Page MenuHomeVyOS Platform

After PPPoE 0 is restarted, the default static route is lost
Closed, ResolvedPublicBUG

Description

After setting up PPPoE to get IPv6 from ISP, I try to execute the following command:

set interfaces pppoe pppoe0 ipv6 enable
set interfaces pppoe pppoe0 ipv6 address autoconf
commit
run disconnect interface pppoe0
run connect interface pppoe0

After that, not only can we get the IPv4, but also the PPPoE link is automatically interrupted almost every N seconds, so we need to restart the system to recover.

What's more, even if I don't turn on IPv6, there are still errors when I execute the following commands directly in operation mode:

disconnect interface pppoe0
connect interface pppoe0

I once mentioned this bug in task list T2335. In T2335, I thought I found a bug that could not allocate IPv6 from ISP. After the community members reminded me, I wrote a command less:

set interfaces pppoe pppoe0 ipv6 address autoconf

But in the comments later, I found a more serious bug. Now this bug has happened, which leads to the decline of PPPoE function stability, and there is a pit that has to be fixed. I hope community developers can take the community task to fix this bug!

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.3-rolling-202004240117
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

jack9603301 triaged this task as High priority.Apr 24 2020, 12:24 PM
jack9603301 created this task.
pasik added a subscriber: pasik.Apr 24 2020, 1:01 PM
c-po added a subscriber: c-po.Apr 24 2020, 4:35 PM

@jack9603301 unfortunately I can not reproduce this behavior on my PPPoE link - it runs stable with the latest rolling versions and I have 0 disconnects - neither in a LAB with VyOS PPPoE server not Deutsche Telekom or M-Net links.

I think it's strange, but in fact, I'll try to see it in GNS tomorrow!

It seems that IPv6 is not only the case even in IPv4, but I don't understand that this happens. I remember that 1.2-rolling-20191203 has no such problem. If so, it shouldn't be the problem of my local ISP network. Moreover, this problem also exists in the PPPoE of IPv4. It's more doubtful that there may be a bug in the PPPoE of vyos. Although the bug may occur in a specific environment?

c-po added a comment.Apr 24 2020, 4:53 PM

Please always include a copy of your configurationw which would make labbing much easier

