Требования:
- Современный дистрибутив Linux
- Ядро версии 2.6.25 или старше
- cmake не младше версии 2.6
- libcrypto-0.9.8 или старше (openssl-0.9.8)
- libpcre
- net-snmp-5.x (Для snmp)
- liblua5.1 (для IPoE c DHCP option 82)
Сайт: Сборка accel-ppp
High performance PPTP/L2TP/PPPoE server for Linux.
:
Автонастройка конфигурации
| Code Block |
|---|
|
cd /usr/abills/misc/
./autoconf PROGRAMS=accel_ppp |
Abills
Меню Настройка>Сервер доступа
| Alive: | Время между RADIUS Alive пакетами. Рекомендуется 300. (Для accel-ipoe рекомендуемая 600) |
|---|
| Type: |
|---|
Linux | accel-ppp для pppoe pptp. Для IPoE: accel-ipoe |
| IP:PORT: | Ип адрес и порт сервера. Порт по умолчанию 3799 и 2001 для telnet. (127.0.0.1:3799:2001) |
|---|
| Password: | Пароль для Disconnect Message указывается в параметре конфигурационного файла /etc/accel-ppp.conf, также этот пароль используется как RADIUS secret |
|---|
Проверка скорости и переконфигурация шейперов
| Code Block |
|---|
| language | bash |
|---|
| title | Показать текущую скорость |
|---|
|
/usr/abills/libexec/billd checkspeed accel_ppp=1 SHOW_SPEED=1 |
| Code Block |
|---|
| language | bash |
|---|
| title | Переконфигурировать шейпера |
|---|
|
/usr/abills/libexec/billd checkspeed accel_ppp=1 |
Синхронизация активных сессий
Система проверяет онлайн сессии в биллинге и поднятые на accel-ppp
| Code Block |
|---|
|
/usr/abills/libexec/billd check_accel_ppp=1 |
Установка и настройка accel-ppp
Ubuntu
Что нужно:
| Code Block |
|---|
|
wget http://sourceforge.net/projects/accel-ppp/files/accel-ppp-1.5.0.tar.bz2
tar -xjf accel-ppp-1.5.0.tar.bz2
mkdir accel-ppp-build
cd accel-ppp-build
cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DRADIUS=TRUE -DSHAPER=TRUE ../accel-ppp-1.5.0
make
make install |
Настройка accel-ppp
| Code Block |
|---|
| language | bash |
|---|
| title | /etc/accel-ppp.conf |
|---|
| collapse | true |
|---|
|
[modules]
#path=/usr/local/lib/accel-ppp
log_file
#log_tcp
#log_pgsql
pptp
pppoe
#l2tp
auth_mschap_v2
#auth_mschap_v1
#auth_chap_md5
#auth_pap
radius
#ippool
sigchld
pppd_compat
shaper
#chap-secrets
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4
[ppp]
verbose=1
min-mtu=1000
mtu=1492
mru=1492
#ccp=0
#sid-case=upper
#check-ip=0
#single-session=replace
#mppe=require
[lcp]
echo-interval=30
echo-failure=3
[pptp]
echo-interval=30
verbose=1
[pppoe]
# Интерфейсы на которых запущен pppoe сервер ( должны быть соответственно подняты интерфейсы)
interface=eth1
interface=vlan2
interface=vlan3
interface=vlan4
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
#ifname-in-sid=called-sid
#tr101=1
verbose=1
#[l2tp]
#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary
#hello-interval=60
#timeout=60
#rtimeout=5
#retransmit=5
#host-name=accel-ppp
#verbose=1
[dns]
dns1=10.0.0.10
#dns2=172.16.1.1
[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
gw-ip-address=10.0.0.10
auth-server=127.0.0.1:1812,secretpass
acct-server=127.0.0.1:1813,secretpass
dae-server=127.0.0.1:3799,secretpass
verbose=1
#timeout=3
#max-try=3
#acct-timeout=120
#acct-delay-time=0
[client-ip-range]
10.0.0.0/8 # Указать диапазоны раздаваемые клиентам в (по DHCP или вручную).
