first version of the LAC functionality
[l2tpns.git] / l2tpns.c
index 0721f5c..d4bb9ca 100644 (file)
--- a/l2tpns.c
+++ b/l2tpns.c
 #include "bgp.h"
 #endif
 
 #include "bgp.h"
 #endif
 
+#ifdef LAC
+#include "l2tplac.h"
+#endif
+
+#ifdef LAC
+char * Vendor_name = "Linux L2TPNS";
+uint32_t call_serial_number = 0;
+#endif
+
 // Globals
 configt *config = NULL;                // all configuration
 int nlfd = -1;                 // netlink socket
 // Globals
 configt *config = NULL;                // all configuration
 int nlfd = -1;                 // netlink socket
@@ -102,6 +111,7 @@ uint32_t eth_tx = 0;
 
 static uint32_t ip_pool_size = 1;      // Size of the pool of addresses used for dynamic address allocation.
 time_t time_now = 0;                   // Current time in seconds since epoch.
 
 static uint32_t ip_pool_size = 1;      // Size of the pool of addresses used for dynamic address allocation.
 time_t time_now = 0;                   // Current time in seconds since epoch.
+uint64_t time_now_ms = 0;              // Current time in milliseconds since epoch.
 static char time_now_string[64] = {0}; // Current time as a string.
 static int time_changed = 0;           // time_now changed
 char main_quit = 0;                    // True if we're in the process of exiting.
 static char time_now_string[64] = {0}; // Current time as a string.
 static int time_changed = 0;           // time_now changed
 char main_quit = 0;                    // True if we're in the process of exiting.
@@ -159,8 +169,12 @@ config_descriptt config_values[] = {
        CONFIG("ipv6_prefix", ipv6_prefix, IPv6),
        CONFIG("cli_bind_address", cli_bind_address, IPv4),
        CONFIG("hostname", hostname, STRING),
        CONFIG("ipv6_prefix", ipv6_prefix, IPv6),
        CONFIG("cli_bind_address", cli_bind_address, IPv4),
        CONFIG("hostname", hostname, STRING),
+#ifdef BGP
        CONFIG("nexthop_address", nexthop_address, IPv4),
        CONFIG("nexthop6_address", nexthop6_address, IPv6),
        CONFIG("nexthop_address", nexthop_address, IPv4),
        CONFIG("nexthop6_address", nexthop6_address, IPv6),
+#endif
+       CONFIG("echo_timeout", echo_timeout, INT),
+       CONFIG("idle_echo_timeout", idle_echo_timeout, INT),
        { NULL, 0, 0, 0 },
 };
 
        { NULL, 0, 0, 0 },
 };
 
@@ -221,13 +235,6 @@ static tunnelidt new_tunnel(void);
 static void unhide_value(uint8_t *value, size_t len, uint16_t type, uint8_t *vector, size_t vec_len);
 static void bundleclear(bundleidt b);
 
 static void unhide_value(uint8_t *value, size_t len, uint16_t type, uint8_t *vector, size_t vec_len);
 static void bundleclear(bundleidt b);
 
-// on slaves, alow BGP to withdraw cleanly before exiting
-#define QUIT_DELAY     5
-
-// quit actions (master)
-#define QUIT_FAILOVER  1 // SIGTERM: exit when all control messages have been acked (for cluster failover)
-#define QUIT_SHUTDOWN  2 // SIGQUIT: shutdown sessions/tunnels, reject new connections
-
 // return internal time (10ths since process startup), set f if given
 // as a side-effect sets time_now, and time_changed
 static clockt now(double *f)
 // return internal time (10ths since process startup), set f if given
 // as a side-effect sets time_now, and time_changed
 static clockt now(double *f)
@@ -240,6 +247,10 @@ static clockt now(double *f)
            time_now = t.tv_sec;
            time_changed++;
        }
            time_now = t.tv_sec;
            time_changed++;
        }
+
+       // Time in milliseconds
+       time_now_ms = (t.tv_sec * 1000) + (t.tv_usec/1000);
+
        return (t.tv_sec - basetime) * 10 + t.tv_usec / 100000 + 1;
 }
 
        return (t.tv_sec - basetime) * 10 + t.tv_usec / 100000 + 1;
 }
 
@@ -1323,7 +1334,8 @@ static void update_session_out_stat(sessionidt s, sessiont *sp, int len)
 
