xelerance / xl2tpd

Official Xelerance fork of L2TPd
GNU General Public License v2.0
527 stars 203 forks source link

IPv6 support #183

Open slokhorst opened 5 years ago

slokhorst commented 5 years ago

I'm curious about IPv6 support in xl2tpd. There is a ipv6 branch in this repository, but it seems to be inactive.

Are there any plans to implement IPv6 support in the master branch? Would patches for this be welcome?

shussain commented 5 years ago

Hello @slokhorst: We would love to integrate IPv6 branch into master but as you note, the code has diverged quite a bit. If someone is interested in testing and submitting patches, they would be welcome

shussain commented 5 years ago

Closing issue. @slokhorst please free to open a new issue (or PR) at your convenience.

ulysse31 commented 2 years ago

Hi all,

Just wanted to reply here to shussain ^^' You'll find a re-adaption of latest (v1.3.17) code with IPv6 support here:

https://github.com/ulysse31/xl2tpd6

It is a "code conversion" to IPv6, which is why I called the resultant binary as "xl2tpd6". And it is oriented to create "IPv4 inside IPv6 Tunneling" So if you want a start to implement ipv6 into xl2tpd, here is a start ^^

Regards all

shussain commented 2 years ago

Thank you for the note. Reopening this issue.

mikefang688 commented 1 year ago

@ulysse31 could you explain how to configure LAC and LNS , and how to test this step by step? I use your xl2tpd6 to test as below: first start : xl2tpd6 -D & , then use below commands to construct a ipv6 lac, but client can't send out ipv6 l2tp packets to lns! 1>echo 'ipcp-accept-local$ipcp-accept-remote$refuse-eap$require-mschap-v2$noccp$noauth$mtu 1492$mru 1492$nodefaultroute$usepeerdns$debug$lock$connect-delay 10$user 123$password 123$unit 701' | awk 'BEGIN{RS="$"}{print $0}' > /etc/ppp/peers/ppp701 2>echo 'add-lac ppp701 lns = fe80::5265:f3ff:fe24:a173; ppp debug = yes; pppoptfile = /etc/ppp/peers/ppp701;' > /var/run/xl2tpd/xl2tpd6-control 3>echo 'connect-lac ppp701' > /var/run/xl2tpd/xl2tpd6-control

ulysse31 commented 1 year ago

@ulysse31 could you explain how to configure LAC and LNS , and how to test this step by step? I use your xl2tpd6 to test as below: first start : xl2tpd6 -D & , then use below commands to construct a ipv6 lac, but client can't send out ipv6 l2tp packets to lns! 1>echo 'ipcp-accept-local$ipcp-accept-remote$refuse-eap$require-mschap-v2$noccp$noauth$mtu 1492$mru 1492$nodefaultroute$usepeerdns$debug$lock$connect-delay 10$user 123$password 123$unit 701' | awk 'BEGIN{RS="$"}{print $0}' > /etc/ppp/peers/ppp701 2>echo 'add-lac ppp701 lns = fe80::5265:f3ff:fe24:a173; ppp debug = yes; pppoptfile = /etc/ppp/peers/ppp701;' > /var/run/xl2tpd/xl2tpd6-control 3>echo 'connect-lac ppp701' > /var/run/xl2tpd/xl2tpd6-control

Hello @mikefang688 As stated in the README of my xl2tpd6 repository code, this binary is made to only bring a xl2tp daemon to listen on an IPV6 address, BUT the inside/internal tunnel still must be IPV4, AND the daemon will listen by default (hardcoded) on INADDR_ANY (edit code if you want to change that, a quick grep gives me file.c line 54 ...). Let me reformulate : this binary allows you to have IPV6 clients to connect to your l2tp, and create ipv4 tunnel over ipv6, and the daemon listens to all IPV6 addresses by default (I do filter afterwards with ip6tables).

I made this fork for one primary reason: l2tp ipsec will have limitations in case of client ipv4 being behind a NAT network ... also some ISP nowadays makes a lot of port limitations (specially in france ...) having the client connecting to the server via IPV6 (but still creating the same usual IPV4 tunnel) solves these issues.

If some things still not clear, please don't hesitate.

Regards,

mikefang688 commented 1 year ago

hello @ulysse31 : Is your this package "only" work as an ipv6 l2tp server ? can't work as an ipv6 LAC client? I need this package work as an ipv6 LAC and can initiate ipv6 l2tp SCCRQ/SCCRP.. protocol handshake packets with an ipv6 l2tp server !

mikefang688 commented 1 year ago

@ulysse31 Debug && check this package, need modify "int set_lns (char word, char value, int context, void *item) " , this API's current logic will parse IPv6 address by ‘:’ as a wrong IPv4 address plus port; After modify this, package can work as an IPv6 LAC client and connect IPv6 LNS server successfully ; Inside this IPv6 L2TP tunnel, both PPP v4 session and PPP v6 session can establish successfully depend on ppp option file configures; By the way, update test commands on my env as below: echo 'ipcp-accept-local$ipcp-accept-remote$refuse-eap$require-mschap-v2$noccp$noauth$mtu 1492$mru 1492$defaultroute$usepeerdns$debug$lock$connect-delay 10$user 123$password 123$unit 701$+ipv6' | awk 'BEGIN{RS="$"}{print $0}' > /etc/ppp/peers/ppp701 echo 'a ppp701 lns = fe80::5265:f3ff:fe24:a173; ppp debug = yes pppoptfile = /etc/ppp/peers/ppp701; redial=yes; redial timeout = 5; length bit = yes;' >/var/run/xl2tpd/l2tp-control echo 'c ppp701' > /var/run/xl2tpd/l2tp-control //after this, ipv4/ipv6 ppp session can establish inside Ipv6 l2tp tunnel

Regards,