Возможности. MAC атворизация L2/L3 Unnubered IP Выдача адресов через RADIUS QinQ В работе: 1/10. Accel-IPOE.


Чтобы посмотреть этот PDF файл с форматированием и разметкой, скачайте его и откройте на своем компьютере.
2018/03/01 16:10
1/10
Accel-IPOE
Advanced Billing Solution - http://abills.net.ua/wiki/
Accel-IPOE
Accel-IPOE
,
http://accel-ppp.org/
���76=AB8
MAC
�0B2@870F8O
L2/L3
Unnubered IP
�K40G0 04@5A2 G5@57
RADIUS
QinQ
� @01B5:
!5@25@:
2*Intel(R) Xeon(R) CPU X5650 @ 2.67GHz / 8G / SSD Samsung 850 Pro 128 Gb
!5B520O:
2*Intel(R) 10 Gigabit Network Connection 82599
!:
Ubuntu 16.04
�!7405
vlan
8=B5@D59AK
�102;5=85
vlan
2
Ubuntu
�0AB@9:0
Accel-Ipoe
Ubuntu 12.4/14.4
apt-get update
cd /usr/src
apt-get install make cmake libcrypto++-dev libssl-dev libpcre3 libpcre3-dev git lua5.1 liblua5.1-0-dev
apt-get install linux-headers-`uname -r`
Last update: 2018/03/01 15:10
abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/doku.php/abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/
Printed on 2018/03/01 16:10
4;O 12.04
git clone git://git.code.sf.net/p/accel-ppp/code accel-ppp.git
4;O 14.04
wget http://netix.dl.sourceforge.net/project/accel-ppp/accel-ppp-1.10.0.tar.bz2
tar -xjf accel-ppp-1.10.0.tar.bz2
mkdir accel-ppp-build
cd accel-ppp-build
4;O 12.04
cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DKDIR=/usr/src/linux-headers-`uname -r` -DRADIUS=TRUE -
DSHAPER=TRUE -DLOG_PGSQL=FALSE -DLUA=TRUE -DBUILD_IPOE_DRIVER=TRUE ../accel-ppp.git
4;O 14.04
cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DKDIR=/usr/src/linux-headers-`uname -r` -DRADIUS=TRUE -
DSHAPER=TRUE -DLOG_PGSQL=FALSE -DLUA=TRUE -DBUILD_IPOE_DRIVER=TRUE ../accel-ppp-1.10.0
make
make install
��?4:;NG5=85 4C;O 2 A8AB55
insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
� CG=0O =0AB@9:0
�!:@8?B 02B70?CA:0
nano /etc/init.d/accel-ppp
2AB02;O5
#!/bin/sh
# /etc/init.d/accel-ppp: set up the accel-ppp server
### BEGIN INIT INFO
# Provides: accel-ppp
# Required-Start: $networking
# Required-Stop: $networking
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
### END INIT INFO
set -e
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin;
ACCEL_PPTPD=`which accel-pppd`
. /lib/lsb/init-functions
2018/03/01 16:10
3/10
Accel-IPOE
Advanced Billing Solution - http://abills.net.ua/wiki/
if test -f /etc/default/accel-ppp; then
. /etc/default/accel-ppp
fi
if [ -z $ACCEL_PPPTD_OPTS ]; then
ACCEL_PPTPD_OPTS="-c /etc/accel-ppp.conf"
fi
case "$1" in
start)
log_daemon_msg "Starting accel-ppp server" "accel-pppd"
if [ x`lsmod |awk /ipoe/'{print $1}'` = x ]; then
insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
fi
if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-
pppd.pid $ACCEL_PPTPD_OPTS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
restart)
log_daemon_msg "Restarting accel-ppp server" "accel-pppd"
if [ x`lsmod |awk /ipoe/'{print $1}'` = x ]; then
insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
fi
start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-
pppd.pid $ACCEL_PPTPD_OPTS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
log_daemon_msg "Stopping accel-ppp server" "accel-pppd"
start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
log_end_msg 0
;;
status)
do_status
;;
*)
log_success_msg "Usage: /etc/init.d/accel-ppp {start|stop|status|restart}"
exit 1
;;
esac
exit 0
chmod +x /etc/init.d/accel-ppp
update-rc.d accel-ppp defaults
�!7405 D09;
lua
nano /etc/accel-ppp.lua
2AB02;O5
function username(pkt)
return pkt:hdr('chaddr')
end
Last update: 2018/03/01 15:10
abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/doku.php/abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/
Printed on 2018/03/01 16:10
��� B0F8O ;32
nano /etc/logrotate.d/accel-ppp
2AB02;O5
/var/log/accel-ppp/*.log {
rotate 7
daily
size=100M
compress
missingok
sharedscripts
postrotate
test -r /var/run/accel-pppd.pid && kill -HUP `cat /var/run/accel-pppd.pid`
endscript
}
Dictionary
nano /usr/local/share/accel-ppp/radius/dictionary
�&#x 2;&#x :;�?8AK205 2 :=5F
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr
ATTRIBUTE DHCP-Mask 242 integer
ATTRIBUTE L4-Redirect 243 integer
ATTRIBUTE L4-Redirect-ipset 244 string
ATTRIBUTE DHCP-Option82 245 octets
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer
�$09; :=D83C@0F88
nano /etc/accel-ppp.conf
2AB02;O5
#ABillS
[modules]
log_file
radius
ipoe
2018/03/01 16:10
5/10
Accel-IPOE
Advanced Billing Solution - http://abills.net.ua/wiki/
ippool
shaper
pptp
pppoe
auth_mschap_v2
auth_pap
auth_chap_md5
auth_mschap_v1
chap-secrets
sigchld
#pppd_compat
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=1
#[common]
#single-session=replace
#sid-case=upper
#sid-source=seq
[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
#nas-identifier=accel-ipoe
nas-ip-address=192.168.1.1
server=127.0.0.1,radsecret,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-
fail=10,weight=1
dae-server=192.168.1.1:3799,radsecret
verbose=100
attr-tunnel-type=NAS-Identifier
gw-ip-address=192.168.1.1
[ipoe]
verbose=100
username=lua:username
lua-file=/etc/accel-ppp.lua
lease-time=300
max-lease-time=300
attr-dhcp-client-ip=Framed-IP-Address
gw-ip-address=10.0.0.1/24
proxy-arp=1
shared=1
ifcfg=1
mode=L2
start=dhcpv4
interface=eth0
#agent-remote-id=accel-ppp
attr-dhcp-opt82=DHCP-Option82
#[ip-pool]
#gw-ip-address=192.168.0.1/24
#attr=Framed-Pool
#192.168.0.2-254,name=pool1
#[lcp]
#echo-interval=30
#echo-failure=3
[pptp]
bind=192.168.1.1
verbose=1
mppe=allow
echo-interval=30
[ppp]
verbose=1
min-mtu=1400
mtu=1492
mru=1492
Last update: 2018/03/01 15:10
abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/doku.php/abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/
Printed on 2018/03/01 16:10
#ccp=0
#sid-case=lower
mppe=allow
#ipv4=require
#lcp-echo-interval=3
#lcp-echo-failure=9
[pppoe]