 // process outgoing (to tunnel) IP
 //
 
 // process outgoing (to tunnel) IP
 //
-static void processipout(uint8_t *buf, int len)
+// (i.e. this routine writes to data[-8]).
+void processipout(uint8_t *buf, int len)
 {
        sessionidt s;
        sessiont *sp;
 {
        sessionidt s;
        sessiont *sp;
@@ -1462,64 +1474,111 @@ static void processipout(uint8_t *buf, int len)
 
        if(session[s].bundle != 0 && bundle[session[s].bundle].num_of_links > 1)
        {
 
        if(session[s].bundle != 0 && bundle[session[s].bundle].num_of_links > 1)
        {
+
+               if (!config->cluster_iam_master)
+               {
+                       // The MPPP packets must be managed by the Master.
+                       master_forward_mppp_packet(s, data, size);
+                       return;
+               }
+
                // Add on L2TP header
                // Add on L2TP header
+               sessionidt members[MAXBUNDLESES];
                bundleidt bid = session[s].bundle;
                bundlet *b = &bundle[bid];
                bundleidt bid = session[s].bundle;
                bundlet *b = &bundle[bid];
+               uint32_t num_of_links, nb_opened;
+               int i;
 
 
-               b->current_ses = (b->current_ses + 1) % b->num_of_links;
-               s = b->members[b->current_ses];
+               num_of_links = b->num_of_links;
+               nb_opened = 0;
+               for (i = 0;i < num_of_links;i++)
+               {
+                       s = b->members[i];
+                       if (session[s].ppp.lcp == Opened)
+                       {
+                               members[nb_opened] = s;
+                               nb_opened++;
+                       }
+               }
+
+               if (nb_opened < 1)
+               {
+                       LOG(3, s, t, "MPPP: PROCESSIPOUT ERROR, no session opened in bundle:%d\n", bid);
+                       return;
+               }
+
+               num_of_links = nb_opened;
+               b->current_ses = (b->current_ses + 1) % num_of_links;
+               s = members[b->current_ses];
                t = session[s].tunnel;
                sp = &session[s];
                LOG(4, s, t, "MPPP: (1)Session number becomes: %d\n", s);
                t = session[s].tunnel;
                sp = &session[s];
                LOG(4, s, t, "MPPP: (1)Session number becomes: %d\n", s);
-               if(len > MINFRAGLEN)
-               {
-                       // Partition the packet to "bundle[b].num_of_links" fragments
-                       uint32_t num_of_links = b->num_of_links;
-                       uint32_t fraglen = len / num_of_links;
-                       fraglen = (fraglen > session[s].mru ? session[s].mru : fraglen);
-                       uint32_t last_fraglen = fraglen + len % num_of_links;
-                       last_fraglen = (last_fraglen > session[s].mru ? len % num_of_links : last_fraglen);
-                       uint32_t remain = len;
-
-                       // send the first packet
-                       uint8_t *p = makeppp(fragbuf, sizeof(fragbuf), buf, fraglen, s, t, PPPIP, 0, bid, MP_BEGIN);
-                       if (!p) return;
-                       tunnelsend(fragbuf, fraglen + (p-fragbuf), t); // send it...
-                       // statistics
-                       update_session_out_stat(s, sp, fraglen);
-                       remain -= fraglen;
-                       while (remain > last_fraglen)
-                       { 
+
+               if (num_of_links > 1)
+               {
+                       if(len > MINFRAGLEN)
+                       {
+                               //for rotate traffic among the member links
+                               uint32_t divisor = num_of_links;
+                               if (divisor > 2)
+                                       divisor = divisor/2 + (divisor & 1);
+
+                               // Partition the packet to "num_of_links" fragments
+                               uint32_t fraglen = len / divisor;
+                               uint32_t last_fraglen = fraglen + len % divisor;
+                               uint32_t remain = len;
+
+                               // send the first packet
+                               uint8_t *p = makeppp(fragbuf, sizeof(fragbuf), buf, fraglen, s, t, PPPIP, 0, bid, MP_BEGIN);
+                               if (!p) return;
+                               tunnelsend(fragbuf, fraglen + (p-fragbuf), t); // send it...
+
+                               // statistics
+                               update_session_out_stat(s, sp, fraglen);
+
+                               remain -= fraglen;
+                               while (remain > last_fraglen)
+                               {
+                                       b->current_ses = (b->current_ses + 1) % num_of_links;
+                                       s = members[b->current_ses];
+                                       t = session[s].tunnel;
+                                       sp = &session[s];
