Home / Browse / l2tpns / Mail / Archive

l2tpns

Email Archive: l2tpns-users (read-only)

2004:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul (2)	_Aug	_Sep (4)	_Oct (2)	_Nov (10)	_Dec
2005:	_Jan (2)	_Feb (1)	_Mar (4)	_Apr (2)	_May (4)	_Jun (13)	_Jul (16)	_Aug (16)	_Sep (38)	_Oct (34)	_Nov (48)	_Dec (31)
2006:	_Jan (33)	_Feb (15)	_Mar (38)	_Apr (13)	_May (19)	_Jun (20)	_Jul (2)	_Aug (24)	_Sep (14)	_Oct (17)	_Nov (5)	_Dec (4)
2007:	_Jan (7)	_Feb (5)	_Mar (1)	_Apr (6)	_May	_Jun (2)	_Jul	_Aug (1)	_Sep (2)	_Oct (8)	_Nov (5)	_Dec (1)
2008:	_Jan	_Feb (1)	_Mar (3)	_Apr	_May	_Jun (1)	_Jul	_Aug	_Sep	_Oct	_Nov (9)	_Dec
2009:	_Jan	_Feb	_Mar	_Apr	_May	_Jun (3)	_Jul	_Aug	_Sep	_Oct (1)	_Nov	_Dec (6)
2010:	_Jan (8)	_Feb	_Mar	_Apr (3)	_May	_Jun (1)	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec
2011:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul	_Aug	_Sep	_Oct (2)	_Nov	_Dec


S	M	T	W	T	F	S
			1	2	3	4
			(2)	(2)
5	6	7	8	9	10	11

12	13	14	15	16	17	18

19	20	21	22	23	24	25

26	27	28	29	30

[l2tpns-users] A few l2tpns newbie questions.

From: Neil Fincham <neil@as...> - 2004-09-01 11:13

Hi all,

	First of all thanks for the software.  I am currently helping out
setting up a l2tp LNS server for a company that I do a bit of work for
every now and then.

	While I am not a linux newbie this is my first effort into l2tp, from
what I have read so far is seems like it should be quite successful, I
have already built at tested my radius server and it is working
properly.  I do have a few questions though;-

1. Does it work with the 2.6 kernels OK,  It seems to come up without
complaint and creates the tun0 with no complaints.

2. Do I set up the bind_address to the ip address I am expecting the
tunnels on in the config file to an existing ip address on my box (One
that is brought up using the network rc scripts) or do I not configure
it that way and just use the tun0 connection?

3. Is there an easy way to simulate a full connection, I have used l2tpd
to create a tunnel to it but that is about it, it does not try to
authenticate or bring up a ppp connection or even talk to the radius
server.  I even have a few windows boxes here if that helps.

4. The authentication on the telnet does not seem to work, is there
something I am missing?

Here are my relevant config files;-

startup-config

set debug 4
set log_file "/var/log/l2tpns"
set l2tp_secret "not_telling"
set primary_dns 203.167.207.130
set secondary_dns 203.167.207.131
set save_state yes
set snoop_host 1.2.3.4
set snoop_port 41001
set primary_radius 127.0.0.1
set secondary_radius 127.0.0.1
set radius_accounting yes
set radius_secret "cirad"
set bind_address 203.98.5.218
set cluster_master 0.0.0.0
set throttle_speed 64
set accounting_dir "/var/run/l2tpns/acct/"
set setuid 0
set dump_speed no
load plugin "garden"
load plugin "autothrottle"
load plugin "autosnoop"