set firewall all-ping 'enable'
set firewall broadcast-ping 'enable'
set firewall config-trap 'disable'
set firewall ipv6-receive-redirects 'enable'
set firewall ipv6-src-route 'enable'
set firewall ip-src-route 'enable'
set firewall log-martians 'enable'
set firewall name wan default-action 'drop'
set firewall name wan rule 1 action 'accept'
set firewall name wan rule 1 state established 'enable'
set firewall name wan rule 1 state related 'enable'
set firewall name wan-local default-action 'drop'
set firewall name wan-local rule 1 action 'accept'
set firewall name wan-local rule 1 state established 'enable'
set firewall name wan-local rule 1 state related 'enable'
set firewall name wan-local rule 2 action 'accept'
set firewall name wan-local rule 2 icmp type-name 'echo-request'
set firewall name wan-local rule 2 protocol 'icmp'
set firewall name wan-local rule 2 state new 'enable'
set firewall name wan-local rule 3 action 'drop'
set firewall name wan-local rule 3 destination port '22'
set firewall name wan-local rule 3 protocol 'tcp'
set firewall name wan-local rule 3 recent count '4'
set firewall name wan-local rule 3 recent time '60'
set firewall name wan-local rule 3 state new 'enable'
set firewall name wan-local rule 4 action 'accept'
set firewall name wan-local rule 4 protocol 'tcp'
set firewall name wan-local rule 4 state new 'enable'
set firewall options interface pppoe0 adjust-mss '1452'
set firewall options interface pppoe0 adjust-mss6 '1280'
set firewall receive-redirects 'disable'
set firewall send-redirects 'enable'
set firewall source-validation 'disable'
set firewall state-policy established action 'accept'
set firewall state-policy established log enable
set firewall state-policy invalid action 'accept'
set firewall state-policy invalid log enable
set firewall state-policy related action 'accept'
set firewall state-policy related log enable
set firewall syn-cookies 'enable'
set firewall twa-hazards-protection 'disable'
set interfaces bridge br1 address '192.168.0.1/24'
set interfaces bridge br1 address 'fc00:470:f1cd::1/64'
set interfaces bridge br1 description 'lan 0'
set interfaces bridge br1 dhcpv6-options temporary
set interfaces bridge br1 ipv6 address autoconf
set interfaces bridge br1 ipv6 address eui64 'fc00:470:f1cd::/64'
set interfaces bridge br1 ipv6 dup-addr-detect-transmits '1'
set interfaces bridge br1 member interface eth1.1
set interfaces bridge br1 member interface eth2
set interfaces bridge br1 stp
set interfaces bridge br2 address '192.168.101.1/24'
set interfaces bridge br2 address 'fc00:470:f1cd:101::1/64'
set interfaces bridge br2 description 'lan 101'
set interfaces bridge br2 dhcpv6-options temporary
set interfaces bridge br2 dhcpv6-options temporary
set interfaces bridge br2 ipv6 address autoconf
set interfaces bridge br2 ipv6 address eui64 'fc00:470:f1cd:101::/64'
set interfaces bridge br2 ipv6 dup-addr-detect-transmits '1'
set interfaces bridge br2 member interface eth0
set interfaces bridge br2 member interface eth1.2
set interfaces bridge br2 member interface eth3
set interfaces bridge br2 member interface eth4
set interfaces bridge br2 stp
set interfaces ethernet eth0 description 'LAN'
set interfaces ethernet eth0 hw-id '00:98:2b:f8:3f:11'
set interfaces ethernet eth0 ipv6 address
set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits '1'
set interfaces ethernet eth1 description 'Trunk'
set interfaces ethernet eth1 hw-id '00:98:2b:f8:3f:12'
set interfaces ethernet eth1 vif 1 description 'vlan 1 of eth1'
set interfaces ethernet eth1 vif 2 description 'vlan 2 of eth1'
set interfaces ethernet eth2 description 'LAN'
set interfaces ethernet eth2 hw-id '00:98:2b:f8:3f:13'
set interfaces ethernet eth3 description 'LAN'
set interfaces ethernet eth3 hw-id '00:98:2b:f8:3f:14'
set interfaces ethernet eth4 description 'LAN'
set interfaces ethernet eth4 hw-id '00:98:2b:f8:3f:15'
set interfaces ethernet eth5 description 'WAN'
set interfaces ethernet eth5 disable-flow-control
set interfaces ethernet eth5 firewall in name 'wan'
set interfaces ethernet eth5 firewall local name 'wan-local'
set interfaces ethernet eth5 hw-id '00:98:2b:f8:3f:16'
set interfaces pppoe pppoe0 authentication password 'user'
set interfaces pppoe pppoe0 authentication user 'passwd'
set interfaces pppoe pppoe0 default-route 'auto'
set interfaces pppoe pppoe0 description 'ISP'
set interfaces pppoe pppoe0 ipv6 address autoconf
set interfaces pppoe pppoe0 ipv6 enable
set interfaces pppoe pppoe0 mtu '1492'
set interfaces pppoe pppoe0 source-interface 'eth5'
