Once I noticed the following error in the /var/log/accel-ppp/accel-ppp.log:
info: ipoe178: [0;39m2c:56:dc:3b:f6:00: authentication succeeded
error: ipoe178: [0;39mipoe: nl_modify: File exists
info: ipoe178: [0;39mipoe: session finished
Most often, this error can occur when client authorization is configured, for example, only at the mac address and two different devices with the same mac address try to log in, in other words, it can be called duplication of the session.
When I got this error, I went to the Cisco switch in the network core and looked at the mac address:
show mac-address-table address 2c:56:dc:3b:f6:00
As expected, the mac address was displayed simultaneously on different ports and in different VLANs:
vlan mac address type learn age ports ------+----------------+--------+-----+----------+-------------------------- Active Supervisor: * 706 2c56.dc3b.f600 dynamic Yes 0 Gi1/13 * 949 2c56.dc3b.f600 dynamic Yes 0 Gi1/15
To solve the problem, I went to the D-Link 3200A1 switch, which was standing on the house and blocked the illegal MAC address through the ACL:
create access_profile ethernet source_mac FF-FF-FF-FF-FF-FF profile_id 1 config access_profile profile_id 1 add access_id 1 ethernet source_mac 2C-56-DC-3B-F6-00 port 7 deny create access_profile ethernet destination_mac FF-FF-FF-FF-FF-FF profile_id 2 config access_profile profile_id 2 add access_id 2 ethernet destination_mac 2C-56-DC-3B-F6-00 port 7 deny
After that, the error disappeared.
To avoid such errors, you must use DHCP Option82 to bind the client to the switch port, or better yet, QinQ.
If necessary, you can end the session on accel-ppp:
telnet 127.0.0.1 2000 show sessions match username 2c:56:dc:3b:f6:00 terminate if ipoe178 soft