X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/be29ef6cb251dbcf421701a44333520a755aecae..1f48c2907f50134331af26fa6161a27075adac28:/Docs/manual.html diff --git a/Docs/manual.html b/Docs/manual.html index 3d1adf9..4215189 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -184,6 +184,18 @@ the same as the LAC, or authentication will fail. Only actually be used if the LAC requests authentication. +
  • l2tp_mtu (int)
    +MTU of interface for L2TP traffic (default: 1500). Used to set link +MRU and adjust TCP MSS. +
    • + +
  • ppp_restart_time (int)
    +ppp_max_configure (int)
    +ppp_max_failure (int)
    +PPP counter and timer values, as described in §4.1 of +RFC1661. +
    • +
  • primary_dns (ip address)
  • secondary_dns (ip address)
    Whenever a PPP connection is established, DNS servers will be sent to the @@ -223,16 +235,43 @@ This secret will be used in all RADIUS queries. If this is not set then RADIUS queries will fail.
    • +
  • radius_authtypes (string)
    +A comma separated list of supported RADIUS authentication methods +(pap or chap), in order of preference (default pap). +
    • + +
  • radius_dae_port (short)
    +Port for DAE RADIUS (Packet of Death/Disconnect, Change of Authorization) +requests (default: 3799). +
    • + +
  • allow_duplicate_users (boolean)
    +Allow multiple logins with the same username. If false (the default), +any prior session with the same username will be dropped when a new +session is established. +
    • +
  • bind_address (ip address)
    -When the tun interface is created, it is assigned the address -specified here. If no address is given, 1.1.1.1 is used. Packets -containing user traffic should be routed via this address if given, -otherwise the primary address of the machine. +It's the listen address of the l2tp udp protocol sent and received +to LAC. This address is also assigned to the tun interface if no +iftun_address is specified. Packets containing user traffic should be +routed via this address if given, otherwise the primary address of the +machine. +
    • + +
  • iftun_address (ip address)
    +This parameter is used when you want a tun interface address different +from the address of "bind_address" (For use in cases of specific configuration). +If no address is given to iftun_address and bind_address, 1.1.1.1 is used. +
    • + +
  • tundevicename (string)
    +Name of the tun interface (default: "tun0").
  • peer_address (ip address)
    Address to send to clients as the default gateway. - +
  • send_garp (boolean)
    Determines whether or not to send a gratuitous ARP for the @@ -274,10 +313,6 @@ second. Even if this is disabled, you can see this information by running the uptime command on the CLI.
    • -
  • cleanup_interval (int)
    -Interval between regular cleanups (in seconds). -
    • -
  • multi_read_count (int)
    Number of packets to read off each of the UDP and TUN fds when returned as readable by select (default: 10). Avoids incurring the @@ -315,6 +350,10 @@ on Clustering for more information. Interface for cluster packets (default: eth0).
    • +
  • cluster_mcast_ttl (int)
    +TTL for multicast packets (default: 1). +
    • +
  • cluster_hb_interval (int)
    Interval in tenths of a second between cluster heartbeat/pings.
    • @@ -324,8 +363,51 @@ Cluster heartbeat timeout in tenths of a second. A new master will be elected when this interval has been passed without seeing a heartbeat from the master. + +
  • cluster_master_min_adv (int)
    +Determines the minumum number of up to date slaves required before the +master will drop routes (default: 1). +
    • + +
  • echo_timeout (int)
    +Time between last packet sent and LCP ECHO generation +(default: 10 (seconds)). +
    • + +
  • idle_echo_timeout (int)
    +Drop sessions who have not responded within idle_echo_timeout seconds +(default: 240 (seconds)) +
    • + +
  • bind_address_remotelns (ip address)
    +Address of the interface to listen the remote LNS tunnels. +If no address is given, all interfaces are listened (Any Address). +
    • + +
  • bind_portremotelns (short)
    +Port to bind for the Remote LNS (default: 65432). +
    • + +
  • auth_tunnel_change_addr_src (boolean)
    +This parameter authorize to change the source IP of the tunnels l2tp. +This parameter can be used when the remotes BAS/LAC are l2tpns server +configured in cluster mode, but that the interface to remote LNS are +not clustered (the tunnel can be coming from different source IP) +(default: no). +
    • + +

    The REMOTES LNS configuration is entered by the command: +

    setforward MASK IP PORT SECRET
    + +where MASK specifies the mask of users who have forwarded to +remote LNS (ex: /myISP@company.com).
    +where IP specifies the IP of the remote LNS (ex: 66.66.66.55).
    +where PORT specifies the L2TP Port of the remote LNS +(Normally should be 1701) (ex: 1701).
    +where SECRET specifies the secret password the remote LNS (ex: mysecret).
    +

    BGP routing configuration is entered by the command: The routing configuration section is entered by the command

    router bgp as
    @@ -683,12 +765,15 @@ killall -HUP l2tpns The signals understood are: - +
    +
    SIGHUP
    Reload the config from disk and re-open log file.
    +
    SIGTERM, SIGINT
    Stop process. Tunnels and sessions are not +terminated. This signal should be used to stop l2tpns on a +cluster node where there are other machines to +continue handling traffic.
    +
    SIGQUIT
    Shut down tunnels and sessions, exit process when +complete.
    +

    Throttling

    @@ -801,14 +886,14 @@ supplied structure: some way. - +
    +
    t
    Tunnel +
    s
    Session +
    username +
    password +
    protocol
    0xC023 for PAP, 0xC223 for CHAP +
    continue_auth
    Set to 0 to stop processing authentication modules +
    post_auth @@ -818,16 +903,16 @@ supplied structure: to be accepted. - + allow or disallow authentication +
    protocol
    0xC023 for PAP, 0xC223 for CHAP + packet_rx @@ -836,12 +921,12 @@ supplied structure: seriously slow down the system. - +
    +
    t
    Tunnel +
    s
    Session +
    buf
    The raw packet data +
    len
    The length of buf +
    packet_tx @@ -850,12 +935,12 @@ supplied structure: seriously slow down the system. - +
    +
    t
    Tunnel +
    s
    Session +
    buf
    The raw packet data +
    len
    The length of buf +
    timer @@ -864,9 +949,9 @@ supplied structure: you do is reentrant. - +
    +
    time_now
    The current unix timestamp +
    new_session @@ -874,10 +959,10 @@ supplied structure: session is now ready to handle traffic. - +
    +
    t
    Tunnel +
    s
    Session +
    kill_session @@ -885,10 +970,10 @@ supplied structure: This may be called multiple times for the same session. - +
    +
    t
    Tunnel +
    s
    Session +
    radius_response @@ -898,12 +983,24 @@ supplied structure: modules. - +
    +
    t
    Tunnel +
    s
    Session +
    key +
    value +
    + + + radius_reset + This is called whenever a RADIUS CoA request is + received to reset any options to default values before + the new values are applied. + + +
    +
    t
    Tunnel +
    s
    Session +
    control @@ -912,21 +1009,13 @@ supplied structure: required. - +
    +
    iam_master
    Cluster master status +
    argc
    The number of arguments +
    argv
    Arguments +
    response
    Return value: NSCTL_RES_OK or NSCTL_RES_ERR +
    additional
    Extended response text +