+                                       LOG(4, s, t, "MPPP: (2)Session number becomes: %d\n", s);
+                                       p = makeppp(fragbuf, sizeof(fragbuf), buf+(len - remain), fraglen, s, t, PPPIP, 0, bid, 0);
+                                       if (!p) return;
+                                       tunnelsend(fragbuf, fraglen + (p-fragbuf), t); // send it...
+                                       update_session_out_stat(s, sp, fraglen);
+                                       remain -= fraglen;
+                               }
+                               // send the last fragment
                                b->current_ses = (b->current_ses + 1) % num_of_links;
                                b->current_ses = (b->current_ses + 1) % num_of_links;
-                               s = b->members[b->current_ses];
+                               s = members[b->current_ses];
                                t = session[s].tunnel;
                                sp = &session[s];
                                LOG(4, s, t, "MPPP: (2)Session number becomes: %d\n", s);
                                t = session[s].tunnel;
                                sp = &session[s];
                                LOG(4, s, t, "MPPP: (2)Session number becomes: %d\n", s);
-                               p = makeppp(fragbuf, sizeof(fragbuf), buf+(len - remain), fraglen, s, t, PPPIP, 0, bid, 0);
+                               p = makeppp(fragbuf, sizeof(fragbuf), buf+(len - remain), remain, s, t, PPPIP, 0, bid, MP_END);
                                if (!p) return;
                                if (!p) return;
-                               tunnelsend(fragbuf, fraglen + (p-fragbuf), t); // send it...
-                               update_session_out_stat(s, sp, fraglen);
-                               remain -= fraglen;
+                               tunnelsend(fragbuf, remain + (p-fragbuf), t); // send it...
+                               update_session_out_stat(s, sp, remain);
+                               if (remain != last_fraglen)
+                                       LOG(3, s, t, "PROCESSIPOUT ERROR REMAIN != LAST_FRAGLEN, %d != %d\n", remain, last_fraglen);
                        }
                        }
-                       // send the last fragment
-                       b->current_ses = (b->current_ses + 1) % num_of_links;
-                       s = b->members[b->current_ses];
-                       t = session[s].tunnel;
-                       sp = &session[s];
-                       LOG(4, s, t, "MPPP: (2)Session number becomes: %d\n", s);
-                       p = makeppp(fragbuf, sizeof(fragbuf), buf+(len - remain), remain, s, t, PPPIP, 0, bid, MP_END);
-                       if (!p) return;
-                       tunnelsend(fragbuf, remain + (p-fragbuf), t); // send it...
-                       update_session_out_stat(s, sp, remain);
-                       if (remain != last_fraglen)
-                               LOG(3, s, t, "PROCESSIPOUT ERROR REMAIN != LAST_FRAGLEN, %d != %d\n", remain, last_fraglen);
-               }
-               else {
-                       // Send it as one frame
-                       uint8_t *p = makeppp(fragbuf, sizeof(fragbuf), buf, len, s, t, PPPIP, 0, bid, MP_BOTH_BITS);
+                       else
+                       {
+                               // Send it as one frame
+                               uint8_t *p = makeppp(fragbuf, sizeof(fragbuf), buf, len, s, t, PPPIP, 0, bid, MP_BOTH_BITS);
+                               if (!p) return;
+                               tunnelsend(fragbuf, len + (p-fragbuf), t); // send it...
+                               LOG(4, s, t, "MPPP: packet sent as one frame\n");
+                               update_session_out_stat(s, sp, len);
+                       }
+               }
+               else
+               {
+                       // Send it as one frame (NO MPPP Frame)
+                       uint8_t *p = makeppp(fragbuf, sizeof(fragbuf), buf, len, s, t, PPPIP, 0, 0, 0);
                        if (!p) return;
                        tunnelsend(fragbuf, len + (p-fragbuf), t); // send it...
                        if (!p) return;
                        tunnelsend(fragbuf, len + (p-fragbuf), t); // send it...
-                       LOG(4, s, t, "MPPP: packet sent as one frame\n");
                        update_session_out_stat(s, sp, len);
                }
        }
                        update_session_out_stat(s, sp, len);
                }
        }
@@ -1970,36 +2029,67 @@ void sessionshutdown(sessionidt s, char const *reason, int cdn_result, int cdn_e
                if (session[s].ppp.ipv6cp == Opened && session[s].ipv6prefixlen && del_routes)
                        route6set(s, session[s].ipv6route, session[s].ipv6prefixlen, 0);
                
                if (session[s].ppp.ipv6cp == Opened && session[s].ipv6prefixlen && del_routes)
                        route6set(s, session[s].ipv6route, session[s].ipv6prefixlen, 0);
                