interface=eth0
nas-identifier=accel-pppoe
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
#ifname-in-sid=called-sid
#tr101=1
verbose=1
[client-ip-range]
#10.0.0.0/8
[dns]
dns1=8.8.8.8
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
copy=1
color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=100
[shaper]
attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#mtu=0
#r2q=10
#quantum=1500
#moderate-quantum=1
#hightspeed shaper
ifb=ifb0
cburst=1534
up-limiter=htb
down-limiter=htb
#low speed shaper
#up-limiter=police
#down-limiter=tbf
#leaf-qdisc=sfq perturb 10
#leaf-qdisc=fq_codel [limit PACKETS] [flows NUMBER] [target TIME] [interval TIME] [quantum BYTES]
[[no]ecn]
#rate-multiplier=1
#fwmark=1
attr-down=PPPD-Downstream-Speed-Limit
attr-up=PPPD-Upstream-Speed-Limit
verbose=10
[pppd-compat]
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#radattr-prefix=/var/run/radattr
verbose=1
[cli]
verbose=100
2018/03/01 16:10
7/10
Accel-IPOE
Advanced Billing Solution - http://abills.net.ua/wiki/
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
password=radsecret
[snmp]
master=0
agent-name=accel-ppp
[connlimit]
limit=10/min
burst=3
timeout=60
��1028BL ?0@K 2 A;20@L
radius
raddb/dictionary
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr ATTRIBUTE DHCP-Mask 242 integer
ATTRIBUTE L4-Redirect 243 integer ATTRIBUTE L4-Redirect-ipset 244 string ATTRIBUTE
DHCP-Option82 245 octets
�KAB@0O =0AB@9:0
cd /usr/abills/misc/
./autoconf PROGRAMS=accel_ppp
**accel-ppp.conf**
FREERADIUS
��2K405B B;L:
ip
��&#xC ;;&#xO ;&#x:0;d�&#xC ;;&#xO ;&#x:0;d���04@5A0 ?MBC 4;O :0643 @07402053 ?C;0 2
@0745;5
[ipoe]
C:07K209B5 H;N7 8 0A:C.
gw-ip-address=10.0.0.1/24
�0AB@9:0
ABillS
��/ 0AB@9:8 / !5@25@0 4ABC?0
Alive:
@5O 564C
RADIUS Alive
&#x8.;&#x  ;&#x5:;�?0:5B08.  5:5=4C5BAO 300
Nas-Identier
�Z&#xB=;�Z&#xB=;�A;8 A25AB= 8A?;L7C5B5
PPPoE
8
IPoE
���2 MB ?;5 =C6= 225AB8
ipoe
Type:
Linux accel-ipoe
IP:PORT:
����? 04@5A 8 ?@B A5@25@0. @B ? C;G0=8N 3799 8 2001 4;O
telnet. (127.0.0.1:3799:2001)
Password:
�?0@;L 4;O
Disconnect Message
[&#x@5;&#x :;�[&#x@5;&#x :;�[&#x@5;&#x :;�[&#x@5;&#x :;�C:07K205BAO 2 ?0@05B@5 :=D83C@0F8==3 D09;0
/etc/accel-ppp.conf,
���B0:65 MBB ?0@;L 8A?;L7C5BAO :0:
RADIUS secret
=80=85
�Z&#xB=;�Z&#xB=;�Z&#xB=;�Z&#xB=;�&#x D;‡&#x8G;Z&#x:0;A;8 A25AB= 8A?;L7CNBAO =0 4= D878G5A: A5@25@5
accel ipoe
8
pppoe
8;8
pptp
Last update: 2018/03/01 15:10
abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/doku.php/abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/
Printed on 2018/03/01 16:10
�����B340 4;O :0643 A5@28A0 =C6= 7025AB8 B45;L=K9
NAS
�2 18;;8=35, 0 2 ?;5
Nas-
Identier
�� =0AB@5: A5@25@0 4ABC?0 C:070BL B8? A5@28A0
(ipoe, pppoe
8;8
pptp)
�82 ?;5
"8?
2K1@0BL 4;O
IPOE - accel_ipoe,
0 4;O
pppoe
8
pptp - accel_ppp
cong.pl
���?;=8B5;L=K5 ?F88
$conf{NAS_PORT_AUTH}=1;
����&#x 5;0&#x 5;02B@8720BLAO 01=5=B0 A CGQB 53 ?@B0
�?4:;NG5=8O
(SWITCH,PORT).
