Accel-ppp. error nl_modify: File exists

Once I noticed the following error in the /var/log/accel-ppp/accel-ppp.log:

info: ipoe178: [0;39m2c:56:dc:3b:f6:00: authentication succeeded
error: ipoe178: [0;39mipoe: nl_modify: File exists
info: ipoe178: [0;39mipoe: session finished

Most often, this error can occur when client authorization is configured, for example, only at the mac address and two different devices with the same mac address try to log in, in other words, it can be called duplication of the session.

When I got this error, I went to the Cisco switch in the network core and looked at the mac address:

show mac-address-table address 2c:56:dc:3b:f6:00

As expected, the mac address was displayed simultaneously on different ports and in different VLANs:

  vlan   mac address     type    learn     age              ports
Active Supervisor:
*  706  2c56.dc3b.f600   dynamic  Yes          0   Gi1/13
*  949  2c56.dc3b.f600   dynamic  Yes          0   Gi1/15

To solve the problem, I went to the D-Link 3200A1 switch, which was standing on the house and blocked the illegal MAC address through the ACL:

create access_profile  ethernet  source_mac FF-FF-FF-FF-FF-FF  profile_id 1    
config access_profile profile_id 1  add access_id 1  ethernet  source_mac 2C-56-DC-3B-F6-00  port 7 deny
create access_profile  ethernet  destination_mac FF-FF-FF-FF-FF-FF  profile_id 2
config access_profile profile_id 2  add access_id 2  ethernet  destination_mac 2C-56-DC-3B-F6-00  port 7 deny

After that, the error disappeared.

To avoid such errors, you must use DHCP Option82 to bind the client to the switch port, or better yet, QinQ.

If necessary, you can end the session on accel-ppp:

telnet 2000
show sessions match username 2c:56:dc:3b:f6:00
terminate if ipoe178 soft

See also my other accel-ppp articles.

Leave a comment

Leave a Reply