From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject:
 Re: [PATCH 2/2] Tell pppd not to ask for IPv6 addresses during dial-up
Date: Sat, 10 Jul 2021 23:13:06 +0200
Message-ID: <11b68712-1e67-ff26-dfd5-57b3f8111ed2@ipfire.org>
In-Reply-To: <0A68CFA0-94FD-4491-A8E9-EFD5BD1FC0FE@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5707779661626700083=="
List-Id: <development.lists.ipfire.org>

--===============5707779661626700083==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello Michael,

thanks for your reply.

> Hello,
>=20
>> On 7 Jul 2021, at 20:49, Peter M=C3=BCller <peter.mueller(a)ipfire.org> wr=
ote:
>>
>> pppd 2.4.9 supports IPv6 and asks for an IPv6 configuration by default.
>> Setting the received prefix in the kernel will never work, however, as
>> the rest of IPFire 2.x does not support IPv6.
>>
>> pppd notices the ISP about this, and at least Otenet (GR) and British
>> Telecom (several countries) decide to close a dial-up connection then.
>> German DTAG seems to ignore such errors silently.
>>
>> This patch adds an option to the pppd call to prevent asking for an
>> IPv6 configuration, hence avoiding this errors.
>>
>> To apply this patch, it is necessary to ship ppp 2.4.9 again. Since I
>> have no access to a testing machine behind an ISP supporting IPv6, this
>> patch unfortunately is untested.
>=20
> In general, but especially for such critical things, this is unacceptable.

Full ACK.

> Please look for someone who can test this.

Well, with a high level of confidence, I can tell this patch does the job, si=
nce
pppd's debug log show it is not asking for an IPv6 configuration afterwards.

A PPPoE connection attempt to my ISP looks like this running pppd 2.4.9 befor=
e applying this patch:

Jul 10 22:XX:XX maverick pppd[22492]: Plugin rp-pppoe.so loaded.
Jul 10 22:XX:XX maverick pppd[22492]: PPPoE plugin from pppd 2.4.9
Jul 10 22:XX:XX maverick pppd[22492]: pppd 2.4.9 started by root, uid 0
Jul 10 22:XX:XX maverick pppd[22492]: Send PPPOE Discovery V1T1 PADI session =
0x0 length 12
Jul 10 22:XX:XX maverick pppd[22492]:  dst ff:ff:ff:ff:ff:ff  src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]:  [service-name] [host-uniq  dc 57 00 00]
Jul 10 22:XX:XX maverick pppd[22492]: Recv PPPOE Discovery V1T1 PADO session =
0x0 length 30
Jul 10 22:XX:XX maverick pppd[22492]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]:  [service-name] [host-uniq  dc 57 00 00=
] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[22492]: Send PPPOE Discovery V1T1 PADR session =
0x0 length 12
Jul 10 22:XX:XX maverick pppd[22492]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]:  [service-name] [host-uniq  dc 57 00 00]
Jul 10 22:XX:XX maverick pppd[22492]: Recv PPPOE Discovery V1T1 PADO session =
0x0 length 30
Jul 10 22:XX:XX maverick pppd[22492]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]:  [service-name] [host-uniq  dc 57 00 00=
] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[22492]: Recv PPPOE Discovery V1T1 PADS session =
0xe9b3 length 12