0: 04@5A =5 CG8BK205BAO.
&#x0 ;
;T‹&#x G;°&#x0 ;
;T‹&#x G;°&#x0 ;
;T‹&#x G;°&#x0 ;
;T‹&#x G;°!8AB50 A;548B GB 1K =0 ?@BC 1K; =5 1;LH5 1
�‡&#x8@;�‡&#x8@;�‡&#x8@;�‡&#x8@;�02B0B878@20==3 01=5=B0.
$conf{DHCPHOSTS_SWITCH_MAC_AUTH}='1,2, &';
�������!?8A: :CB0B@2 2 :B@KE ?@8=C48B5;L=
���&#x0:;&#x 0;&#x4@;Z&#xC ;&#x?@;&#x8 ;&#x2:;&#x;N;&#xGQ;&#x==;�&#x0:;&#x 0;&#x4@;Z&#xC ;&#x?@;&#x8 ;&#x2:;&#x;N;&#xGQ;&#x==;�02B@878@20BL ? 0: 04@5AC ?@8 2:;NGQ==9 ?F88
$conf{DHCPHOSTS_PORT_BASE}
$conf{ACCEL_IPOE_GUEST_POOL}='NAS_ID:POOL_ID'
����1JO2;5=85 3AB523 ?C;0 04@5A2. 0==K9 ?C;
��&#x 0;2K40QBAO =5 02B@878@20==K 01=5=B0.
$conf{DHCPHOSTS_LEASES}='db';
��:;NG5=85 2 =8B@8=30
leases
A5AA89
$conf{ACCEL_IPOE_DEBUG}=1;
&#xK ;� 568K B;04:8
1 -  568 A5AA89 (D09;
: /tmp/rad_dhcp)
&#x 0;&#x 0;&#x 0;2 -  568 B25B2 02B@870F88. ($09;
: /tmp/rad_reply)
&#x 2;&#xK@;&#x5=;‰&#x 4;&#x;O;&#x ?;&#x@0;[&#x@0;3 -  568 2K@065=89 4;O ?@25@:8 ?0@05B@2
Option
82 (
$09;
/tmp/dhcphosts_expr)
2018/03/01 16:10
9/10
Accel-IPOE
Advanced Billing Solution - http://abills.net.ua/wiki/
$conf{AUTH_EXPR}='-';
��������"0: :0: ?@87248B5;8 1@C420=8O (:CB0B@2) =5
��&#x8@;�2A5340 ?@845@6820NBAO AB0=40@B2 ?@8 D@8@20=85
��70?@A2
DHCP Option 82
&#x5 ;&#x1K;&#x;0;&#x A;�2 A8AB55 1K;0 A740=0
����276=ABL 7040BL @53C;O@=5 2K@065=85 4;O
�[&#x@0;?;CG5=8O =C6=KE ?0@05B@2 87
DHCP
�70?@A0 .
����A?;L720BL 4?;=8B5;L=K5 2K@065=8O 4;O
�����?;CG5=8O :@@5:B=KE 40==KE A 70?@A2 B
�����[&#x@K;&#x 0;:CB0B@2 2 :B@KE ?0@05B@K ?F88 82
��B;8G0NBAO B AB0=40@B=KE.
�&#x 2;&#xK@;&#x5=;&#x8O;&#x G;&#x5@;W&#x B;�&#x 2;&#xK@;&#x5=;&#x8O;&#x G;&#x5@;W&#x B;�D@0B 2K@065=8O G5@57 BG:C A 70?OB9:
�@048CA_?0@0:CA;28O:?5@55==K5
:hex2ansii;
�CA;28O
?5@55==K5 &.