# ВАЖНО: они не должны пересекатся с пулами PPPOE или PPTP сервера доступа.
#[ip-pool]
#gw-ip-address=192.168.0.1
#192.168.0.2-255
#192.168.1.1-255
#192.168.2.1-255
#192.168.3.1-255
#192.168.4.0/24
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
#log-debug=/dev/stdout
#log-tcp=127.0.0.1:3000
copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=3
#log-tcp=127.0.0.1:3000
#[log-pgsql]
#conninfo=user=log
#log-table=log
[pppd-compat]
#ip-pre-up=/etc/ppp/ip-pre-up
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#ip-change=/etc/ppp/ip-change
radattr-prefix=/var/run/radattr
verbose=1
#[chap-secrets]
#gw-ip-address=192.168.100.1
#chap-secrets=/etc/ppp/chap-secrets
[[shaper] ]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
attr-down=PPPD-Downstream-Speed-Limit
attr-up=PPPD-Upstream-Speed-Limit
[cli]
telnet=127.0.0.1:2000
password=secretpass
tcp=127.0.0.1:2001 |
| Code Block |
|---|
| language | bash |
|---|
| title | /usr/local/share/accel-ppp/radius/dictionary |
|---|
| collapse | true |
|---|
|
$INCLUDE dictionary.rfc2865
$INCLUDE dictionary.rfc2866
$INCLUDE dictionary.rfc2867
$INCLUDE dictionary.rfc2868
$INCLUDE dictionary.rfc2869
$INCLUDE dictionary.rfc3576
$INCLUDE dictionary.rfc3580
$INCLUDE dictionary.rfc4072
$INCLUDE dictionary.rfc4372
$INCLUDE dictionary.rfc5176
$INCLUDE dictionary.microsoft
$INCLUDE dictionary.cisco
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer |
| Code Block |
|---|
| language | bash |
|---|
| title | Отключить ip_gre |
|---|
|
modprobe -r ip_gre
vim /etc/modprobe.d/blacklist.conf
blacklist ip_gre |
| Code Block |
|---|
| language | bash |
|---|
| title | Добавить в автозагрузку драйвера |
|---|
|
vim /etc/modules
pptp
pppoe |
| Code Block |
|---|
| language | bash |
|---|
| title | Cоздадим скрипт для запуска-остановки accel-ppp |
|---|
|
vim /etc/init.d/accel-ppp
chmod +x /etc/init.d/accel-ppp |
| Code Block |
|---|
|
#!/bin/sh
#/etc/init.d/accel-pppd: set up the accel-ppp server
### BEGIN INIT INFO
# Provides: accel-ppp
# Required-Start: $networking
# Required-Stop: $networking
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
### END INIT INFO
set -e
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin;
ACCEL_PPTPD=`which accel-pppd`
. /lib/lsb/init-functions
if test -f /etc/default/accel-ppp; then
. /etc/default/accel-ppp
fi
if [ -z $ACCEL_PPPTD_OPTS ]; then
ACCEL_PPTPD_OPTS="-c /etc/accel-ppp.conf"
fi
case "$1" in
start)
log_daemon_msg "Starting accel-ppp server" "accel-pppd"
if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-pppd.pid $ACCEL_PPTPD_OPTS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
restart)
log_daemon_msg "Restarting accel-ppp server" "accel-pppd"
start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-pppd.pid $ACCEL_PPTPD_OPTS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
log_daemon_msg "Stopping accel-ppp server" "accel-pppd"
start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
log_end_msg 0
;;
status)
do_status
;;
*)
log_success_msg "Usage: /etc/init.d/accel-ppp {start|stop|status|restart}"
exit 1
;;
esac
exit 0 |
| Code Block |
|---|
| language | bash |
|---|
| title | Добавляем в автозагрузку |
|---|
|
update-rc.d accel-ppp defaults |
| Code Block |
|---|
| language | bash |
|---|
| title | В словарь Freeradius - raddb/dictionary добавить такие пары |
|---|
|
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer |
CentOS
| Code Block |
|---|
| language | bash |
|---|
| title | Устанавливаем файлы ядра: |
|---|
|
yum install -y kernel-headers kernel-devel bzip2 cmake |
| Code Block |
|---|
| language | bash |
|---|
| title | Скачиваем и устанавливаем accel-ppp: |
|---|
|
wget http://sourceforge.net/projects/accel-ppp/files/accel-ppp-1.7.4.tar.bz2
tar -xjf accel-ppp-1.7.4.tar.bz2