-               if (b) 
+               if (b)
                {
                {
-                       // This session was part of a bundle
-                       bundle[b].num_of_links--;
-                       LOG(3, s, session[s].tunnel, "MPPP: Dropping member link: %d from bundle %d\n",s,b);
-                       if(bundle[b].num_of_links == 0) 
+                       // This session was part of a bundle
+                       bundle[b].num_of_links--;
+                       LOG(3, s, session[s].tunnel, "MPPP: Dropping member link: %d from bundle %d\n",s,b);
+                       if(bundle[b].num_of_links == 0)
                        {
                        {
-                               bundleclear(b);
-                               LOG(3, s, session[s].tunnel, "MPPP: Kill bundle: %d (No remaing member links)\n",b);
-                       }
-                       else 
+                               bundleclear(b);
+                               LOG(3, s, session[s].tunnel, "MPPP: Kill bundle: %d (No remaing member links)\n",b);
+                       }
+                       else 
                        {
                        {
-                               // Adjust the members array to accomodate the new change
-                               uint8_t mem_num = 0;
-                               // It should be here num_of_links instead of num_of_links-1 (previous instruction "num_of_links--")
-                               if(bundle[b].members[bundle[b].num_of_links] != s) 
+                               // Adjust the members array to accomodate the new change
+                               uint8_t mem_num = 0;
+                               // It should be here num_of_links instead of num_of_links-1 (previous instruction "num_of_links--")
+                               if(bundle[b].members[bundle[b].num_of_links] != s)
                                {
                                {
-                                       uint8_t ml;
-                                       for(ml = 0; ml<bundle[b].num_of_links; ml++)
-                                               if(bundle[b].members[ml] == s)
-                                               {
-                                                       mem_num = ml;
-                                                       break;
-                                               }
-                                       bundle[b].members[mem_num] = bundle[b].members[bundle[b].num_of_links];
-                                       LOG(3, s, session[s].tunnel, "MPPP: Adjusted member links array\n");
-                               }
-                       }
-                       cluster_send_bundle(b);
-               }
+                                       uint8_t ml;
+                                       for(ml = 0; ml<bundle[b].num_of_links; ml++)
+                                       if(bundle[b].members[ml] == s)
+                                       {
+                                                       mem_num = ml;
+                                                       break;
+                                       }
+                                       bundle[b].members[mem_num] = bundle[b].members[bundle[b].num_of_links];
+                                       LOG(3, s, session[s].tunnel, "MPPP: Adjusted member links array\n");
+
+                                       // If the killed session is the first of the bundle,
+                                       // the new first session must be stored in the cache_ipmap
+                                       // else the function sessionbyip return 0 and the sending not work any more (processipout).
+                                       if (mem_num == 0)
+                                       {
+                                               sessionidt new_s = bundle[b].members[0];
+
+                                               routed = 0;
+                                               // Add the route for this session.
+                                               for (r = 0; r < MAXROUTE && session[new_s].route[r].ip; r++)
+                                               {
+                                                       int i, prefixlen;
+                                                       in_addr_t ip;
+
+                                                       prefixlen = session[new_s].route[r].prefixlen;
+                                                       ip = session[new_s].route[r].ip;
+
+                                                       if (!prefixlen) prefixlen = 32;
+                                                       ip &= 0xffffffff << (32 - prefixlen);   // Force the ip to be the first one in the route.
+
+                                                       for (i = ip; i < ip+(1<<(32-prefixlen)) ; ++i)
+                                                               cache_ipmap(i, new_s);
+                                               }
+                                               cache_ipmap(session[new_s].ip, new_s);
+
+                                               // IPV6 route
+                                               if (session[new_s].ipv6prefixlen)
+                                                       cache_ipv6map(session[new_s].ipv6route, session[new_s].ipv6prefixlen, new_s);
+                                       }
+                               }
+                       }
+
+                       cluster_send_bundle(b);
+        }
        }
 
        if (session[s].throttle_in || session[s].throttle_out) // Unthrottle if throttled.
        }
 
