Page MenuHomeVyOS Platform

PPPoE server wrong vlan-range generating config
Closed, ResolvedPublicBUG

Description

Reproducing steps:

set interfaces ethernet eth1 vif 1000
set service pppoe-server authentication mode 'radius'
set service pppoe-server authentication protocols 'chap'
set service pppoe-server authentication radius server 192.168.0.1 key 'xxx'
set service pppoe-server client-ip-pool subnet '100.64.0.0/16'
set service pppoe-server gateway-address '10.0.0.1'
set service pppoe-server interface eth1.1000 vlan-range '1-4095'
set service pppoe-server name-server '1.1.1.1'
set service pppoe-server name-server '8.8.8.8'
set service pppoe-server service-name 'test'

In config, we can see

[pppoe]
verbose=1
ac-name=vyos-ac

interface=eth1.1000
vlan-mon=eth1.1000,,1-4095
interface=re:\.\d+

But expected

vlan-mon=eth1.1000,1-4095
interface=re:eth1\.1000\.\d+

Details

Difficulty level
Normal (likely a few hours)
Version
1.4-rolling-202102250218
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Dmitry changed the task status from Open to Confirmed.Feb 25 2021, 1:53 PM
Dmitry created this task.

PR https://github.com/vyos/vyos-1x/pull/754

[email protected]# cat /run/accel-pppd/pppoe.conf | grep pppoe] -A7
[pppoe]
verbose=1
ac-name=vyos-ac

interface=eth1.1000
vlan-mon=eth1.1000,1-4095
interface=re:eth1\.1000\.\d+

[edit]
Viacheslav changed the task status from Confirmed to Needs testing.Feb 28 2021, 4:24 PM

Good job! I think there exists one remark. If we set set service pppoe-server interface eth1 vlan-id '50' that means you want to listen to pppoe client on eth1.50, but in config you have

vlan-mon=eth1,50
interface=re:eth1\.\d+

e.g. eth1\.\d+ mean all vlans in eth1, even eth1.50.50.50 will fit for this regular expression
I propose do not to use a regular expression for vlan-id, as an example:

  1. set service pppoe-server interface eth1 vlan-id '50'
vlan-mon=eth1,50
interface=eth1.50

Yes, sure. It will work only if one vlan-id defined, e.g. if you configure a couple vlan-id you will get wrong syntax"

set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1 vlan-id '60'

In generated config

vlan-mon=eth1,50,60
interface=eth1.50,60

Expected:

vlan-mon=eth1,50,60
interface=eth1.50
interface=eth1.60

Update pr

VyOS config

set interfaces ethernet eth1 vif 1000
set service pppoe-server authentication mode 'radius'
set service pppoe-server authentication protocols 'chap'
set service pppoe-server authentication radius server 192.168.0.1 key 'xxx'
set service pppoe-server client-ip-pool subnet '100.64.0.0/16'
set service pppoe-server gateway-address '10.0.0.1'
set service pppoe-server interface eth1.1000 vlan-range '1-4095'
set service pppoe-server name-server '1.1.1.1'
set service pppoe-server name-server '8.8.8.8'
set service pppoe-server service-name 'test'
set service pppoe-server interface eth2 vlan-id '50'
set service pppoe-server interface eth2 vlan-id '60'

Accel-ppp config section pppoe

[pppoe]
verbose=1
ac-name=vyos-ac

vlan-mon=eth1.1000,1-4095
interface=re:eth1\.1000\.\d+
interface=eth2.50
vlan-mon=eth2,50
interface=eth2.60
vlan-mon=eth2,60

@Viacheslav , thanks for improving, now it works properly. I found one interesting moment, it looks like we cant configure via CLI listen to PPPoE clients on interfaces eth1 and eth1.50 or eth1.something at the same time.

[email protected]# run show configuration commands | match "pppoe-server interface"
set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1.1000 vlan-range '1-4095'
[edit]
[email protected]# set service pppoe-server interface eth1 

  Configuration path: [service pppoe-server interface eth1] already exists

[edit]

I remember we discussed this issue, I hope we find a solution.

One solution that I see, uses vif/svlan/cvlan.

set service pppoe-server interface eth1
set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1 svlan 1000 vlan-range '1-4095'

Is there any sense to listen eth1 untagged and tagged/double-tagged at the same time?
It seems to me that we need to reconsider the CLI.

@Viacheslav . Ok this is not a problem, because we have a workaround with pseudo ethernet interfaces

set interfaces pseudo-ethernet peth1 source-interface 'eth1'
set service pppoe-server interface peth1 
set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1 svlan 1000 vlan-range '1-4095'

Now all looks good and works properly, but need to add better help value

[email protected]# set service pppoe-server interface eth3 vlan-id 
Possible completions:
   <text>       VLAN monitor for the automatic creation of vlans (user per vlan)
                
[edit]
[email protected]# set service pppoe-server interface eth3 vlan-range 
Possible completions:
   <text>       VLAN monitor for the automatic creation of vlans (user per vlan)

Instead of <text> add 0-4095

I think vlan range should be 1-4094

[email protected]:/home/vyos# ip link add link eth1 name eth1.4095 type vlan id 4095
Error: 8021q: Invalid VLAN id.

If we add "svlan" should we use migration scripts?

set service pppoe-server interface eth1 svlan 1000

@Viacheslav, thanks.
Already fixed in roling

[email protected]# set service pppoe-server interface eth0 vlan-range 
Possible completions:
   start-end            VLAN monitor range for the automatic creation of vlans (e.g. 1-4094)
                        

      
[edit]
[email protected]# set service pppoe-server interface eth0 vlan-range 
Possible completions:
   start-end            VLAN monitor range for the automatic creation of vlans (e.g. 1-4094)
Dmitry claimed this task.