set nat nptv6 rule 2 description 'IPv6 NPT'
set nat nptv6 rule 2 outbound-interface 'pppoe0'
set nat nptv6 rule 2 source prefix 'fc00:470:f1cd::/48'
set nat nptv6 rule 2 translation prefix '240e:fc:7d:64b9::/64'
set nat source rule 1 description 'PUBLIC'
set nat source rule 1 log 'enable'
set nat source rule 1 outbound-interface 'pppoe0'
set nat source rule 1 protocol 'all'
set nat source rule 1 source address '0.0.0.0/0'
set nat source rule 1 translation address 'masquerade'
set protocols static interface-route 0.0.0.0/0 next-hop-interface pppoe0
set protocols static interface-route6 ::/0 next-hop-interface pppoe0
set protocols static table 150 interface-route 0.0.0.0/0 next-hop-interface pppoe0
set protocols static table 150 interface-route6 ::/0 next-hop-interface pppoe0
set service dhcp-server shared-network-name pri101 description 'DHCP 101'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 default-router '192.168.101.1'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.0.254'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.101.1'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.0.1'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.0.1'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 lease '86400'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 ntp-server '192.168.101.1'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 range 0 start '192.168.101.8'
set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 range 0 stop '192.168.101.254'
set service dhcpv6-server preference '0'
set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 address-range start fc00:470:f1cd:101::8 stop 'fc00:470:f1cd:101:ffff:ffff:ffff:ffff'
set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd::ff00'
set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd::1'
set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd:101::1'
set service dns forwarding allow-from '192.168.0.0/16'
set service dns forwarding allow-from '2001:470:f1cd::/48'
set service dns forwarding cache-size '1024'
set service dns forwarding domain pve. server '192.168.0.47'
set service dns forwarding domain pve. server '2001:470:f1cd::47'
set service dns forwarding listen-address '0.0.0.0'
set service dns forwarding listen-address '::'
set service dns forwarding name-server '2001:470:f1cd::ff00'
set service dns forwarding name-server '192.168.0.254'
set service dns forwarding name-server '202.96.134.33'
set service dns forwarding name-server '202.96.128.86'
set service dns forwarding name-server '114.114.114.114'
set service dns forwarding name-server '1.1.1.1'
set service dns forwarding name-server '1.0.0.1'
set service dns forwarding system
set service https virtual-host vhost0 listen-address '*'
set service https virtual-host vhost0 server-name '192.168.0.1'
set service mdns repeater interface 'br1'
set service mdns repeater interface 'br2'
set service router-advert interface br1
set service router-advert interface br2 name-server 'fc00:410:f1cd:101::1'
set service ssh listen-address '0.0.0.0'
set system acceleration
set system config-management commit-revisions '100'
set system console device ttyS0 speed '115200'
set system domain-name 'router'
set system host-name 'vyos'
set system ip arp table-size '2048'
set system ip multipath layer4-hashing
set system ipv6 multipath layer4-hashing
set system ipv6 neighbor table-size '2048'
set system ipv6 strict-dad
set system login user vyos authentication encrypted-password '$6$UaXQViDvJ.Hr$85U/9Q5d/tc9hdtrnntMVgrztOCext..OJCHaJYZUo82GAdD95lchvSjI3vCZJTNte7cIAs87YctYlXODGXAz1'
set system login user vyos authentication plaintext-password ''
set system name-server '192.168.0.1'
set system ntp allow-clients address '192.168.0.0/16'
set system ntp allow-clients address 'fc00:470:f1cd::/48'
set system ntp listen-address '::'
set system ntp listen-address '0.0.0.0'
set system ntp server 0.debian.pool.ntp.org
set system ntp server 1.debian.pool.ntp.org
set system ntp server 2.debian.pool.ntp.org
set system ntp server 3.debian.pool.ntp.org
set system sysctl custom net.ipv4.conf.all.rp_filter value '0'
set system sysctl custom net.ipv4.conf.default.rp_filter value '0'
set system sysctl custom net.ipv4.conf.eth0.rp_filter value '0'
set system sysctl custom net.ipv6.conf.all.accept_ra value '2'
set system sysctl custom net.ipv6.conf.all.forwarding value '1'
set system syslog global facility all level 'info'
set system syslog global facility protocols level 'debug'
set system time-zone 'Asia/Shanghai'