        if (session[s].throttle_in || session[s].throttle_out) // Unthrottle if throttled.
@@ -2538,7 +2628,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                                case 0:     // message type
                                        message = ntohs(*(uint16_t *) b);
                                        mandatory = flags & 0x80;
                                case 0:     // message type
                                        message = ntohs(*(uint16_t *) b);
                                        mandatory = flags & 0x80;
-                                       LOG(4, s, t, "   Message type = %u (%s)\n", *b, l2tp_code(message));
+                                       LOG(4, s, t, "   Message type = %u (%s)\n", message, l2tp_code(message));
                                        break;
                                case 1:     // result code
                                        {
                                        break;
                                case 1:     // result code
                                        {
@@ -2633,6 +2723,15 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                                        }
                                        break;
                                case 13:    // Response
                                        }
                                        break;
                                case 13:    // Response
+#ifdef LAC
+                                       if (istunneltolns(t))
+                                       {
+                                               chapresponse = calloc(17, 1);
+                                               memcpy(chapresponse, b, (n < 17) ? n : 16);
+                                               LOG(1, s, t, "received challenge response from (REMOTE LNS)\n");
+                                       }
+                                       else
+#endif /* LAC */
                                        // Why did they send a response? We never challenge.
                                        LOG(2, s, t, "   received unexpected challenge response\n");
                                        break;
                                        // Why did they send a response? We never challenge.
                                        LOG(2, s, t, "   received unexpected challenge response\n");
                                        break;
@@ -2876,6 +2975,39 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                                case 2:       // SCCRP
                                        tunnel[t].state = TUNNELOPEN;
                                        tunnel[t].lastrec = time_now;
                                case 2:       // SCCRP
                                        tunnel[t].state = TUNNELOPEN;
                                        tunnel[t].lastrec = time_now;
+#ifdef LAC
+                                       LOG(1, s, t, "Recieved SCCRP (REMOTE LNS)\n");
+                                       if (main_quit != QUIT_SHUTDOWN)
+                                       {
+                                               if (istunneltolns(t) && chapresponse)
+                                               {
+                                                       hasht hash;
+
+                                                       calc_lac_auth(t, 2, hash); // id = 2 (SCCRP)
+                                                       // check authenticator
+                                                       if (memcmp(hash, chapresponse, 16) == 0)
+                                                       {
+                                                               controlt *c = controlnew(3); // sending SCCCN
+                                                               controls(c, 7, hostname, 1); // host name
+                                                               controls(c, 8, Vendor_name, 1); // Vendor name
+                                                               control16(c, 2, version, 1); // protocol version
+                                                               control32(c, 3, 3, 1); // framing Capabilities
+                                                               control16(c, 9, t, 1); // assigned tunnel
+                                                               controladd(c, 0, t); // send
+
+                                                               LOG(1, s, t, "sending SCCCN (REMOTE LNS)\n");
+                                                       }
+                                                       else
+                                                       {
+                                                               tunnelshutdown(t, "(REMOTE LNS) Bad chap response", 4, 0, 0);
+                                                       }
+                                               }
+                                       }
+                                       else
+                                       {
+                                               tunnelshutdown(t, "Shutting down", 6, 0, 0);
+                                       }
+#endif /* LAC */
                                        break;
                                case 3:       // SCCN
                                        tunnel[t].state = TUNNELOPEN;
                                        break;
                                case 3:       // SCCN
                                        tunnel[t].state = TUNNELOPEN;
@@ -2943,7 +3075,23 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                                        }
                                        return;
                                case 11:      // ICRP
                                        }
                                        return;
                                case 11:      // ICRP
-                                       // TBA
+#ifdef LAC
+                               LOG(1, s, t, "Recieved ICRP (REMOTE LNS)\n");
+                               if (session[s].forwardtosession)
+                               {
+                                       controlt *c = controlnew(12); // ICCN
+
+                                       session[s].opened = time_now;
+                                       session[s].tunnel = t;
+                                       session[s].far = asession;
+                                       session[s].last_packet = session[s].last_data = time_now;
+
+                                       control32(c, 19, 1, 1); // Framing Type
+                                       control32(c, 24, 10000000, 1); // Tx Connect Speed
+                                       controladd(c, asession, t); // send the message
+                                       LOG(1, s, t, "Sending ICCN (REMOTE LNS)\n");
+                               }
+#endif /* LAC */
                                        break;
                                case 12:      // ICCN
                                        if (amagic == 0) amagic = time_now;
                                        break;
                                case 12:      // ICCN
                                        if (amagic == 0) amagic = time_now;
@@ -2966,6 +3114,9 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
 
