Install and configure accel-ppp (IPoE) for ABillS

On the test, I’ll run accel-ppp in Ubuntu Server 16.04 LTS for ABillS.

If necessary, we create vlan interfaces as I wrote here – Adding vlan to Ubuntu for ABillS

Switch to the root user:

sudo su

Install the necessary components:

apt-get update
cd /usr/src
apt-get install make cmake libcrypto++-dev libssl-dev libpcre3 libpcre3-dev git lua5.1 liblua5.1-0-dev
apt-get install linux-headers-`uname -r`

See what is the latest version of accel-ppp and download it from https://sourceforge.net/projects/accel-ppp/files/
If accel-ppp will not serve a large number of clients, then you can download fresh source code from git in which bugs can occur.

Unpack the downloaded archive:

tar -xvf accel-ppp-1.11.2.tar.bz2

Install accel-ppp (VLAN_MON_DRIVER can not be installed if the server does not use VLAN):

mkdir accel-ppp-build
cd accel-ppp-build
cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DKDIR=/usr/src/linux-headers-`uname -r` -DRADIUS=TRUE -DSHAPER=TRUE -DLOG_PGSQL=FALSE -DLUA=TRUE -DBUILD_IPOE_DRIVER=TRUE -DBUILD_VLAN_MON_DRIVER=TRUE ../accel-ppp-1.11.2
make
make install

We connect the module and check:

insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
lsmod | grep ipoe

Let’s proceed to manual configuration.
Let’s create an autorun script:

nano /etc/init.d/accel-ppp

Add the following content to it:

#!/bin/sh
# /etc/init.d/accel-ppp: set up the accel-ppp server
### BEGIN INIT INFO
# Provides:          accel-ppp
# Required-Start:    $networking
# Required-Stop:     $networking
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
### END INIT INFO

set -e

PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin;
ACCEL_PPTPD=`which accel-pppd`
. /lib/lsb/init-functions

if test -f /etc/default/accel-ppp; then
    . /etc/default/accel-ppp
fi

if [ -z $ACCEL_PPPTD_OPTS ]; then
  ACCEL_PPTPD_OPTS="-c /etc/accel-ppp.conf"
fi

case "$1" in
  start)
        log_daemon_msg "Starting accel-ppp server" "accel-pppd"
#        if [ x`lsmod |awk /ipoe/'{print $1}'` = x ]; then
#          insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
#        fi
        if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-pppd.pid $ACCEL_PPTPD_OPTS; then
            log_end_msg 0
        else
            log_end_msg 1
        fi
  ;;
  restart)
        log_daemon_msg "Restarting accel-ppp server" "accel-pppd"
#        if [ x`lsmod |awk /ipoe/'{print $1}'` = x ]; then
#          insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
#        fi
        start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
        if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-pppd.pid $ACCEL_PPTPD_OPTS; then
            log_end_msg 0
        else
            log_end_msg 1
        fi
  ;;

  stop)
        log_daemon_msg "Stopping accel-ppp server" "accel-pppd"
        start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
        log_end_msg 0
  ;;

  status)
    do_status
  ;;
  *)
    log_success_msg "Usage: /etc/init.d/accel-ppp {start|stop|status|restart}"
    exit 1
    ;;
esac

exit 0

Let’s make it executable and add an autorun:

chmod +x /etc/init.d/accel-ppp
update-rc.d accel-ppp defaults

Create the lua file:

nano /etc/accel-ppp.lua

Add to it:

function username(pkt)
return pkt:hdr('chaddr')
end

Create log rotation file:

nano /etc/logrotate.d/accel-ppp

Add to it:

/var/log/accel-ppp/*.log {
      rotate 7
      daily
      size=200M
      compress
      missingok
      sharedscripts
      postrotate
              test -r /var/run/accel-pppd.pid && kill -HUP `cat /var/run/accel-pppd.pid`
      endscript
}

Open the dictionaries in the editor:

nano /usr/local/share/accel-ppp/radius/dictionary
nano /usr/local/freeradius/etc/raddb/dictionary

Add at the end:

ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr
ATTRIBUTE DHCP-Mask              242 integer
ATTRIBUTE L4-Redirect      243 integer
ATTRIBUTE L4-Redirect-ipset      244 string
ATTRIBUTE DHCP-Option82          245 octets

# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords    52      integer
ATTRIBUTE Acct-Output-Gigawords   53      integer

Open the configuration file accel-ppp:

nano /etc/accel-ppp.conf

And add the content (we will adjust to our needs, change the names of the network interfaces, IP nas, radius secret, for each distributed pool in the ipoe section, the gateway and mask are specified, for example gw-ip-address=10.0.0.1/24, but if attr-dhcp-router-ip and attr-dhcp-mask are passed from radius, then they will be in priority):

