Page MenuHome Accel-ppp

netns design and implementation issues
Open, Requires assessmentPublicBUG

Description

Accel-ppp is able to move user-interface to the netns specified by Nas-Port-Id but it has several design issues:

  1. It's not possible to change netns via CoA-message because Nas-Port-Id is used to search a session, not for renaming the interface and not for moving interface to another netns.
  2. Even if we remove Nas-Port-Id from CoA searching list and add an ability to move interface via CoA-message it will not work due to kernel linux specifics. If an interface is moved to another netns, kernel deletes l3 configuration and down the interface.

This patch doesn't work due to kernel specifics when interface is moved to another netns:

diff --git a/accel-pppd/radius/dm_coa.c b/accel-pppd/radius/dm_coa.c
index 003a691..7290acb 100644
--- a/accel-pppd/radius/dm_coa.c
+++ b/accel-pppd/radius/dm_coa.c
@@ -186,6 +186,12 @@ static void coa_request(struct radius_pd_t *rpd)
                if (attr)
                        rad_update_session_timeout(rpd, attr->val.integer);
 
+               attr = rad_packet_find_attr(rpd->dm_coa_req, NULL, "NAS-Port-Id");
+               if (attr) {
+                       log_debug("NAS-Port-Id in coa\n");
+                       ap_session_rename(rpd->ses, attr->val.string, -1);
+               }
+
                dm_coa_send_ack(serv.hnd.fd, rpd->dm_coa_req, &rpd->dm_coa_addr);
        }
 
diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c
index e3fe4b3..6d30a9e 100644
--- a/accel-pppd/radius/radius.c
+++ b/accel-pppd/radius/radius.c
@@ -813,9 +813,9 @@ struct radius_pd_t *rad_find_session_pack(struct rad_packet_t *pack)
                        case NAS_Port:
                                port = attr->val.integer;
                                break;
-                       case NAS_Port_Id:
-                               port_id = attr->val.string;
-                               break;
                        case Framed_IP_Address:
                                if (attr->val.ipaddr != htonl(0xfffffffe))
                                        ipaddr = attr->val.ipaddr;

So.. it is required to do some code refactoring to add an ability to move interface between network namespaces.

I've tested netns assignment to ppp user interfaces. It works for ppp interfaces (if it was received in Access-Accept message).
I've never tested netns assignment to ipoe interfaces.

Details

Protocol
General
Version
1.12.0-76-g34ecca0

Event Timeline

svlobanov created this task.May 24 2020, 13:56