                                case 14:      // CDN
                                        controlnull(t); // ack
 
                                case 14:      // CDN
                                        controlnull(t); // ack
+#ifdef LAC
+
+#endif /* LAC */
                                        sessionshutdown(s, disc_reason, CDN_NONE, disc_cause);
                                        break;
                                case 0xFFFF:
                                        sessionshutdown(s, disc_reason, CDN_NONE, disc_cause);
                                        break;
                                case 0xFFFF:
@@ -3015,6 +3166,16 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                        l -= 2;
                }
 
                        l -= 2;
                }
 
+#ifdef LAC
+               if (session[s].forwardtosession)
+               {
+                       LOG(4, s, t, "Forwarding data session to %u (REMOTE LNS)\n", session[s].forwardtosession);
+                       // Forward to Remote LNS
+                       session_forward_tolns(buf, len, s, proto);
+                       return;
+               }
+#endif /* LAC */
+
                if (s && !session[s].opened)    // Is something wrong??
                {
                        if (!config->cluster_iam_master)
                if (s && !session[s].opened)    // Is something wrong??
                {
                        if (!config->cluster_iam_master)
@@ -3024,7 +3185,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                                return;
                        }
 
                                return;
                        }
 
-
                        LOG(1, s, t, "UDP packet contains session which is not opened.  Dropping packet.\n");
                        STAT(tunnel_rx_errors);
                        return;
                        LOG(1, s, t, "UDP packet contains session which is not opened.  Dropping packet.\n");
                        STAT(tunnel_rx_errors);
                        return;
@@ -3092,8 +3252,9 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                        }
 
                        session[s].last_packet = session[s].last_data = time_now;
                        }
 
                        session[s].last_packet = session[s].last_data = time_now;
-                       if (session[s].walled_garden && !config->cluster_iam_master)
+                       if (!config->cluster_iam_master)
                        {
                        {
+                               // The fragments reconstruction is managed by the Master.
                                master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port);
                                return;
                        }
                                master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port);
                                return;
                        }
@@ -3132,6 +3293,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
 }
 
 // read and process packet on tun
 }
 
 // read and process packet on tun
+// (i.e. this routine writes to buf[-8]).
 static void processtun(uint8_t * buf, int len)
 {
        LOG_HEX(5, "Receive TUN Data", buf, len);
 static void processtun(uint8_t * buf, int len)
 {
        LOG_HEX(5, "Receive TUN Data", buf, len);
@@ -3405,8 +3567,8 @@ static void regular_cleanups(double period)
                        }
                }
 
                        }
                }
 
-               // Drop sessions who have not responded within IDLE_TIMEOUT seconds
-               if (session[s].last_packet && (time_now - session[s].last_packet >= IDLE_TIMEOUT))
+               // Drop sessions who have not responded within IDLE_ECHO_TIMEOUT seconds
+               if (session[s].last_packet && (time_now - session[s].last_packet >= config->idle_echo_timeout))
                {
                        sessionshutdown(s, "No response to LCP ECHO requests.", CDN_ADMIN_DISC, TERM_LOST_SERVICE);
                        STAT(session_timeout);
                {
                        sessionshutdown(s, "No response to LCP ECHO requests.", CDN_ADMIN_DISC, TERM_LOST_SERVICE);
                        STAT(session_timeout);
@@ -3415,7 +3577,7 @@ static void regular_cleanups(double period)
                }
 