These two days I will try to simulate the failure in the network simulator.

How does vyos timeout PPPoE?

The following errors have just occurred in my system:

Script /etc/ppp/ip-up started (pid 3439)
Script /etc/ppp/ipv6-up finished (pid 3424), status = 0x0
Script /etc/ppp/ip-up finished (pid 3439), status = 0x0
Modem hangup
Connect time 0.1 minutes.
Sent 228 bytes, received 0 bytes.
Script /etc/ppp/ip-down started (pid 3495)
Script /etc/ppp/ipv6-down started (pid 3496)
Connection terminated.
Connect time 0.1 minutes.
Sent 228 bytes, received 0 bytes.
Send PPPOE Discovery V1T1 PADT session 0x7e7c length 0
dst 70:62:ac:bb:00:08 src 00:98:2b:f8:3f:16
Sent PADT
Script /etc/ppp/ipv6-down finished (pid 3496), status = 0x0
Script /etc/ppp/ip-down finished (pid 3495), status = 0x0
Terminating on signal 15

There are still some problems about IPv6, even when I restart it, I can't get IPv6 immediately. I don't know when it has some impact on my ISP environment, but it may be a bug that is hard to find. In a previous version of 1.2, IPv6 was acquired normally. Is it necessary for the official to cross compare with the latest version of 1.2.3? (may be 1.2.3, I hope I remember correctly)

jack9603301 renamed this task from After setting PPPoE to obtain IPv6 from ISP, you must restart the system to take effect to After PPPoE 0 is restarted, the default static route is lost.EditedWed, May 13, 5:55 PM

@c-po I suspect that the problem has been found, but after I executed the restart PPPoE command, the default travel was lost. My configuration name wrote the following static route:

interface-route 0.0.0.0/0 {
    next-hop-interface pppoe0 {
    }
}
interface-route6 ::/0 {
    next-hop-interface pppoe0 {
    }
}
table 150 {
    interface-route 0.0.0.0/0 {
        next-hop-interface pppoe0 {
        }
    }
    interface-route6 ::/0 {
        next-hop-interface pppoe0 {
        }
    }
}

But it disappeared after disconnect interface pppoe0.

jack9603301 lowered the priority of this task from High to Normal.Wed, May 13, 6:08 PM
jjakob added a subscriber: jjakob.EditedWed, May 13, 6:31 PM

Maybe you need pppoe option +ipv6 ipv6cp-use-ipaddr?
https://askubuntu.com/questions/56890/ipv6-over-pppoe
I don't use IPv6 over PPPoE so I don't know much more unfortunately.
Edit: if I understand that option correctly, it tells pppd to assign the address itself, so you don't need (must not use) ipv6 address autoconf in that case. It all depends on how your ISP implements IPv6 - autoconf is for SLAAC only.

@jjakob @c-po Execute the following command. Although the default route can be generated automatically, it may be a bug in the current PPPoE function. In a specific environment, restarting PPPoE dialing will not maintain dialing status!

set interfaces pppoe pppoe0 default-route force

Restart PPPoE dial command as follows:

disconnect interface pppoe0
connect interface pppoe0

Executing the above restart dialing command, a strange thing will happen, that is, the acquired IP cannot be reserved, and the dialing will be restarted continuously. I know that this problem may only occur in a specific environment, so the official recurrence is very difficult. Through the analysis of examples, I think the only valuable problem is the generation of a signal 15!

No one to follow up? I know this problem may be strange, but it does happen to me!

c-po added a comment.EditedThu, May 21, 4:33 PM

@jack9603301 bumping tasks won't make it faster - it usually has the opposite effect

Only prioritizing this as I plan a PPPoE upgrade soon of my access devices and this should be fixed.

The root cause is the transition to systemd, which will automatically respawn the processes, thus also connect/disconnect should interact with systemd instead of calling pon/poff manually.

c-po changed the task status from Open to Confirmed.Thu, May 21, 4:37 PM
c-po claimed this task.
c-po changed the task status from Confirmed to Needs testing.Thu, May 21, 5:06 PM
c-po closed this task as Resolved.Fri, May 22, 9:43 AM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Tue, Jun 2, 5:50 PM