@048CA_?0@0
� - @048CA ?0@0 70?@A0
�CA;28O
�� - CA;28O ?8A:0
Perl
2K@065=85
?5@55==K5
- ?5@55==K5 @57C;LB0B0
VLAN PORT MAC
MAC_DEC (
&#x0:;&#x =;&#x5 ;&#x=C;&#x6=;�&#x0:;&#x =;&#x5 ;&#x=C;&#x6=;�&#x0:;&#x =;&#x5 ;&#x=C;&#x6=;�5A;8 0: =5 =C6= ?@51@072K20BL 2
��H5AB=04F0B5@8G=K9 87 45AOB5@8G=3
) PORT_DEC (
5A;8
������=5 =C6= ?@51@072K20BL ?@B 87 45AOB5@8G=3 2
�H5AB=04F0B5@8G=K9 D@0B0)
hex2ansii
� - 5A;8 C:070= TBB ?0@05B@ A8AB50 ?5@54
&#x5=;&#x=K;&#xE ;&#x?@;P&#x5=;&#x=K;&#xE ;&#x?@;P2KG8A;5=85 =C6=KE ?5@55==KE ?@51@07C5B AB@:C A
���&#x0 ;&#x2 ;µ&#x:A;°H5AB=04F0B5@8G=3 D@0B0 2 B5:AB2K9
&#x ?;�[&#x@0;&#x ?;&#x@0;[&#x@0;&#x ?;&#x@0;A8AB50  ?;CG5=88 ?0@05B@0 ?@25@O5B =C6= ;8
��8A?;L720BL 2=5H=85 2K@065=8O 5A;8 40 =0G8=05B
����?@E48BAO ? A?8A:C ?@8 ??040=88 2 ?0@05B@K
�&#x0 ;&#x?0;?5@51@ ?@5:@0I05BAO 8 A8AB50 ?4AB02;O5B
2K1@0==K5
VLAN PORT MAC MAC_DEC (
&#x0:;&#x =;&#x5 ;&#x=C;&#x6=;�5A;8 0: =5 =C6=
���?@81@072K20BL 2 45AOB8G=K9 D@0 87
��H5AB=04F0B8@8G=3
) PORT_DEC (
�5A;8 =5 =C6=
�����?@81@072K20BL ?@B 87 45AOB5@8G=3
���H5AB=04F0B8@8G=3 D@0B0) 2
DHCP-Agent-Circuit-Id
8
DHCP-Agent-Remote-Id
40;LH5 C65 84CB AB0=40@B=K5
��?@F54C@K @01BK A
DHCP.
@8 2:;NG5=88 2K@065=89
&#x0 ;�&#x0 ;�&#x0 ;��A8AB50 B:;NG05B H01;= ? C;G0=8N 4;O
����@0A?7=020=8O :CB0B@2.
@85@K 2K@065=89
$conf{AUTH_PARAMS}=1;
������[&#x@0;2B@870F8O ? A2:C?=AB8 70?;=5==KE ?0@05B@2
MAC,PORT,VLAN,NAS_ID
�����@8 8A?;L720=88 40==9 ?F88 B:;NG8B5
$conf{DHCPHOSTS_PORT_BASE}
��&#x5=;&#x5=;‰&#x ?;����A;5 2=5A5=8O :0:8E ;81 875=5=89 ? 4C;N 2 :=D83C@0F8==K9 D09;
?5@5703@C609B5
RADIUS
H81:8
�������A;8 GB B @01B05B =5 B0: :0: ?;0=8@20;AL AB@8B5 ;38 2
/var/log/accel-ppp/
���?;=8B5;L=
�1AC645=85 =0 D@C5
Last update: 2018/03/01 15:10
abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/doku.php/abills:docs:nas:linux:accel_ipoe:ru
http://abills.net.ua/wiki/
Printed on 2018/03/01 16:10
From:
http://abills.net.ua/wiki/
-
Advanced Billing Solution
Permanent link:
http://abills.net.ua/wiki/doku.php/abills:docs:nas:linux:accel_ipoe:ru
Last update:
2018/03/01 15:10

Приложенные файлы

  • pdf 7009826
    Размер файла: 112 kB Загрузок: 0

Добавить комментарий