                // No data in ECHO_TIMEOUT seconds, send LCP ECHO
                }
 
                // No data in ECHO_TIMEOUT seconds, send LCP ECHO
-               if (session[s].ppp.phase >= Establish && (time_now - session[s].last_packet >= ECHO_TIMEOUT) &&
+               if (session[s].ppp.phase >= Establish && (time_now - session[s].last_packet >= config->echo_timeout) &&
                        (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT))
                {
                        uint8_t b[MAXETHER];
                        (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT))
                {
                        uint8_t b[MAXETHER];
@@ -3696,6 +3858,8 @@ static void mainloop(void)
 {
        int i;
        uint8_t buf[65536];
 {
        int i;
        uint8_t buf[65536];
+       uint8_t *p = buf + 8; // for the hearder of the forwarded MPPP packet (see C_MPPP_FORWARD)
+       int size_bufp = sizeof(buf) - 8;
        clockt next_cluster_ping = 0;   // send initial ping immediately
        struct epoll_event events[BASE_FDS + RADIUS_FDS + EXTRA_FDS];
        int maxevent = sizeof(events)/sizeof(*events);
        clockt next_cluster_ping = 0;   // send initial ping immediately
        struct epoll_event events[BASE_FDS + RADIUS_FDS + EXTRA_FDS];
        int maxevent = sizeof(events)/sizeof(*events);
@@ -3940,9 +4104,9 @@ static void mainloop(void)
                                // incoming IP
                                if (tun_ready)
                                {
                                // incoming IP
                                if (tun_ready)
                                {
-                                       if ((s = read(tunfd, buf, sizeof(buf))) > 0)
+                                       if ((s = read(tunfd, p, size_bufp)) > 0)
                                        {
                                        {
-                                               processtun(buf, s);
+                                               processtun(p, s);
                                                tun_pkts++;
                                        }
                                        else
                                                tun_pkts++;
                                        }
                                        else
@@ -4191,6 +4355,9 @@ static void initdata(int optdebug, char *optconfig)
        config->ppp_max_failure = 5;
        config->kill_timedout_sessions = 1;
        strcpy(config->random_device, RANDOMDEVICE);
        config->ppp_max_failure = 5;
        config->kill_timedout_sessions = 1;
        strcpy(config->random_device, RANDOMDEVICE);
+       // Set default value echo_timeout and idle_echo_timeout
+       config->echo_timeout = ECHO_TIMEOUT;
+       config->idle_echo_timeout = IDLE_ECHO_TIMEOUT;
 
        log_stream = stderr;
 
 
        log_stream = stderr;
 
@@ -4307,6 +4474,10 @@ static void initdata(int optdebug, char *optconfig)
                exit(1);
        }
 #endif /* BGP */
                exit(1);
        }
 #endif /* BGP */
+
+#ifdef LAC
+       initremotelnsdata();
+#endif
 }
 
 static int assign_ip_address(sessionidt s)
 }
 
 static int assign_ip_address(sessionidt s)
@@ -5134,18 +5305,18 @@ int sessionsetup(sessionidt s, tunnelidt t)
        LOG(3, s, t, "Doing session setup for session\n");
 
        // Join a bundle if the MRRU option is accepted
        LOG(3, s, t, "Doing session setup for session\n");
 
        // Join a bundle if the MRRU option is accepted
-        if(session[s].mrru > 0 && session[s].bundle == 0)
-        {
-                LOG(3, s, t, "This session can be part of multilink bundle\n");
-                if (join_bundle(s) > 0)
-                       cluster_send_bundle(session[s].bundle);
+       if(session[s].mrru > 0 && session[s].bundle == 0)
+       {
+               LOG(3, s, t, "This session can be part of multilink bundle\n");
+               if (join_bundle(s) > 0)
+                       cluster_send_bundle(session[s].bundle);
                else
                {
                        LOG(0, s, t, "MPPP: Mismaching mssf option with other sessions in bundle\n");
                        sessionshutdown(s, "Mismaching mssf option.", CDN_NONE, TERM_SERVICE_UNAVAILABLE);
                        return 0;
                }
                else
                {
                        LOG(0, s, t, "MPPP: Mismaching mssf option with other sessions in bundle\n");
                        sessionshutdown(s, "Mismaching mssf option.", CDN_NONE, TERM_SERVICE_UNAVAILABLE);
                        return 0;
                }
-        }
+       }
 
        if (!session[s].ip)
        {
 
        if (!session[s].ip)
        {
@@ -5160,7 +5331,6 @@ int sessionsetup(sessionidt s, tunnelidt t)
                        fmtaddr(htonl(session[s].ip), 0));
        }
 
                        fmtaddr(htonl(session[s].ip), 0));
        }
 
-
        // Make sure this is right
        session[s].tunnel = t;
 
        // Make sure this is right
        session[s].tunnel = t;
 
@@ -5173,13 +5343,14 @@ int sessionsetup(sessionidt s, tunnelidt t)
                for (i = 1; i <= config->cluster_highest_sessionid; i++)
                {
                        if (i == s) continue;
                for (i = 1; i <= config->cluster_highest_sessionid; i++)
                {
                        if (i == s) continue;
-                       if (!session[s].opened) continue;
+                       if (!session[s].opened) break;
                        // Allow duplicate sessions for multilink ones of the same bundle.
                        // Allow duplicate sessions for multilink ones of the same bundle.
-                        if (session[s].bundle && session[i].bundle && session[s].bundle == session[i].bundle)
-                                continue;
+                       if (session[s].bundle && session[i].bundle && session[s].bundle == session[i].bundle) continue;
+
                        if (ip == session[i].ip)
                        {
                                sessionkill(i, "Duplicate IP address");
                        if (ip == session[i].ip)
                        {
                                sessionkill(i, "Duplicate IP address");
+                               cluster_listinvert_session(s, i);
                                continue;
                        }
 