Jul 10 22:XX:XX maverick pppd[22492]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[22492]:  [service-name] [host-uniq  dc 57 00 00]
Jul 10 22:XX:XX maverick pppd[22492]: PADS: Service-Name: ''
Jul 10 22:XX:XX maverick pppd[22492]: PPP session is REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: Connected to REDACTED via interface red=
0.7
Jul 10 22:XX:XX maverick pppd[22492]: using channel 2
Jul 10 22:XX:XX maverick pppd[22492]: Using interface ppp0
Jul 10 22:XX:XX maverick pppd[22492]: Connect: ppp0 <--> red0.7
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP ConfReq id=3D0x1 <mru 1492> <=
magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ConfAck id=3D0x1 <mru 1492> <=
magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP ConfReq id=3D0x1 <mru 1492> <=
magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ConfAck id=3D0x1 <mru 1492> <=
magic 0xc15c2203>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ConfReq id=3D0x2 <mru 1492> <=
auth pap> <magic 0xc2d6cfac>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP ConfAck id=3D0x2 <mru 1492> <=
auth pap> <magic 0xc2d6cfac>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [LCP EchoReq id=3D0x0 magic=3D0xc1=
5c2203]
Jul 10 22:XX:XX maverick pppd[22492]: sent [PAP AuthReq id=3D0x1 user=3D"REDA=
CTED" password=3D<hidden>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP EchoRep id=3D0x0 magic=3D0xc2=
d6cfac]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [PAP AuthAck id=3D0x1 ""]
Jul 10 22:XX:XX maverick pppd[22492]: PAP authentication succeeded
Jul 10 22:XX:XX maverick pppd[22492]: peer from calling number REDACTED autho=
rized
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPCP ConfReq id=3D0x1 <addr 0.0.0=
.0> <ms-dns1 0.0.0.0> <ms-dns2 0.0.0.0>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPV6CP ConfReq id=3D0x1 <addr fe8=
0::REDACTED>]					<<<<<
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [IPCP ConfReq id=3D0x1 <addr REDAC=
TED>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPCP ConfAck id=3D0x1 <addr REDAC=
TED>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [LCP ProtRej id=3D0x1 80 57 01 01 =
00 0e 01 0a 6c 99 70 54 2e ec 75 2f]			<<<<<
Jul 10 22:XX:XX maverick pppd[22492]: Protocol-Reject for 'IPv6 Control Proto=
col' (0x8057) received				<<<<<
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [IPCP ConfNak id=3D0x1 <addr REDAC=
TED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: sent [IPCP ConfReq id=3D0x2 <addr REDAC=
TED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: rcvd [IPCP ConfAck id=3D0x2 <addr REDAC=
TED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[22492]: local  IP address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: remote IP address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: primary   DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: secondary DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[22492]: Script /etc/ppp/ip-up started (pid 2254=
1)
Jul 10 22:XX:XX maverick pppd[22492]: Script /etc/ppp/ip-up finished (pid 225=
41), status =3D 0x0

