Page MenuHome Accel-ppp
Create Task
Maniphest T32

Accel-ppp does not inform RADIUS server about delegation prefix
Closed, InvalidPublicBUG
Actions

Description

Аккель не информирует радиус о выделенном делегированном префиксе абоненту кроме присланного фиксированного из радиуса.
спустя 2-3 секунды после создания сессии информация о префиксе уже известна

Details

Protocol
General
Version
142c943721615020bca80de4c69e6bbf574529aa

Event Timeline

umka created this task.Oct 27 2020, 11:02
svlobanov added a subscriber: svlobanov.EditedOct 28 2020, 22:42

Your accel-pppd version is too old (142c943721615020bca80de4c69e6bbf574529aa = Mon Oct 22 12:00:02 2018 +0200)

I've checked radius accounting behaviour related to dp6_prefix and it is working fine. accel-pppd version is 1.12.0-103-g45896ff (45896ffa4e254cb5d6627602b72cd29abc477d7d)

  1. Step 1. start session and check radacct Start message
root@deb10:/usr/local/src/accel-ppp/build# ip netns exec C pppd call dsl-provider
root@deb10:/usr/local/src/accel-ppp/build# accel-cmd show sessions username,ip,ip6,ip6-dp,ifname
 username |     ip      |                ip6                | ip6-dp | ifname 
----------+-------------+-----------------------------------+--------+--------
 bob      | 192.168.0.4 | fc00:0:1:2:5434:f178:1c84:6a85/64 |        | ppp1
root@deb10:/usr/local/src/tcpdump# /opt/tcpdump/bin/tcpdump -i lo -n -nn -v -vv -s 0 "port 1813"
tcpdump: listening on lo, link-type EN10MB (Ethernet), snapshot length 262144 bytes
00:27:28.906470 IP (tos 0x0, ttl 64, id 24788, offset 0, flags [DF], proto UDP (17), length 246)
    127.0.0.1.36413 > 127.0.0.1.1813: [bad udp cksum 0xfef5 -> 0xdf76!] RADIUS, length: 218
	Accounting-Request (4), id: 0x01, Authenticator: 68736fe4e54a519550527993bd7c08c4
	  User-Name Attribute (1), length: 5, Value: bob
	    0x0000:  626f 62
	  NAS-Identifier Attribute (32), length: 11, Value: accel-ppp
	    0x0000:  6163 6365 6c2d 7070 70
	  NAS-IP-Address Attribute (4), length: 6, Value: 127.0.0.1
	    0x0000:  7f00 0001
	  NAS-Port Attribute (5), length: 6, Value: 1
	    0x0000:  0000 0001
	  NAS-Port-Id Attribute (87), length: 6, Value: ppp1
	    0x0000:  7070 7031
	  NAS-Port-Type Attribute (61), length: 6, Value: Virtual
	    0x0000:  0000 0005
	  Service-Type Attribute (6), length: 6, Value: Framed
	    0x0000:  0000 0002
	  Framed-Protocol Attribute (7), length: 6, Value: PPP
	    0x0000:  0000 0001
	  Calling-Station-Id Attribute (31), length: 19, Value: 8e:26:80:0b:47:b1
	    0x0000:  3865 3a32 363a 3830 3a30 623a 3437 3a62
	    0x0010:  31
	  Called-Station-Id Attribute (30), length: 19, Value: 92:30:f0:b5:fd:74
	    0x0000:  3932 3a33 303a 6630 3a62 353a 6664 3a37
	    0x0010:  34
	  Acct-Status-Type Attribute (40), length: 6, Value: Start
	    0x0000:  0000 0001
	  Acct-Authentic Attribute (45), length: 6, Value: RADIUS
	    0x0000:  0000 0001
	  Acct-Session-Id Attribute (44), length: 18, Value: e9ce0de712277864
	    0x0000:  6539 6365 3064 6537 3132 3237 3738 3634
	  Acct-Session-Time Attribute (46), length: 6, Value: 00 secs
	    0x0000:  0000 0000
	  Acct-Input-Octets Attribute (42), length: 6, Value: 0
	    0x0000:  0000 0000
	  Acct-Output-Octets Attribute (43), length: 6, Value: 0
	    0x0000:  0000 0000
	  Acct-Input-Packets Attribute (47), length: 6, Value: 0
	    0x0000:  0000 0000
	  Acct-Output-Packets Attribute (48), length: 6, Value: 0
	    0x0000:  0000 0000
	  Acct-Input-Gigawords Attribute (52), length: 6, Value: 0
	    0x0000:  0000 0000
	  Acct-Output-Gigawords Attribute (53), length: 6, Value: 0
	    0x0000:  0000 0000
	  Framed-IP-Address Attribute (8), length: 6, Value: 192.168.0.4
	    0x0000:  c0a8 0004
	  Framed-Interface-ID Attribute (96), length: 10, Value: 
	    0x0000:  5434 f178 1c84 6a85
	  Framed-IPv6-Prefix Attribute (97), length: 20, Value: fc00:0:1:2::/64
	    0x0000:  0040 fc00 0000 0001 0002 0000 0000 0000
	    0x0010:  0000
00:27:28.911205 IP (tos 0x0, ttl 64, id 24789, offset 0, flags [none], proto UDP (17), length 48)
    127.0.0.1.1813 > 127.0.0.1.36413: [bad udp cksum 0xfe2f -> 0xa3ae!] RADIUS, length: 20
	Accounting-Response (5), id: 0x01, Authenticator: 1e0b2aec141c483e7be1e137e328de09