                                continue;
                        }
 
@@ -5187,16 +5358,16 @@ int sessionsetup(sessionidt s, tunnelidt t)
                        if (session[s].walled_garden || session[i].walled_garden) continue;
                        // Guest change
                        int found = 0;
                        if (session[s].walled_garden || session[i].walled_garden) continue;
                        // Guest change
                        int found = 0;
-                        int gu;
-                        for (gu = 0; gu < guest_accounts_num; gu++)
-                        {
-                                if (!strcasecmp(user, guest_users[gu]))
-                                {
-                                        found = 1;
-                                        break;
-                                }
-                        }
-                        if (found) continue;
+                       int gu;
+                       for (gu = 0; gu < guest_accounts_num; gu++)
+                       {
+                               if (!strcasecmp(user, guest_users[gu]))
+                               {
+                                       found = 1;
+                                       break;
+                               }
+                       }
+                       if (found) continue;
 
                        // Drop the new session in case of duplicate sessionss, not the old one.
                        if (!strcasecmp(user, session[i].user))
 
                        // Drop the new session in case of duplicate sessionss, not the old one.
                        if (!strcasecmp(user, session[i].user))
@@ -5207,7 +5378,7 @@ int sessionsetup(sessionidt s, tunnelidt t)
        // no need to set a route for the same IP address of the bundle
        if (!session[s].bundle || (bundle[session[s].bundle].num_of_links == 1))
        {
        // no need to set a route for the same IP address of the bundle
        if (!session[s].bundle || (bundle[session[s].bundle].num_of_links == 1))
        {
-               int routed = 0;
+               int routed = 0;
 
                // Add the route for this session.
                for (r = 0; r < MAXROUTE && session[s].route[r].ip; r++)
 
                // Add the route for this session.
                for (r = 0; r < MAXROUTE && session[s].route[r].ip; r++)
@@ -6053,3 +6224,52 @@ int ip_filter(uint8_t *buf, int len, uint8_t filter)
        // default deny
        return 0;
 }
        // default deny
        return 0;
 }
+
+#ifdef LAC
+
+tunnelidt lac_new_tunnel()
+{
+       return new_tunnel();
+}
+
+void lac_tunnelclear(tunnelidt t)
+{
+       tunnelclear(t);
+}
+
+void lac_send_SCCRQ(tunnelidt t, uint8_t * auth, unsigned int auth_len)
+{
+       uint16_t version = 0x0100;      // protocol version
+
+       tunnel[t].state = TUNNELOPENING;
+
+       // Sent SCCRQ - Start Control Connection Request
+       controlt *c = controlnew(1); // sending SCCRQ
+       controls(c, 7, hostname, 1); // host name
+       controls(c, 8, Vendor_name, 1); // Vendor name
+       control16(c, 2, version, 1); // protocol version
+       control32(c, 3, 3, 1); // framing Capabilities
+       control16(c, 9, t, 1); // assigned tunnel
+       controlb(c, 11, (uint8_t *) auth, auth_len, 1);  // CHAP Challenge
+       LOG(1, 0, t, "Sent SCCRQ tunnel (REMOTE LNS)\n");
+       controladd(c, 0, t); // send
+}
+
+void lac_send_ICRQ(tunnelidt t, sessionidt s)
+{
+       // Sent ICRQ  Incoming-call-request
+       controlt *c = controlnew(10); // ICRQ
+
+       control16(c, 14, s, 1); // assigned sesion
+       call_serial_number++;
+       control32(c, 15, call_serial_number, 1);  // call serial number
+       LOG(1, s, t, "Sent ICRQ (REMOTE LNS) (tunnel far ID %u)\n", tunnel[t].far);
+       controladd(c, 0, t); // send
+}
+
+void lac_tunnelshutdown(tunnelidt t, char *reason, int result, int error, char *msg)
+{
+       tunnelshutdown(t, reason, result, error, msg);
+}
+
+#endif