From: "Peter Müller" <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 2/2] Tell pppd not to ask for IPv6 addresses during dial-up
Date: Sat, 10 Jul 2021 23:13:06 +0200 [thread overview]
Message-ID: <11b68712-1e67-ff26-dfd5-57b3f8111ed2@ipfire.org> (raw)
In-Reply-To: <0A68CFA0-94FD-4491-A8E9-EFD5BD1FC0FE@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 10881 bytes --]
Hello Michael,
thanks for your reply.
> Hello,
>
>> On 7 Jul 2021, at 20:49, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> pppd 2.4.9 supports IPv6 and asks for an IPv6 configuration by default.
>> Setting the received prefix in the kernel will never work, however, as
>> the rest of IPFire 2.x does not support IPv6.
>>
>> pppd notices the ISP about this, and at least Otenet (GR) and British
>> Telecom (several countries) decide to close a dial-up connection then.
>> German DTAG seems to ignore such errors silently.
>>
>> This patch adds an option to the pppd call to prevent asking for an
>> IPv6 configuration, hence avoiding this errors.
>>
>> To apply this patch, it is necessary to ship ppp 2.4.9 again. Since I
>> have no access to a testing machine behind an ISP supporting IPv6, this
>> patch unfortunately is untested.
>
> In general, but especially for such critical things, this is unacceptable.
Full ACK.
> Please look for someone who can test this.
Well, with a high level of confidence, I can tell this patch does the job, since
pppd's debug log show it is not asking for an IPv6 configuration afterwards.
A PPPoE connection attempt to my ISP looks like this running pppd 2.4.9 before applying this patch:
Jul 10 22:XX:XX maverick pppd[22492]: Plugin rp-pppoe.so loaded.
Jul 10 22:XX:XX maverick pppd[22492]: PPPoE plugin from pppd 2.4.9
Jul 10 22:XX:XX maverick pppd[22492]: pppd 2.4.9 started by root, uid 0
Jul 10 22:XX:XX maverick pppd[22492]: Send PPPOE Discovery V1T1 PADI session 0x0 length 12
Jul 10 22:XX:XX maverick pppd[22492]: dst ff:ff:ff:ff:ff:ff src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: [service-name] [host-uniq dc 57 00 00]
Jul 10 22:XX:XX maverick pppd[22492]: Recv PPPOE Discovery V1T1 PADO session 0x0 length 30
Jul 10 22:XX:XX maverick pppd[22492]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: [service-name] [host-uniq dc 57 00 00] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[22492]: Send PPPOE Discovery V1T1 PADR session 0x0 length 12
Jul 10 22:XX:XX maverick pppd[22492]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: [service-name] [host-uniq dc 57 00 00]
Jul 10 22:XX:XX maverick pppd[22492]: Recv PPPOE Discovery V1T1 PADO session 0x0 length 30
Jul 10 22:XX:XX maverick pppd[22492]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: [service-name] [host-uniq dc 57 00 00] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[22492]: Recv PPPOE Discovery V1T1 PADS session 0xe9b3 length 12
Jul 10 22:XX:XX maverick pppd[22492]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: [service-name] [host-uniq dc 57 00 00]
Jul 10 22:XX:XX maverick pppd[22492]: PADS: Service-Name: ''
Jul 10 22:XX:XX maverick pppd[22492]: PPP session is REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: Connected to REDACTED via interface red0.7
Jul 10 22:XX:XX maverick pppd[22492]: using channel 2
Jul 10 22:XX:XX maverick pppd[22492]: Using interface ppp0
Jul 10 22:XX:XX maverick pppd[22492]: Connect: ppp0 <--> red0.7
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP ConfReq id=0x1 <mru 1492> <magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP ConfReq id=0x1 <mru 1492> <magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ConfReq id=0x2 <mru 1492> <auth pap> <magic 0xc2d6cfac>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP ConfAck id=0x2 <mru 1492> <auth pap> <magic 0xc2d6cfac>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP EchoReq id=0x0 magic=0xc15c2203]
Jul 10 22:XX:XX maverick pppd[22492]: sent [PAP AuthReq id=0x1 user="REDACTED" password=<hidden>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP EchoRep id=0x0 magic=0xc2d6cfac]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [PAP AuthAck id=0x1 ""]
Jul 10 22:XX:XX maverick pppd[22492]: PAP authentication succeeded
Jul 10 22:XX:XX maverick pppd[22492]: peer from calling number REDACTED authorized
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns2 0.0.0.0>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPV6CP ConfReq id=0x1 <addr fe80::REDACTED>] <<<<<
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [IPCP ConfReq id=0x1 <addr REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPCP ConfAck id=0x1 <addr REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ProtRej id=0x1 80 57 01 01 00 0e 01 0a 6c 99 70 54 2e ec 75 2f] <<<<<
Jul 10 22:XX:XX maverick pppd[22492]: Protocol-Reject for 'IPv6 Control Protocol' (0x8057) received <<<<<
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [IPCP ConfNak id=0x1 <addr REDACTED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPCP ConfReq id=0x2 <addr REDACTED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [IPCP ConfAck id=0x2 <addr REDACTED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: local IP address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: remote IP address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: primary DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: secondary DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: Script /etc/ppp/ip-up started (pid 22541)
Jul 10 22:XX:XX maverick pppd[22492]: Script /etc/ppp/ip-up finished (pid 22541), status = 0x0
After applying this patch, these log lines are missing:
Jul 10 22:XX:XX maverick pppd[26870]: Plugin rp-pppoe.so loaded.