Step 2. start dhcp6 client to get dp6_prefix and check radacct Interim message

root@deb10:/usr/local/src/accel-ppp/build# ip netns exec C dhcp6c -f -d -D ppp0
Oct/29/2020 00:27:57: get_duid: extracted an existing DUID from /var/lib/dhcpv6/dhcp6c_duid: 00:01:00:01:26:2f:62:84:08:00:27:e9:4a:f7
....
Oct/29/2020 00:27:58: copyin_option:   IA_PD prefix: fc00:1:2::/48 pltime=604800 vltime=2592000
....
root@deb10:/usr/local/src/accel-ppp/build# accel-cmd show sessions username,ip,ip6,ip6-dp,ifname
 username |     ip      |                ip6                |    ip6-dp     | ifname 
----------+-------------+-----------------------------------+---------------+--------
 bob      | 192.168.0.4 | fc00:0:1:2:5434:f178:1c84:6a85/64 | fc00:1:2::/48 | ppp1
00:27:58.236101 IP (tos 0x0, ttl 64, id 26359, offset 0, flags [DF], proto UDP (17), length 266)
    127.0.0.1.48677 > 127.0.0.1.1813: [bad udp cksum 0xff09 -> 0x6493!] RADIUS, length: 238
	Accounting-Request (4), id: 0x02, Authenticator: b8108b000ad06b0d7a34155034d4efae
	  User-Name Attribute (1), length: 5, Value: bob
	    0x0000:  626f 62
	  NAS-Identifier Attribute (32), length: 11, Value: accel-ppp
	    0x0000:  6163 6365 6c2d 7070 70
	  NAS-IP-Address Attribute (4), length: 6, Value: 127.0.0.1
	    0x0000:  7f00 0001
	  NAS-Port Attribute (5), length: 6, Value: 1
	    0x0000:  0000 0001
	  NAS-Port-Id Attribute (87), length: 6, Value: ppp1
	    0x0000:  7070 7031
	  NAS-Port-Type Attribute (61), length: 6, Value: Virtual
	    0x0000:  0000 0005
	  Service-Type Attribute (6), length: 6, Value: Framed
	    0x0000:  0000 0002
	  Framed-Protocol Attribute (7), length: 6, Value: PPP
	    0x0000:  0000 0001
	  Calling-Station-Id Attribute (31), length: 19, Value: 8e:26:80:0b:47:b1
	    0x0000:  3865 3a32 363a 3830 3a30 623a 3437 3a62
	    0x0010:  31
	  Called-Station-Id Attribute (30), length: 19, Value: 92:30:f0:b5:fd:74
	    0x0000:  3932 3a33 303a 6630 3a62 353a 6664 3a37
	    0x0010:  34
	  Acct-Status-Type Attribute (40), length: 6, Value: Interim-Update
	    0x0000:  0000 0003
	  Acct-Authentic Attribute (45), length: 6, Value: RADIUS
	    0x0000:  0000 0001
	  Acct-Session-Id Attribute (44), length: 18, Value: e9ce0de712277864
	    0x0000:  6539 6365 3064 6537 3132 3237 3738 3634
	  Acct-Session-Time Attribute (46), length: 6, Value: 30 secs
	    0x0000:  0000 001e
	  Acct-Input-Octets Attribute (42), length: 6, Value: 220
	    0x0000:  0000 00dc
	  Acct-Output-Octets Attribute (43), length: 6, Value: 1226
	    0x0000:  0000 04ca
	  Acct-Input-Packets Attribute (47), length: 6, Value: 8
	    0x0000:  0000 0008
	  Acct-Output-Packets Attribute (48), length: 6, Value: 16
	    0x0000:  0000 0010
	  Acct-Input-Gigawords Attribute (52), length: 6, Value: 0
	    0x0000:  0000 0000
	  Acct-Output-Gigawords Attribute (53), length: 6, Value: 0
	    0x0000:  0000 0000
	  Framed-IP-Address Attribute (8), length: 6, Value: 192.168.0.4
	    0x0000:  c0a8 0004
	  Framed-Interface-ID Attribute (96), length: 10, Value: 
	    0x0000:  5434 f178 1c84 6a85
	  Framed-IPv6-Prefix Attribute (97), length: 20, Value: fc00:0:1:2::/64
	    0x0000:  0040 fc00 0000 0001 0002 0000 0000 0000
	    0x0010:  0000
	  Delegated-IPv6-Prefix Attribute (123), length: 20, Value: fc00:1:2::/48
	    0x0000:  0030 fc00 0001 0002 0000 0000 0000 0000
	    0x0010:  0000

As you can see, accel-pppd sends Accounting Interim-Update message with Delegated-IPv6-Prefix (123) attribute immediately after dp6_prefix is allocated from local pool.

Please double check your accel-pppd version and radacct traffic related to Delegated-IPv6-Prefix (123).

Also I'd recommend you to use tcpdump version from git because my debian10 tcpdump is not able to decode Delegated-IPv6-Prefix (123) attribute (it shows only attribute number and hex value).

Dimka88 renamed this task from Аккель не информирует радиус о delegation prefix to Accel-ppp does not inform RADIUS server about delegation prefix.Dec 17 2021, 20:16
Dimka88 closed this task as Invalid.