#ABillS
[modules]
log_file
radius
ipoe
ippool
shaper
sigchld
#pppd_compat

[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4

[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
#nas-identifier=accel-ipoe
nas-ip-address=192.168.1.1
#server=127.0.0.1,radsecret,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=0,acct-timeout=10,weight=1
server=127.0.0.1,radsecret,auth-port=0,req-limit=50,fail-timeout=0,max-fail=0,acct-timeout=10,weight=1
server=127.0.0.1,radsecret,acct-port=0,req-limit=0,fail-timeout=0,max-fail=0,acct-timeout=10,weight=1
dae-server=127.0.0.1:3799,radsecret
verbose=0
#interim-verbose=1
attr-tunnel-type=NAS-Identifier
gw-ip-address=192.168.1.1

[ipoe]
verbose=0
unit-cache=0
username=lua:username
lua-file=/etc/accel-ppp.lua
lease-time=600
max-lease-time=660
renew-time=300
attr-dhcp-client-ip=Framed-IP-Address
attr-dhcp-router-ip=DHCP-Router-IP-Address
attr-dhcp-mask=Framed-IP-Netmask
gw-ip-address=10.0.0.1/24
proxy-arp=1
shared=1
ifcfg=1
mode=L2
start=dhcpv4
interface=eth0
#agent-remote-id=accel-ppp
attr-dhcp-opt82=DHCP-Option82

#[ip-pool]
#gw-ip-address=192.168.0.1/24
#attr=Framed-Pool
#192.168.0.2-254,name=pool1

[client-ip-range]
#10.0.0.0/8

[dns]
dns1=1.1.1.1
dns2=8.8.4.4

[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
copy=1
color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=3
#level=5

[shaper]
attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#mtu=0
#r2q=10
quantum=1500
#moderate-quantum=1
#hightspeed shaper
ifb=ifb0
cburst=1534
#up-limiter=htb
down-limiter=htb
#low speed shaper
up-limiter=police
#down-limiter=tbf
#leaf-qdisc=sfq perturb 10
#leaf-qdisc=fq_codel [limit PACKETS] [flows NUMBER] [target TIME] [interval TIME] [quantum BYTES] [[no]ecn]
#rate-multiplier=1
#fwmark=1
attr-down=PPPD-Downstream-Speed-Limit
attr-up=PPPD-Upstream-Speed-Limit
verbose=10

[pppd-compat]
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#radattr-prefix=/var/run/radattr
verbose=1

[cli]
verbose=100
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
password=radsecret

[snmp]
master=0
agent-name=accel-ppp

[connlimit]
limit=10/min
burst=3
timeout=60

Run accel-ppp:

sudo /etc/init.d/accel-ppp restart

You can also use the quick setup script:

cd /usr/abills/misc/
./autoconf PROGRAMS=accel_ppp

Check whether accel_ppp is running like this:

/etc/init.d/accel-ppp status
netstat -tulpn | grep accel-ppp
netstat -tulpn | grep :67

It remains to add an access server to ABills (“Settings” – “Access Server”).
For example:

IP: 127.0.0.1
Name (a-zA-Z0-9_): NAME
Type: accel-ipoe Linux accel-ipoe
Alive (sec.): 600
Control
IP: 127.0.0.1
SSH: 2001
POD/COA: 3799
User: admin
Password (PoD,RADIUS Secret,SNMP): secretpass (also specified in /etc/accel-ppp.conf)

If you need additional operations when starting and ending sessions, you can uncomment pppd_compat and write scripts:

sudo nano /etc/ppp/ip-up
sudo nano /etc/ppp/ip-down

If you need the functions of the script shaper_start.sh, then make the file executable and add it to the autorun:

chmod +x /etc/init.d/shaper_start.sh
update-rc.d shaper_start.sh defaults
/etc/init.d/shaper_start.sh status
/etc/init.d/shaper_start.sh start

And write the parameters in the /etc/rc.conf file, for example:

abills_shaper_enable="YES"
#abills_ipn_if="ens2f1"
abills_shaper_if="ens2f1"
abills_nat_enable="172.16.11.11:192.168.2.0/24"
abills_nas_id="1"
abills_ipn_nas_id="1"
...

See also my articles:
Ip-up and ip-down scripts with ipset for Accel-ppp
How to enable or disable Proxy ARP on Linux
Accel-ppp installation
Packet capturing with tcpdump

Подписаться на IT Blog (RU) по Email
Subscribe to IT Blog (EN) by Email

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a Reply