbina dest_ipaddr=tp.internet.beeline.ru persist=yes use_udp_checksums=yes hello_timeout=0 idle_timeout=0 max_retries=0 retry_timeout=120
session create use_sequence_numbers=yes framing_type=sync tunnel_name=corbina session_name=corbina user_name=LOGIN


After some restarts by a watchdog script, it manages to start pppd and then proceeds without problems. But i can't figure out what triggers successful launch. Maybe the problem is on LNS side, but AFAIK xl2tpd works without problems, but it's completely userspace, so i'd rather not use it on embedded.

Any ideas where to look? Thanks in advance.


Top
 Profile  
 
 Post subject: Re: OpenL2TP hangs sometimes while setting up tunnel
PostPosted: Sun Feb 26, 2012 8:48 pm 

Joined: Sat Feb 25, 2012 9:58 pm
Posts: 3
Yes, by the way, xl2tpd works flawless on the same device.
But i would like to bring OpenL2TP to a working state...


Top
 Profile  
 
 Post subject: Re: OpenL2TP hangs sometimes while setting up tunnel
PostPosted: Thu Mar 01, 2012 9:27 pm 
Site Admin

Joined: Sun Jul 27, 2008 1:39 pm
Posts: 122
blind_oracle wrote:
I've got a router (mips) with OpenWRT and using OpenL2TP to connect to the ISP.
It runs Linux 3.2.5, OpenL2TP 1.8 + some patches from SF.net, pppd 2.4.5
When OpenL2TP starts it, sometimes, does not fires up PPPD and just sits there waiting for something
Any ideas where to look? Thanks in advance.

The LNS isn't replying at all. Is a firewall or NAT in the path? By default, OpenL2TP will use ephemeral UDP ports, which needs a sane firewall to be tracking UDP port assignments in order to work.

Turn UDP checksums off for now, in case the peer doesn't want that. And leave hello_timeout, idle_timeout, max_retries alone until you have a working tunnel.

Once the LNS is replying reliably to the SCCRQ, we can debug the session setup. I suggest don't do the session create until you see the tunnel come up.

I have no idea why the session is sometimes established if you keep retrying. :(


Top
 Profile  
 
 Post subject: Re: OpenL2TP hangs sometimes while setting up tunnel
PostPosted: Fri Mar 02, 2012 6:58 am 

Joined: Sat Feb 25, 2012 9:58 pm
Posts: 3
Thanks for reply :)
The situation is really strange.

Firewall was disabled initially of course, so on my side there's nothing preventing the packets from going in or out.
I tried to remove optional settings that you mentioned (udp checksums etc) from config too, but it made no difference.

Maybe there's some flaws in kernel<->userspace relations that prevents the packets from reaching LNS, or the packet itself gets broken somehow so that LNS does not respond at all. Maybe i should place some kind of bridge/router between LAC and LNS and sniff the traffic to make sure it really gets out...
Maybe you can advice me on some other tests that i can do :)

Right now i'm sticking with xl2tpd with kernel L2TP support, it seems to work fine for now, and much less CPU hungry than userspace version.

P.S.
The openl2tpd is built without RPC support, which broke some things on the way (the ppp plugin that notifies openl2tpd of ppp's status was not built), that were fixed later by patches. Maybe something else got broken too..


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group