users

# List username:password combinations here for cli users
dialup:not_telling

Here is the first part of the log to show you it is coming up;-

2004-09-01 21:22:04 00/00 Loading plugin from /usr/lib/l2tpns/garden.so
2004-09-01 21:22:04 00/00    Supports function "plugin_post_auth"
2004-09-01 21:22:04 00/00    Supports function "plugin_new_session"
2004-09-01 21:22:04 00/00    Supports function "plugin_kill_session"
2004-09-01 21:22:04 00/00    Supports function "plugin_control"
2004-09-01 21:22:04 00/00    Supports function "plugin_become_master"
2004-09-01 21:22:04 00/00    Supports function
"plugin_new_session_master"
2004-09-01 21:22:04 00/00    Loaded plugin garden
2004-09-01 21:22:04 00/00 Loading plugin from
/usr/lib/l2tpns/autothrottle.so
2004-09-01 21:22:04 00/00    Supports function "plugin_radius_response"
2004-09-01 21:22:04 00/00    Loaded plugin autothrottle
2004-09-01 21:22:04 00/00 Loading plugin from
/usr/lib/l2tpns/autosnoop.so
2004-09-01 21:22:04 00/00    Supports function "plugin_radius_response"
2004-09-01 21:22:04 00/00    Loaded plugin autosnoop
2004-09-01 21:22:04 00/00 L2TPNS version 2.0.1
2004-09-01 21:22:04 00/00 Copyright (c) 2003, 2004 Optus Internet
Engineering
2004-09-01 21:22:04 00/00 Copyright (c) 2002 FireBrick (Andrews & Arnold
Ltd / Watchfront Ltd) - GPL licenced
2004-09-01 21:22:04 00/00 Registered BGP route 203.98.5.218/32
2004-09-01 21:22:04 00/00 Set up on interface tun0
2004-09-01 21:22:04 00/00 Creating 64 sockets for RADIUS queries
2004-09-01 21:22:04 00/00 Adding IP address range 203.167.228.0/24
2004-09-01 21:22:04 00/00 Route add 203.167.228.0/255.255.255.0 0.0.0.0
2004-09-01 21:22:04 00/00 Registered BGP route 203.167.228.0/24
2004-09-01 21:22:04 00/00 IP address pool is 254 addresses
2004-09-01 21:22:04 00/00 State file is too old to read, ignoring
2004-09-01 21:22:04 00/00 Beginning of main loop. udpfd=8, tunfd=6,
cluster_sockfd=5, controlfd=10
2004-09-01 21:22:18 00/00 Master timed out! Holding election...
2004-09-01 21:22:18 00/00 I am declaring myself the master!
2004-09-01 21:22:18 00/00 Running iptables -t nat -N garden >/dev/null
2>&1
2004-09-01 21:22:18 00/00 Running iptables -t nat -F garden
2004-09-01 21:22:18 00/00 Running . /etc/l2tpns/build-garden
2004-09-01 21:22:18 00/00 Running iptables -t nat -N garden_users
>/dev/null 2>&1
2004-09-01 21:22:18 00/00 Running iptables -t nat -F garden_users
2004-09-01 21:22:18 00/00 Running iptables -t nat -A PREROUTING -j
garden_users
2004-09-01 21:22:18 00/00 Running sysctl -w
net.ipv4.ip_conntrack_max=256000 >/dev/null
2004-09-01 21:22:18 00/00 Warning: Fixed 49998 uninitialized sessions in
becoming master!
2004-09-01 21:22:18 00/00 Sending heartbeat #0 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:18 00/00 Begin regular cleanup
2004-09-01 21:22:18 00/00 End regular cleanup (0 actions), next in 10
seconds
2004-09-01 21:22:19 00/00 Sending heartbeat #1 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:19 00/00 Sending heartbeat #2 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:20 00/00 Sending heartbeat #3 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:20 00/00 Sending heartbeat #4 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:21 00/00 Sending heartbeat #5 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:21 00/00 Sending heartbeat #6 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:22 00/00 Sending heartbeat #7 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:22 00/00 Sending heartbeat #8 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-01 21:22:23 00/00 Sending heartbeat #9 with 0 changes (0 x-sess,
0 x-tunnels, 0 highsess, 0 hightun size 136)