cd accel-ppp-1.7.4
mkdir build
cd build
cmake -DBUILD_DRIVER=FALSE -DRADIUS=TRUE -DKDIR=/usr/src/kernels/3.10.0-229.4.2.el7.x86_64 \
DCMAKE_INSTALL_PREFIX=/usr/local .. |
Не выходя из папки build сделать:
| Code Block |
|---|
|
make && make install |
| Code Block |
|---|
| language | bash |
|---|
| title | В файл /etc/accel-ppp.conf вставить следующее и отредактировать по ситуации: |
|---|
|
nano /etc/accel-ppp.conf |
| Code Block |
|---|
|
[modules]
#path=/usr/local/lib/accel-ppp
log_file
#log_tcp
#log_pgsql
pptp
pppoe
#l2tp
auth_mschap_v2
#auth_mschap_v1
#auth_chap_md5
#auth_pap
radius
#ippool
sigchld
pppd_compat
shaper_tbf
#chap-secrets
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4
[ppp]
verbose=1
min-mtu=1000
mtu=1400
mru=1400
#ccp=0
#sid-case=upper
#check-ip=0
#single-session=replace
#mppe=require
[lcp]
echo-interval=30
echo-failure=3
[pptp]
echo-interval=30
verbose=1
[pppoe]
# Интерфейсы на которых запущен pppoe сервер ( должны быть соответственно подняты интерфейсы)
interface=eth1
interface=vlan2
interface=vlan3
interface=vlan4
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
#ifname-in-sid=called-sid
#tr101=1
verbose=1
#[l2tp]
#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary
#hello-interval=60
#timeout=60
#rtimeout=5
#retransmit=5
#host-name=accel-ppp
#verbose=1
[dns]
dns1=10.0.0.10
#dns2=172.16.1.1
[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
gw-ip-address=10.0.0.10
auth-server=127.0.0.1:1812,secretpass
acct-server=127.0.0.1:1813,secretpass
dae-server=127.0.0.1:3799,secretpass
verbose=1
#timeout=3
#max-try=3
#acct-timeout=120
#acct-delay-time=0
[client-ip-range]
disable
#10.0.0.0/8 # Указать диапазоны раздаваемые клиентам в (по DHCP или вручную).
# ВАЖНО: они не должны пересекатся с пулами PPPOE или PPTP сервера доступа.
#[ip-pool]
#gw-ip-address=192.168.0.1
#192.168.0.2-255
#192.168.1.1-255
#192.168.2.1-255
#192.168.3.1-255
#192.168.4.0/24
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
#log-debug=/dev/stdout
#log-tcp=127.0.0.1:3000
copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=3
#log-tcp=127.0.0.1:3000
#[log-pgsql]
#conninfo=user=log
#log-table=log
[pppd-compat]
#ip-pre-up=/etc/ppp/ip-pre-up
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#ip-change=/etc/ppp/ip-change
radattr-prefix=/var/run/radattr
verbose=1
#[chap-secrets]
#gw-ip-address=192.168.100.1
#chap-secrets=/etc/ppp/chap-secrets
[tbf]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
attr-down=PPPD-Downstream-Speed-Limit
attr-up=PPPD-Upstream-Speed-Limit
[cli]
telnet=127.0.0.1:2000
#tcp=127.0.0.1:2001
#пароль такой же как на RADIUS COA
password=secretpass |
| Code Block |
|---|
| language | bash |
|---|
| title | В конец файла /usr/local/share/accel-ppp/radius/dictionary добавить: |
|---|
|
# nano /usr/local/share/accel-ppp/radius/dictionary
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer |
| Code Block |
|---|
| language | bash |
|---|
| title | Отключить ip_gre: |
|---|
|
modprobe -r ip_gre |
| Code Block |
|---|
| language | bash |
|---|
| title | И в файл /etc/modprobe.d/blacklist.conf добавить: |
|---|
|
nano /etc/modprobe.d/blacklist.conf |
| Code Block |
|---|
|
blacklist ip_gre |
| Code Block |
|---|
| language | bash |
|---|
| title | В файл /etc/modules внести: |
|---|
|
nano /etc/modules |
В словарь Freeradius - raddb/dictionary добавить такие пары:
| Code Block |
|---|
|
cd /usr/local/freeradius/etc/raddb
nano dictionary |
| Code Block |
|---|
|
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer |
| Code Block |
|---|
| language | bash |
|---|
| title | Запустить accel-ppp: |
|---|
|
accel-pppd -p 'var/run/accel.pid' -c '/etc/accel-ppp.conf' |
Debian 8
| Code Block |
|---|
| language | bash |
|---|
| title | Обновляем пакеты: |
