BNG Bluster doesn't respond to the PADO message

[filip-nikolic]

Describe the bug

During the established of PPPoE session, BNG blaster send PADI message, BNG reply with PADO, but nothing comes on BNG bluster To Reproduce

Ubuntu version 22.04 on VM

Version (bngblaster -v):

JSON configuration: { "interfaces": { "access": [ { "interface": "enp7s0", "type": "pppoe", "outer-vlan-min": 1301, "outer-vlan-max": 1301, "inner-vlan-min": 1100, "inner-vlan-max": 1600, "authentication-protocol": "PAP" } ] }, "sessions": { "count": 1, "max-outstanding": 800, "start-rate": 400, "stop-rate": 400 }, "pppoe": { "service-name": "access", "reconnect": true, "discovery-timeout": 3, "discovery-retry": 10 }, "ppp": { "mru": 1492, "authentication": { "username": "rtbrick10@telekom.de", "password": "test", "timeout": 5, "retry": 30, "protocol": "PAP" }, "lcp": { "conf-request-timeout": 1, "conf-request-retry": 10, "keepalive-interval": 30, "keepalive-retry": 3 }, "ipcp": { "enable": true, "request-ip": true, "request-dns1": true, "request-dns2": true, "conf-request-timeout": 1, "conf-request-retry": 10 }, "ip6cp": { "enable": true, "conf-request-timeout": 1, "conf-request-retry": 10 } }, "dhcpv6": { "enable": true, "rapid-commit": true }, "access-line":{ "agent-remote-id": "rtbrick", "agent-circuit-id": "ifp-0/1/22.1301" }, "session-traffic": { "ipv4-pps": 1, "ipv6-pps": 1, "ipv6pd-pps": 1 } }

Steps to reproduce the behavior:

1. Stat of the session with:

bngblaster -C pppoe_setup_1.json -L test.log -l ip -I

Expected behavior

The BNG sends PADO message, but that doesn't come onto BNG Bluster according to the pcap file. According to information from issue #73 I add service-name: access BNG is Ufispace with RtBrick SW 24.3.1 and connection to external Radius

Logs from the BNG:

2024-05-23T12:08:32.877968+0000 02:00:00:00:00:01 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 72: vlan 1301, p 0, ethertype 802.1Q (0x8100), vlan 1100, p 0, ethertype PPPoE D (0x8863), PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"]

2024-05-23T12:08:32.878135+0000 e8:c5:7a:b2:01:05 > 02:00:00:00:00:01, ethertype 802.1Q (0x8100), length 81: vlan 1301, p 0, ethertype 802.1Q (0x8100), vlan 1100, p 0, ethertype PPPoE D (0x8863), PPPoE PADO [Service-Name "access"] [AC-Cookie 0xA6CBFD2C29A3BE1F6A054590FC51105EFF5AA5EF5B77A7A6] [AC-Name "rtbrick"] [EOL]

Logs from the BNG Blaster:

PCAP from BNGBlaster

Configuration of access interface and profile on bng:

{ "rtbrick-config:double-tagged": [ { "interface-name": "ifp-0/1/22", "outer-vlan-min": 1100, "outer-vlan-max": 1600, "inner-vlan-min": 1100, "inner-vlan-max": 1600, "access-type": "PPPoE", "access-profile-name": "pppoe-dual-ifp017", "aaa-profile-name": "aaa-radius" } ] }

{ "rtbrick-config:access-profile": [ { "profile-name": "pppoe-dual-ifp017", "instance": "default", "protocol": { "pppoe": { "enable": "true" }, "ppp": { "lcp": { "authentication-protocol": "PAP_CHAP", "mru": 1492, "mtu": 1492, "echo-interval": 30, "echo-max-retransmit": 3, "echo-enable": "true" }, "ipcp": { "enable": "true", "source-ifl": "lo-0/0/2/1" }, "ip6cp": { "enable": "true" } }, "ra": { "enable": "true" }, "dhcpv6": { "enable": "true" } }, "address-family": { "ipv4": { "enable": "true", "pool-name": "BNG_TEST_IPv4_1", "primary-dns": "8.8.8.8", "secondary-dns": "8.8.4.4" }, "ipv6": { "enable": "true", "pool-name": "BNG_TEST_IPv6_1", "prefix-delegation-pool-name": "ipv6pd", "primary-dns": "2001:db8:0:100::", "secondary-dns": "2001:db8:0:104::" } } }

Thanks in advance

[GIC-de]

If PADO is shown in PCAP from BNG but not shown in PCAP from BNG Blaster, than packet is dropped somewhere in your infrastructure between BNG and BNG Blaster.

[filip-nikolic]

Thanks for really quick reply. This two devices are directly connected. And PADI message comes to BNG from BNG Blaster. I suppose that if it is connection then PADI will not arrive on BNG

[GIC-de]

If you do not see the packet in the BNG Blaster capture file, than the packet is dropped in your infrastructure. If they are directly connected, it is still possible that an invalid host configuration is causing to drop the packets here. You can even double check by doing tcpdump in parallel, but please be aware that you will not see any packets send by BNG Blaster using tcpdump, but you do see all packets received on the link.

[filip-nikolic]

Dear, Christian

Thanks for suggestion. I try to do TCM dump on server where we bring BNG Bluster UP.

On server on interface that are used for BNG Blaster I see PADO packet that comes to BNG Blaster.

7:52:14.646902 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:14.648962 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xB11963FC878B8E0DDF1DEEA54A1501A28659A62241EF58EE] [AC-Name "rtbrick"] [EOL] 17:52:17.647227 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:17.649875 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xA10C3DFD14BF6F347EA8C8556BBC2FE50571FCF6644A6E2E] [AC-Name "rtbrick"] [EOL] 17:52:20.647482 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:20.648469 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xE854C8849EE38B50C359B48114140C465CFBA0E02171A2F9] [AC-Name "rtbrick"] [EOL] 17:52:23.647707 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:23.650110 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xC11C27EEF5F541C3EE0BFB8761CE627E9C4E5747BEE56D46] [AC-Name "rtbrick"] [EOL] 17:52:26.648047 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:26.650147 PPPoE PADO [Service-Name "access"] [AC-Cookie 0x4831615264DF5EFCE4AF16869C40942D32DB9FFA4A63976C] [AC-Name "rtbrick"] [EOL] 17:52:29.648368 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:29.649019 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xC9E18E8BB5184463AA394E84E3D5C44203742E9DADB02D2B] [AC-Name "rtbrick"] [EOL] 17:52:32.648616 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:32.651265 PPPoE PADO [Service-Name "access"] [AC-Cookie 0x7EF1D6FA08BF1D80D888AAAB1EC29932E37343C1220821B5] [AC-Name "rtbrick"] [EOL] 17:52:35.648940 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:35.650089 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xAA7502FDE1C3A4B349BC1D717264DB6EA72AE765931AC309] [AC-Name "rtbrick"] [EOL] 17:52:38.649260 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:38.651458 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xF46475BB90C2A95DEAF686514CF3BDBD6FBED4432CC2FC24] [AC-Name "rtbrick"] [EOL] 17:52:41.649535 PPPoE PADI [Service-Name "access"] [Vendor-Specific "......ifp-0/1/22.1301..rtbrick"] 17:52:41.651251 PPPoE PADO [Service-Name "access"] [AC-Cookie 0xE1125F254BE4E8C82C2AA6FEBA0262947E7FCDEFC47D699D] [AC-Name "rtbrick"] [EOL]

On this server we create VM for BNG Bluster. But here I don't see the packets that are flowing on VM.

[GIC-de]

If you run the BNG Blaster in a VM, you may have some issues with VLAN transparency in your host configuration. This is a common issue with VMware, which has to be enabled explicitly.

[filip-nikolic]

I suppose that the it is VLAN issue that the PADI message will not be able to go from BNG Bluster toward BNG.

In order to test VLAN on other interface I create simple interface single tagged service and that works in both ends.

[GIC-de]

On BNG side, you can easily verify if PADI has been received:

op> show pppoe discovery packets
Packet           Received         Sent
PADI             21765554         0
PADO             0                1542337
PADR             1865362          0
PADS             0                1517905
PADT             110454           1517905

[filip-nikolic]

Hi, Chrisitan

First I would like to thank you for support. I fix the problem. You were wright it was because of the communication between server and VM on server. It is important how you assign physical interface from server to VM. IP service was working fine for example. But PPPOE messages wasn't go between server and VM. First I add interfaces by using macvtap solution. And with that it didn't work.

PCI Pass through solution works perfect :)

Maybe this can be helpful for someone in a future.

Thanks.

[GIC-de]

Thanks for your feedback. Will consider this for the FAQ section.