Page MenuHomeVyOS Platform
Create Task
Maniphest T1583

l2tp vpn edits does not restart xl2tpd on commit
Closed, ResolvedPublicBUG
Actions

Description

Hi! I`m using 1.2.0-rolling+201907230337

$ sh int 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             172.16.63.2/28                    u/u  LAN interface 
eth1             46.*.*.201/29                   u/u  WAN 1
eth2             88.*.*.182/29                 u/u  WAN 2
lo               127.0.0.1/8                       u/u  
                 ::1/128

using next vpn config:

# sh vpn l2tp 
 remote-access {
     authentication {
         mode radius
         radius {
             server 192.*.*.10 {
                 key some-secret-key
             }
         }
         require mschap-v2
     }
     client-ip-pool {
         start 10.8.252.20
         stop 10.8.252.220
     }
     dns-servers {
         server-1 192.168.0.25
         server-2 192.168.0.16
     }
     ipsec-settings {
         authentication {
             mode pre-shared-secret
             pre-shared-secret pre-shared
         }
         ike-lifetime 3600
     }
     outside-address 0.0.0.0
 }

So, on first time i`ve configured it starts xl2tpd on 0.0.0.0 address, as see:

# ss -nlup | grep xl2tpd
UNCONN0      0                                 0.0.0.0:1701        0.0.0.0:*     users:(("xl2tpd",pid=2358,fd=3))

On edit listening address and commit it stays listening on 0.0.0.0:

set vpn l2tp remote-access outside-address 88.*.*.182
sh vpn l2tp 
 remote-access {
     authentication {
         mode radius
         radius {
             server 192.*.*.10 {
                 key some-secret-key
             }
         }
         require mschap-v2
     }
     client-ip-pool {
         start 10.8.252.20
         stop 10.8.252.220
     }
     dns-servers {
         server-1 192.168.0.25
         server-2 192.168.0.16
     }
     ipsec-settings {
         authentication {
             mode pre-shared-secret
             pre-shared-secret pre-shared
         }
         ike-lifetime 3600
     }
>    outside-address 88.*.*.182
 }
commit

# grep listen-addr /etc/xl2tpd/xl2tpd.conf 
listen-addr = 88.*.*.182

# ss -nlup | grep xl2tpd
UNCONN0      0                                 0.0.0.0:1701        0.0.0.0:*     users:(("xl2tpd",pid=2358,fd=3))

If i restart vyos, or kill and start xl2tpd it starts with normal listening address:

# kill -9 2358
# /usr/sbin/xl2tpd
# ss -nlup | grep xl2tpd
UNCONN0      0                          88.*.*.182:1701        0.0.0.0:*     users:(("xl2tpd",pid=5935,fd=3))

Same problem when i wish to listen on another interface.
restart vpn does not solve problem.

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rolling+201907230337
Why the issue appeared?
Will be filled on close

Related Objects

Event Timeline

hammersoft created this task.Aug 14 2019, 8:31 AM
Unknown Object (User) added a subscriber: Unknown Object (User).Aug 14 2019, 9:27 AM

Hello @hammersoft , VyOS migrated from xl2tp to accel-ppp. Can you check this issue on latest rolling?
https://phabricator.vyos.net/T834

Unknown Object (User) added a comment.Aug 21 2019, 7:20 AM

https://phabricator.vyos.net/T834

In T834#41371, @hammersoft wrote:

On vyos-1.2-rolling-201908201244-amd64.iso won`t reproduce. All ok, configuration edits are applied.

May close this bug.

pasik added a subscriber: pasik.Aug 21 2019, 6:00 PM
syncer closed this task as Resolved.Aug 30 2019, 11:04 PM
syncer claimed this task.
syncer edited projects, added VyOS 1.3 Equuleus, VyOS 1.2 Crux (VyOS 1.2.3); removed VyOS 1.2 Crux.
syncer edited projects, added Rejected; removed VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus.Aug 31 2019, 12:48 PM