|---|
|
apt-get update |
| Code Block |
|---|
| language | bash |
|---|
| title | Устанавливаем нужные пакеты: |
|---|
|
cd /usr/src/
apt-get install make cmake libcrypto++-dev libssl-dev libpcre3 libpcre3-dev git lua5.1 liblua5.1-0-dev
apt-get install linux-headers-`uname -r` |
| Code Block |
|---|
| language | bash |
|---|
| title | Скачиваем accel-ppp: |
|---|
|
wget http://netix.dl.sourceforge.net/project/accel-ppp/accel-ppp-1.11.0.tar.bz2
tar -xjf accel-ppp-1.11.0.tar.bz2
mkdir accel-ppp-build
cd accel-ppp-build
cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DKDIR=/usr/src/linux-headers-`uname -r` -DRADIUS=TRUE -DSHAPER=TRUE -DLOG_PGSQL=FALSE -DLUA=TRUE -DBUILD_IPOE_DRIVER=TRUE ../../accel-ppp-1.11.0 -DCPACK_TYPE=Debian8 -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Release
make
cpack -G DEB
dpkg -i accel-ppp.deb |
| Code Block |
|---|
| language | bash |
|---|
| title | Подключаем модуль в системе: |
|---|
|
insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko |
В скрипт автозапуска:
| Code Block |
|---|
|
nano /etc/init.d/accel-ppp |
вставляем следующее:
| Code Block |
|---|
|
#!/bin/sh
# /etc/init.d/accel-ppp: set up the accel-ppp server
### BEGIN INIT INFO
# Provides: accel-ppp
# Required-Start: $networking
# Required-Stop: $networking
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
### END INIT INFO
set -e
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin;
ACCEL_PPTPD=`which accel-pppd`
. /lib/lsb/init-functions
if test -f /etc/default/accel-ppp; then
. /etc/default/accel-ppp
fi
if [ -z $ACCEL_PPPTD_OPTS ]; then
ACCEL_PPTPD_OPTS="-c /etc/accel-ppp.conf"
fi
case "$1" in
start)
log_daemon_msg "Starting accel-ppp server" "accel-pppd"
if [ x`lsmod |awk /ipoe/'{print $1}'` = x ]; then
insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
fi
if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-pppd.pid $ACCEL_PPTPD_OPTS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
restart)
log_daemon_msg "Restarting accel-ppp server" "accel-pppd"
if [ x`lsmod |awk /ipoe/'{print $1}'` = x ]; then
insmod /usr/src/accel-ppp-build/drivers/ipoe/driver/ipoe.ko
fi
start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
if start-stop-daemon --start --quiet --oknodo --exec $ACCEL_PPTPD -- -d -p /var/run/accel-pppd.pid $ACCEL_PPTPD_OPTS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
log_daemon_msg "Stopping accel-ppp server" "accel-pppd"
start-stop-daemon --stop --quiet --oknodo --retry 180 --pidfile /var/run/accel-pppd.pid
log_end_msg 0
;;
status)
do_status
;;
*)
log_success_msg "Usage: /etc/init.d/accel-ppp {start|stop|status|restart}"
exit 1
;;
esac
exit 0 |
| Code Block |
|---|
|
chmod +x /etc/init.d/accel-ppp
update-rc.d accel-ppp defaults |
В файл:
| Code Block |
|---|
|
nano /etc/accel-ppp.lua |
вставляем
| Code Block |
|---|
|
function username(pkt)
return pkt:hdr('chaddr')
end |
| Code Block |
|---|
| language | bash |
|---|
| title | Ротация логов: |
|---|
|
nano /etc/logrotate.d/accel-ppp |
вставляем:
| Code Block |
|---|
|
/var/log/accel-ppp/*.log {
rotate 7
daily
size=100M
compress
missingok
sharedscripts
postrotate
test -r /var/run/accel-pppd.pid && kill -HUP `cat /var/run/accel-pppd.pid`
endscript
} |
| Code Block |
|---|
| language | bash |
|---|
| title | Dictionary |
|---|
|
nano /usr/local/share/accel-ppp/radius/dictionary |
дописываем в конец:
| Code Block |
|---|
|
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr
ATTRIBUTE DHCP-Mask 242 integer
ATTRIBUTE L4-Redirect 243 integer
ATTRIBUTE L4-Redirect-ipset 244 string
ATTRIBUTE DHCP-Option82 245 octets
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer |
Файл конфигурации
| Code Block |
|---|
|
nano /etc/accel-ppp.conf |
вставляем:
| Code Block |
|---|
|
#ABillS