After applying this patch, these log lines are missing:

Jul 10 22:XX:XX maverick pppd[26870]: Plugin rp-pppoe.so loaded.
Jul 10 22:XX:XX maverick pppd[26870]: PPPoE plugin from pppd 2.4.9
Jul 10 22:XX:XX maverick pppd[26870]: pppd 2.4.9 started by root, uid 0
Jul 10 22:XX:XX maverick pppd[26870]: Send PPPOE Discovery V1T1 PADI session =
0x0 length 12
Jul 10 22:XX:XX maverick pppd[26870]:  dst ff:ff:ff:ff:ff:ff  src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]:  [service-name] [host-uniq  f6 68 00 00]
Jul 10 22:XX:XX maverick pppd[26870]: Recv PPPOE Discovery V1T1 PADO session =
0x0 length 30
Jul 10 22:XX:XX maverick pppd[26870]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]:  [service-name] [host-uniq  f6 68 00 00=
] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[26870]: Send PPPOE Discovery V1T1 PADR session =
0x0 length 12
Jul 10 22:XX:XX maverick pppd[26870]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]:  [service-name] [host-uniq  f6 68 00 00]
Jul 10 22:XX:XX maverick pppd[26870]: Recv PPPOE Discovery V1T1 PADO session =
0x0 length 30
Jul 10 22:XX:XX maverick pppd[26870]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]:  [service-name] [host-uniq  f6 68 00 00=
] [AC-name REDACTED]
Jul 10 22:XX:XX maverick pppd[26870]: Recv PPPOE Discovery V1T1 PADS session =
0xba2c length 12
Jul 10 22:XX:XX maverick pppd[26870]:  dst REDACTED  src REDACTED
Jul 10 22:XX:XX maverick pppd[26870]:  [service-name] [host-uniq  f6 68 00 00]
Jul 10 22:XX:XX maverick pppd[26870]: PADS: Service-Name: ''
Jul 10 22:XX:XX maverick pppd[26870]: PPP session is REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: Connected to REDACTED via interface red=
0.7
Jul 10 22:XX:XX maverick pppd[26870]: using channel 3
Jul 10 22:XX:XX maverick pppd[26870]: Using interface ppp0
Jul 10 22:XX:XX maverick pppd[26870]: Connect: ppp0 <--> red0.7
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP ConfReq id=3D0x1 <mru 1492> <=
magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [LCP ConfAck id=3D0x1 <mru 1492> <=
magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP ConfReq id=3D0x1 <mru 1492> <=
magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [LCP ConfAck id=3D0x1 <mru 1492> <=
magic 0xeeb8dc98>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [LCP ConfReq id=3D0x2 <mru 1492> <=
auth pap> <magic 0xd72b5643>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP ConfAck id=3D0x2 <mru 1492> <=
auth pap> <magic 0xd72b5643>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [LCP EchoReq id=3D0x0 magic=3D0xee=
b8dc98]
Jul 10 22:XX:XX maverick pppd[26870]: sent [PAP AuthReq id=3D0x1 user=3D"REDA=
CTED" password=3D<hidden>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [PAP AuthAck id=3D0x1 ""]
Jul 10 22:XX:XX maverick pppd[26870]: PAP authentication succeeded
Jul 10 22:XX:XX maverick pppd[26870]: peer from calling number REDACTED autho=
rized
Jul 10 22:XX:XX maverick pppd[26870]: sent [IPCP ConfReq id=3D0x1 <addr 0.0.0=
.0> <ms-dns1 0.0.0.0> <ms-dns2 0.0.0.0>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [IPCP ConfReq id=3D0x1 <addr REDAC=
TED>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [IPCP ConfAck id=3D0x1 <addr REDAC=
TED>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [IPCP ConfNak id=3D0x1 <addr REDAC=
TED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: sent [IPCP ConfReq id=3D0x2 <addr REDAC=
TED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: rcvd [IPCP ConfAck id=3D0x2 <addr REDAC=
TED> <ms-dns1 REDACTED> <ms-dns2 REDACTED>]
Jul 10 22:XX:XX maverick pppd[26870]: local  IP address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: remote IP address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: primary   DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: secondary DNS address REDACTED
Jul 10 22:XX:XX maverick pppd[26870]: Script /etc/ppp/ip-up started (pid 2691=
9)
Jul 10 22:XX:XX maverick pppd[26870]: Script /etc/ppp/ip-up finished (pid 269=
19), status =3D 0x0

Basically, this debug looks looks pretty much the same as it did with pppd 2.=
4.8 before.

While this is not a really authenticate test case, would you accept it as bei=
ng sufficient?
If not, I would write a short "call for testers" mail and seek for people sit=
ting behind
Otenet or British Telecom.

Thanks, and best regards,
Peter M=C3=BCller=20

>=20
>>
>> Fixes: #12651
>>
>> Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
>> ---
>> src/initscripts/networking/red | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/initscripts/networking/red b/src/initscripts/networking/r=
ed
>> index ca0a8ae58..56f8ebb66 100644
>> --- a/src/initscripts/networking/red
>> +++ b/src/initscripts/networking/red
>> @@ -410,7 +410,7 @@ case "${1}" in
>> 			### Standard PPP options we always use
>> 			#
>> 			PPP_STD_OPTIONS=3D"$PLUGOPTS usepeerdns defaultroute noipdefault noauth"
>> -			PPP_STD_OPTIONS+=3D" default-asyncmap hide-password nodetach"
>> +			PPP_STD_OPTIONS+=3D" default-asyncmap hide-password nodetach noipv6"
>> 			PPP_STD_OPTIONS+=3D" noaccomp nodeflate nopcomp novj novjccomp"
>> 			PPP_STD_OPTIONS+=3D" nobsdcomp user ${USERNAME} lcp-echo-interval 20"
>> 			PPP_STD_OPTIONS+=3D" lcp-echo-failure 5 ${AUTH}"
>> --=20
>> 2.26.2
>=20

--===============5707779661626700083==--