ppp icon indicating copy to clipboard operation
ppp copied to clipboard

Published 20 hours ago verified publisher icon ppp-project

Stdout

Open mayconrcmello opened this issue 1 year ago • 6 comments

I compiled rp-pppoe version 4 against pppd version 2.5.0 and I'm encountering issues with the client connection. The log output is not clear about the exact problem. Here's an example:

pppoe-server[107684]: Session 33 created for client bc:24:11:04:cf:a9 (100.103.0.36) on ens18 using Service-Name '' pppd[107684]: Plugin /etc/ppp/plugins/rp-pppoe.so loaded. pppd[107684]: RP-PPPoE plugin version 4.0 compiled against pppd 2.5.0 pppd[107684]: Plugin /usr/local/lib/pppd/2.5.0/radius.so loaded. pppd[107684]: RADIUS plugin initialized. pppd[107684]: Plugin /usr/local/lib/pppd/2.5.0/radattr.so loaded. pppd[107684]: RADATTR plugin initialized. pppd[107684]: pppd 2.5.0 started by root, uid 0 pppd[107684]: Connected to bc:24:11:04:cf:a9 via interface ens18 pppd[107684]: using channel 128 pppd[107684]: Using interface ppp0 pppd[107684]: Connect: ppp0 <--> ens18 pppd[107684]: sent [LCP ConfReq id=0x1 <mru 1492> <magic 0x74c2651a>] pppd[107684]: rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0x74c2651a>] pppd[107684]: rcvd [LCP ConfReq id=0x1 <mru 1492> <magic 0xa2569440>] pppd[107684]: sent [LCP ConfAck id=0x1 <mru 1492> <magic 0xa2569440>] pppd[107684]: sent [LCP EchoReq id=0x0 magic=0x74c2651a] pppd[107684]: rcvd [LCP EchoReq id=0x0 magic=0xa2569440] pppd[107684]: sent [LCP EchoRep id=0x0 magic=0x74c2651a] pppd[107684]: rcvd [PAP AuthReq id=0x1 user="0511774" password=] pppd[107684]: sent [PAP AuthNak id=0x1 "RADIUS: Can't read config file /etc/radcli/radiusclient.conf"] pppd[107684]: PAP peer authentication failed for 0511774 pppd[107684]: sent [LCP TermReq id=0x2 "Authentication failed"] pppd[107684]: rcvd [LCP EchoRep id=0x0 magic=0xa2569440] pppd[107684]: rcvd [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"] pppd[107684]: sent [LCP TermAck id=0x2] pppd[107684]: rcvd [LCP TermAck id=0x2] pppd[107684]: Connection terminated. pppd[107684]: Fatal signal 11 pppoe-server[23464]: Session 33 closed for client bc:24:11:04:cf:a9 (100.103.0.36) on ens18 pppoe-server[23464]: Sent PADT

Especially in this section:

pppd[107684]: sent [PAP AuthNak id=0x1 "RADIUS: Can't read config file /etc/radcli/radiusclient.conf"]

I believe it might be related to a dictionary attribute, but it's not reporting as previous versions did.

The pppd package is not clearly indicating where the error is occurring, making it difficult to diagnose the issue.

mayconrcmello avatar Apr 11 '24 14:04 mayconrcmello

@paulusmack, @enaess: What do you think?

Neustradamus avatar Apr 17 '24 11:04 Neustradamus

Do you have an options file that has the "radius-config-file" option in it?

It appears to be unhappy because it can't open /etc/radcli/radiusclient.conf. I'm wondering where it gets that path from, because in the source code it looks like the default radius config file is /etc/radiusclient/radiusclient.conf.

Does the /etc/radcli/radiusclient.conf file exist?

I agree that in this instance the error reporting from the radius plugin is less than ideal. It looks like it will log an error message in some cases but not others.

paulusmack avatar Apr 19 '24 10:04 paulusmack

Yes, I do have the options file where the "radius-config-file" is set to /etc/radcli/radiusclient.conf. It seems that the default path in the source code is different. Below are the samples from both the PPPoE server options file and the current configuration of my radiusclient.conf:

/etc/ppp/pppoe-server-option

#PPP options for the PPPoE server #LIC: GPL require-pap ms-dns 1.1.1.1 ms-dns 8.8.8.8 #lcp-echo-adaptive lcp-echo-interval 20 lcp-echo-failure 3 plugin /usr/lib/pppd/2.5.0/radius.so plugin /usr/lib/pppd/2.5.0/radattr.so radius-config-file /etc/radcli/radiusclient.conf debug kdebug 1 #ipv6 ::1,::2

/etc/radcli/radiusclient.conf

auth_order radius login_tries 4 login_timeout 60 nologin /etc/nologin issue /etc/radcli/issue authserver 10.0.100.100:1812 acctserver 10.0.100.100:1813 servers /etc/radcli/servers dictionary /etc/radcli/dictionary login_radius /usr/sbin/login.radius seqfile /var/run/radius.seq mapfile /etc/radcli/port-id-map default_realm radius_timeout 60 radius_retries 10 login_local /bin/login nas_identifier popeye3

The configuration in /etc/radcli/radiusclient.conf is currently in use and seems to be correctly set. Could you check if there's any other aspect we might be missing that could be causing the issue with failing to open the file? I'm missing some more specific warning. I think that in past versions, if a dictionary had an incorrect attribute it was shown.

mayconrcmello avatar Apr 22 '24 19:04 mayconrcmello

It sounds like older versions of pppd worked - what version was the last known working version?

There have been no code changes in pppd/plugin/radius since version 2.4.9, so it's hard to see why it doesn't work for you. Could you perhaps use git bisect to find where it broke?

paulusmack avatar Apr 27 '24 09:04 paulusmack

@mayconrcmello: Have you seen the @paulusmack comment?

Neustradamus avatar Aug 17 '24 13:08 Neustradamus