[modules]
log_file
radius
ipoe
ippool
shaper
pptp
pppoe
auth_mschap_v2
auth_pap
auth_chap_md5
auth_mschap_v1
chap-secrets
sigchld
#pppd_compat
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=1
#[common]
#single-session=replace
#sid-case=upper
#sid-source=seq
[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
#nas-identifier=accel-ipoe
nas-ip-address=192.168.1.1
server=127.0.0.1,radsecret,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=10,weight=1
dae-server=192.168.1.1:3799,radsecret
verbose=100
attr-tunnel-type=NAS-Identifier
gw-ip-address=192.168.1.1
[ipoe]
verbose=100
username=lua:username
lua-file=/etc/accel-ppp.lua
lease-time=300
max-lease-time=300
attr-dhcp-client-ip=Framed-IP-Address
gw-ip-address=10.0.0.1/24
proxy-arp=1
shared=1
ifcfg=1
mode=L2
start=dhcpv4
interface=eth0
#agent-remote-id=accel-ppp
attr-dhcp-opt82=DHCP-Option82
#[ip-pool]
#gw-ip-address=192.168.0.1/24
#attr=Framed-Pool
#192.168.0.2-254,name=pool1
#[lcp]
#echo-interval=30
#echo-failure=3
[pptp]
bind=192.168.1.1
verbose=1
mppe=allow
echo-interval=30
[ppp]
verbose=1
min-mtu=1400
mtu=1492
mru=1492
#ccp=0
#sid-case=lower
mppe=allow
#ipv4=require
#lcp-echo-interval=3
#lcp-echo-failure=9
[pppoe]
interface=eth0
nas-identifier=accel-pppoe
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
#ifname-in-sid=called-sid
#tr101=1
verbose=1
[client-ip-range]
#10.0.0.0/8
[dns]
dns1=8.8.8.8
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
copy=1
color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=100
[shaper]
attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#mtu=0
#r2q=10
#quantum=1500
#moderate-quantum=1
#hightspeed shaper
ifb=ifb0
cburst=1534
up-limiter=htb
down-limiter=htb
#low speed shaper
#up-limiter=police
#down-limiter=tbf
#leaf-qdisc=sfq perturb 10
#leaf-qdisc=fq_codel [limit PACKETS] [flows NUMBER] [target TIME] [interval TIME] [quantum BYTES] [[no]ecn]
#rate-multiplier=1
#fwmark=1
attr-down=PPPD-Downstream-Speed-Limit
attr-up=PPPD-Upstream-Speed-Limit
verbose=10
[pppd-compat]
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#radattr-prefix=/var/run/radattr
verbose=1
[cli]
verbose=100
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
password=radsecret
[snmp]
master=0
agent-name=accel-ppp
[connlimit]
limit=10/min
burst=3
timeout=60 |
Запуск:
| Code Block |
|---|
|
service accel-ppp start |
Консоль управления
Мониторинг параметров Accel-ppp
Меню Настройка>Сервер доступа>Консоль
Автонастройка конфигурации
| Code Block |
|---|
|
cd /usr/abills/misc/
./autoconf PROGRAMS=accel_ppp |
Дополнительно
Обсуждение на форумеЖелательно запускать не чаще чем раз в 10 минут
Параметры
|
|
|---|
| NAS_IDS="1,2" | Запускать только для определенных серверов доступа |
| SHOW=1 | Отображать рассинхронизированные сесии но не скидывать |
Консоль управления
Мониторинг параметров Accel-ppp
Меню Настройка>Сервер доступа>Консоль
Дополнительно
$conf{ACCELPPP_IFNAME}='LOGIN'; | Передавать в названии интерфейса вместо ppp логин абонента. Логины должны быть до 16 символов. |
Обсуждение на форуме
Проблемы
| Проблема | Решние |
|---|
| Accel не отправляет запросы в Freeradius при IPOE подключении | Убедитесь что firewall не блокирует DHCP пакеты или откройте порт 67 на NAS сервере |
- Проверка получения accel-ppp RADIUS DAE (PoD команду на скидывание сессии)
Проверка по логу
| Code Block |
|---|
grep Disconnect-Request /var/log/accel-ppp/accel-ppp.log |
Проверка прихода пакетов на интерфейсе eth2.99
| Code Block |
|---|
tcpdump -i eth2.99 -n port 3799
|
Accel-ppp Console
Позволяет просмотреть основные разделы из веб-интерфейса.
Все доступные таблицы:
- show sessions (с возможностью удаления записей и привязкой к пользователям по онлайну)
- show stat
- reload
Пример отображения для show sessions
Image Added