Jul 10 22:XX:XX maverick pppd[26870]: PPPoE plugin from pppd 2.4.9
Jul 10 22:XX:XX maverick pppd[26870]: pppd 2.4.9 started by root, uid 0
Jul 10 22:XX:XX maverick pppd[26870]: Send PPPOE Discovery V1T1 PADI session 0x0 length 12
Jul 10 22:XX:XX maverick pppd[26870]: dst ff:ff:ff:ff:ff:ff src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: [service-name] [host-uniq f6 68 00 00]
Jul 10 22:XX:XX maverick pppd[26870]: Recv PPPOE Discovery V1T1 PADO session 0x0 length 30
Jul 10 22:XX:XX maverick pppd[26870]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: [service-name] [host-uniq f6 68 00 00] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[26870]: Send PPPOE Discovery V1T1 PADR session 0x0 length 12
Jul 10 22:XX:XX maverick pppd[26870]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: [service-name] [host-uniq f6 68 00 00]
Jul 10 22:XX:XX maverick pppd[26870]: Recv PPPOE Discovery V1T1 PADO session 0x0 length 30
Jul 10 22:XX:XX maverick pppd[26870]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: [service-name] [host-uniq f6 68 00 00] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[26870]: Recv PPPOE Discovery V1T1 PADS session 0xba2c length 12
Jul 10 22:XX:XX maverick pppd[26870]: dst REDACTED src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: [service-name] [host-uniq f6 68 00 00]
Jul 10 22:XX:XX maverick pppd[26870]: PADS: Service-Name: ''
Jul 10 22:XX:XX maverick pppd[26870]: PPP session is REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: Connected to REDACTED via interface red0.7
Jul 10 22:XX:XX maverick pppd[26870]: using channel 3
Jul 10 22:XX:XX maverick pppd[26870]: Using interface ppp0
Jul 10 22:XX:XX maverick pppd[26870]: Connect: ppp0 <--> red0.7
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP ConfReq id=0x1 <mru 1492> <magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP ConfReq id=0x1 <mru 1492> <magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [LCP ConfReq id=0x2 <mru 1492> <auth pap> <magic 0xd72b5643>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP ConfAck id=0x2 <mru 1492> <auth pap> <magic 0xd72b5643>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP EchoReq id=0x0 magic=0xeeb8dc98]
Jul 10 22:XX:XX maverick pppd[26870]: sent [PAP AuthReq id=0x1 user="REDACTED" password=<hidden>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [PAP AuthAck id=0x1 ""]
Jul 10 22:XX:XX maverick pppd[26870]: PAP authentication succeeded
Jul 10 22:XX:XX maverick pppd[26870]: peer from calling number REDACTED authorized
Jul 10 22:XX:XX maverick pppd[26870]: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns2 0.0.0.0>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [IPCP ConfReq id=0x1 <addr REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [IPCP ConfAck id=0x1 <addr REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [IPCP ConfNak id=0x1 <addr REDACTED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [IPCP ConfReq id=0x2 <addr REDACTED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [IPCP ConfAck id=0x2 <addr REDACTED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: local IP address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: remote IP address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: primary DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: secondary DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: Script /etc/ppp/ip-up started (pid 26919)
Jul 10 22:XX:XX maverick pppd[26870]: Script /etc/ppp/ip-up finished (pid 26919), status = 0x0
Basically, this debug looks looks pretty much the same as it did with pppd 2.4.8 before.
While this is not a really authenticate test case, would you accept it as being sufficient?
If not, I would write a short "call for testers" mail and seek for people sitting behind
Otenet or British Telecom.
Thanks, and best regards,
Peter Müller
>
>>
>> Fixes: #12651
>>
>> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
>> ---
>> src/initscripts/networking/red | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/initscripts/networking/red b/src/initscripts/networking/red
>> index ca0a8ae58..56f8ebb66 100644
>> --- a/src/initscripts/networking/red
>> +++ b/src/initscripts/networking/red
>> @@ -410,7 +410,7 @@ case "${1}" in
>> ### Standard PPP options we always use
>> #
>> PPP_STD_OPTIONS="$PLUGOPTS usepeerdns defaultroute noipdefault noauth"
>> - PPP_STD_OPTIONS+=" default-asyncmap hide-password nodetach"
>> + PPP_STD_OPTIONS+=" default-asyncmap hide-password nodetach noipv6"
>> PPP_STD_OPTIONS+=" noaccomp nodeflate nopcomp novj novjccomp"
>> PPP_STD_OPTIONS+=" nobsdcomp user ${USERNAME} lcp-echo-interval 20"
>> PPP_STD_OPTIONS+=" lcp-echo-failure 5 ${AUTH}"
>> --
>> 2.26.2
>
next prev parent reply other threads:[~2021-07-10 21:13 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-07 19:49 [PATCH 1/2] Revert "Revert "ppp: update to 2.4.9"" Peter Müller
2021-07-07 19:49 ` [PATCH 2/2] Tell pppd not to ask for IPv6 addresses during dial-up Peter Müller
2021-07-08 10:34 ` Michael Tremer
2021-07-10 21:13 ` Peter Müller [this message]
2021-07-13 19:41 ` Call for testers: pppd 2.4.9 without IPv6 configuration, solving bug #12651 Peter Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11b68712-1e67-ff26-dfd5-57b3f8111ed2@ipfire.org \
--to=peter.mueller@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox