ng_l2tp - L2TP protocol netgraph node type
L2TP control and data packets are transmitted to, and received from, the L2TP peer via the lower hook. Typically this hook would be connected to the inet/dgram/udp hook of an ng_ksocket4 node for L2TP over UDP.
The ctrl hook connects to the local L2TP management entity. L2TP control messages (without any L2TP headers) are transmitted and received on this hook. Messages written to this hook are guaranteed to be delivered to the peer reliably, in order, and without duplicates.
Packets written to the ctrl hook must contain a two byte session ID prepended to the frame (in network order). This session ID is copied to the outgoing L2TP header. Similarly, packets read from the ctrl hook will have the received session ID prepended.
Once an L2TP session has been created, the corresponding session hook may be used to transmit and receive the session's data frames: for the session with session ID 0xabcd the hook is named session_abcd
/* Configuration for a node */ struct ng_l2tp_config { u_char enabled; /* enables traffic flow */ u_char match_id; /* tunnel id must match 'tunnel_id' */ u_int16_t tunnel_id; /* local tunnel id */ u_int16_t peer_id; /* peer's tunnel id */ u_int16_t peer_win; /* peer's max recv window size */ u_int16_t rexmit_max; /* max retransmits before failure */ u_int16_t rexmit_max_to; /* max delay between retransmits */ };
The enabled field enables packet processing. Each time this field is changed back to zero the sequence number state is reset. In this way, reuse of a node is possible.
The tunnel_id field configures the local tunnel ID for the control connection. The match_id field determines how incoming L2TP packets with a tunnel ID field different from tunnel_id are handled. If match_id is non-zero, they will be dropped; otherwise, they will be dropped only if the tunnel ID is non-zero. Typically tunnel_id is set to the local tunnel ID as soon as it is known and match_id is set to non-zero after receipt of the SCCRP or SCCCN control message.
The peer's tunnel ID should be set in peer_id as soon as it is learned, typically after receipt of a SCCRQ or SCCRP control message. This value is copied into the L2TP header for outgoing packets.
The peer_win field should be set from the ``Receive Window Size'' AVP received from the peer. The default value for this field is one; zero is an invalid value. As long as enabled is non-zero, this value may not be decreased.
The rexmit_max and rexmit_max_to fields configure packet retransmission. rexmit_max_to is the maximum retransmission delay between packets, in seconds. The retransmit delay will start at a small value and increase exponentially up to this limit. The rexmit_max sets the maximum number of times a packet will be retransmitted without being acknowledged before a failure condition is declared. Once a failure condition is declared, each additional retransmission will cause the l2tp node to send a NGM_L2TP_ACK_FAILURE control message back to the node that sent the last NGM_L2TP_SET_CONFIG Appropriate action should then be taken to shutdown the control connection.
/* Configuration for a session hook */ struct ng_l2tp_sess_config { u_int16_t session_id; /* local session id */ u_int16_t peer_id; /* peer's session id */ u_char control_dseq; /* we control data sequencing? */ u_char enable_dseq; /* enable data sequencing? */ u_char include_length; /* include length field? */ };
The session_id and peer_id fields configure the local and remote session IDs, respectively.
The control_dseq and enable_dseq fields determine whether sequence numbers are used with L2TP data packets. If enable_dseq is zero, then no sequence numbers are sent and incoming sequence numbers are ignored. Otherwise, sequence numbers are included on outgoing packets and checked on incoming packets.
If control_dseq is non-zero, then the setting of enable_dseq will never change except by another NGM_L2TP_SET_SESS_CONFIG control message. If control_dseq is zero, then the peer controls whether sequence numbers are used: if an incoming L2TP data packet contains sequence numbers, enable_dseq is set to one, and conversely if an incoming L2TP data packet does not contain sequence numbers, enable_dseq is set to zero. The current value of enable_dseq is always accessible via the NGM_L2TP_GET_SESS_CONFIG control message (see below). Typically an LNS would set control_dseq to one while a LAC would set control_dseq to zero (if the Sequencing Required AVP were not sent), thus giving control of data packet sequencing to the LNS.
The include_length field determines whether the L2TP header length field is included in outgoing L2TP data packets. For incoming packets, the L2TP length field is always checked when present.
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |