jkroonza
commented
2 years ago Created PR #11
Closed jkroonza closed 2 years ago
jkroonza
commented
2 years ago Created PR #11
dfskoll
commented
2 years ago Thanks for opening the issue and for the PR. I'm somewhat busy at the moment, but will do my best to have a look at this soon.
Regards,
Dianne.
jkroonza
commented
2 years ago Handled in #11
Currently pppoe-server always allocates an IP address, it would be beneficial to enable delegation of IP addresses to the pppd process itself since that would allow various mechanisms for IP allocation including radius addressing (eg, using Framed-Pool or even Framed-IP-Address for clients with static IPs).
I believe it may currently be possible for pppd to override the IPs assigned from pppoe-server, however, if both pppoe-server and pppd are allocating IPs it just seems like a recipe for trouble.
It may, in future, also make pure IPv6 deployments possible, once something like 464-xlat is in place to enable clients that really do need IPv4 and won't have it on the ppp itself.
At least the ability to get static IPs assigned from radius, without taking IPs out of the normally used pool, is relatively important for us in the short term.
Delegation would also mean that if there is a client that keeps failing authentication that we don't bounce IPs on those clients since IP allocation would then only happen once LCP has been established as part of IPCP. Since there shouldn't be a great number of these clients this shouldn't be a problem, but if you have a disgruntled customer ... they can in theory flood the L2 with numerous pppoe establishments resulting in a possible denial of service to legitimate customers.