Here is a dump from ifconfig;-

eth0      Link encap:Ethernet  HWaddr 00:08:02:A5:25:8A
          inet addr:203.98.5.218  Bcast:203.98.5.255  Mask:255.255.255.0
          inet6 addr: fe80::208:2ff:fea5:258a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:884352 errors:0 dropped:0 overruns:0 frame:0
          TX packets:379200 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:93674768 (89.3 Mb)  TX bytes:99442499 (94.8 Mb)

eth0:0    Link encap:Ethernet  HWaddr 00:08:02:A5:25:8A
          inet addr:203.167.253.98  Bcast:203.167.253.103 
Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

eth0:1    Link encap:Ethernet  HWaddr 00:08:02:A5:25:8A
          inet addr:10.0.0.151  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:31062 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31062 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1558135 (1.4 Mb)  TX bytes:1558135 (1.4 Mb)

tun0      Link encap:UNSPEC  HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:203.98.5.218  P-t-P:203.98.5.218 
Mask:255.255.255.255
          UP POINTOPOINT RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Looking forward to your responses, and thanks in advance for the help
and software.

Neil Fincham

Re: [l2tpns-users] A few l2tpns newbie questions.

From: David Parrish <david@dp...> - 2004-09-02 01:14

Attachments: Message as HTML

On Wed, Sep 01, 2004 at 11:12:26PM +1200, Neil Fincham wrote:
> 1. Does it work with the 2.6 kernels OK,  It seems to come up without
> complaint and creates the tun0 with no complaints.

I haven't tried it, but it should. In fact it should work much better on
2.6 under high load.

> 2. Do I set up the bind_address to the ip address I am expecting the
> tunnels on in the config file to an existing ip address on my box (One
> that is brought up using the network rc scripts) or do I not configure
> it that way and just use the tun0 connection?

The bind_address should be set to a separate address to eth0. If you want
to use the eth0 address, then don't set a bind_address at all.

> 3. Is there an easy way to simulate a full connection, I have used l2tpd
> to create a tunnel to it but that is about it, it does not try to
> authenticate or bring up a ppp connection or even talk to the radius
> server.  I even have a few windows boxes here if that helps.

That's about the best there is.

> 4. The authentication on the telnet does not seem to work, is there
> something I am missing?

Ermmm I don't think so. Can you "telnet localhost" if you remove everything
=66rom the users file?

--=20
Regards,
David Parrish

[l2tpns-users] More info on few l2tpns newbie questions.

From: Neil Fincham <neil@as...> - 2004-09-01 21:53

Hi All,

	I hope some else is actually subscribed to this list or I am just
talking to myself ;) .  Anyway I have been working on l2tpns in order to
get it to work for me and I have a few log files that you might find
more info in to help me.

	I have tried this with the latest tar ball version and the CVS
version.  I am useing l2tpd in order to build the tunnel and attempt to
bring up a ppp session.  I am also useing freeradius on the same machine
with connecting to a MySQL database.

	I did change one thing in the 2.0.1 version, I changed the lines;-  

#define RADPORT         1812            // old radius port...
#define RADAPORT        1813            // old radius accounting port

	To match my system useing the newer radius ports.  With the CVS version
I used the "set primary_radius_port 1812" option in the startup-config
file, I assume that achieves the same result (But I am not so sure about
the accounting port)

	After I have done all this and got it worked out I will right you a
good howto on this and see what I can do to help out with documentation,
as long as I can get it working this is the ideal solution for my
situation.

First thing I do is bring up the tunnel on the "client" with this
command;-

echo "t 203.98.5.218" > /var/run/l2tp-control

l2tpns seems to accept the tunnel fine, you can also see it via the
CLI.  Here are the relevant log entry's;-

2004-09-02 07:31:30 00/00 Sending heartbeat #239 with 0 changes (0
x-sess, 0 x-tunnels, 0 highsess, 0 hightun size 136)
2004-09-02 07:31:30 00/00 Begin regular cleanup
2004-09-02 07:31:30 00/00 End regular cleanup (0 actions), next in 10
seconds
2004-09-02 07:31:30 00/00 Control message (87 bytes): (unacked 0) l-ns 0
l-nr 0 r-ns 0 r-nr 0
2004-09-02 07:31:30 01/00 Assigning tunnel ID 1
2004-09-02 07:31:30 01/00    New tunnel from 203.97.89.226/1701 ID 1
2004-09-02 07:31:30 01/00    AVP 0 (Message Type) len 2
2004-09-02 07:31:30 01/00    Message type = 0 (SCCRQ)
2004-09-02 07:31:30 01/00    AVP 2 (Protocol Version) len 2
2004-09-02 07:31:30 01/00    Protocol version = 256
2004-09-02 07:31:30 01/00    AVP 3 (Framing Capabilities) len 4
2004-09-02 07:31:30 01/00    AVP 4 (Bearer Capabilities) len 4
2004-09-02 07:31:30 01/00    AVP 6 (Firmware Revision) len 2
2004-09-02 07:31:30 01/00    AVP 7 (Host Name) len 6
2004-09-02 07:31:30 01/00    Tunnel hostname = "eriwan"
2004-09-02 07:31:30 01/00    AVP 8 (Vendor Name) len 9
2004-09-02 07:31:30 01/00    Vendor name = "l2tpd.org"
2004-09-02 07:31:30 01/00    AVP 9 (Assigned Tunnel ID) len 2
2004-09-02 07:31:30 01/00    Remote tunnel id = 10406
2004-09-02 07:31:30 01/00    AVP 10 (Receive Window Size) len 2
2004-09-02 07:31:30 01/00    rx window = 4
2004-09-02 07:31:30 01/00 Control message (8 bytes): (unacked 1) l-ns 1
l-nr 1 r-ns 1 r-nr 1
2004-09-02 07:31:30 01/00    AVP 0 (Message Type) len 2
2004-09-02 07:31:30 01/00    Message type = 0 (SCCCN)
2004-09-02 07:31:30 00/00 Sending heartbeat #240 with 1 changes (0
x-sess, 1 x-tunnels, 0 highsess, 1 hightun size 270)

I then try to bring up a ppp connection like this;-

echo "h 10406" > /var/run/l2tp-control

And this is what l2tpns has to say about it;-

2004-09-02 07:32:33 00/00 Sending heartbeat #365 with 0 changes (0
x-sess, 1 x-tunnels, 0 highsess, 1 hightun size 203)
2004-09-02 07:32:33 01/00 Control message (36 bytes): (unacked 0) l-ns 1
l-nr 3 r-ns 3 r-nr 1
2004-09-02 07:32:33 01/00    AVP 0 (Message Type) len 2
2004-09-02 07:32:33 01/00    Message type = 0 (ICRQ)
2004-09-02 07:32:33 01/00    AVP 14 (Assigned Session ID) len 2
2004-09-02 07:32:33 01/00    assigned session = 8237
2004-09-02 07:32:33 01/00    AVP 15 (Call Serial Number) len 4
2004-09-02 07:32:33 01/00    call serial number = 1
2004-09-02 07:32:33 01/00    AVP 18 (Bearer Type) len 4
2004-09-02 07:32:33 01/00    bearer type = 0
2004-09-02 07:32:33 00/01 Allocated radius 1
2004-09-02 07:32:33 01/01 New session (10406/8237)
2004-09-02 07:32:33 01/01 Control message (38 bytes): (unacked 1) l-ns 2
l-nr 4 r-ns 4 r-nr 2
2004-09-02 07:32:33 01/01    AVP 0 (Message Type) len 2
2004-09-02 07:32:33 01/01    Message type = 0 (ICCN)
2004-09-02 07:32:33 01/01    AVP 24 (Tx Connect Speed) len 4
2004-09-02 07:32:33 01/01    TX connect speed <10000000>
2004-09-02 07:32:33 01/01    AVP 19 (Framing Type) len 4
2004-09-02 07:32:33 01/01    framing type = 1
2004-09-02 07:32:33 01/01    AVP 38 (Rx Connect Speed) len 4
2004-09-02 07:32:33 01/01    RX connect speed <10000000>
2004-09-02 07:32:33 01/01 Magic 413623D1 Flags 0
2004-09-02 07:32:33 01/01 Control message (45 bytes): (unacked 0) l-ns 2
l-nr 5 r-ns 5 r-nr 2
2004-09-02 07:32:33 01/01    AVP 0 (Message Type) len 2
2004-09-02 07:32:33 01/01    Message type = 0 (CDN)
2004-09-02 07:32:33 01/01    AVP 1 (Result Code) len 23
2004-09-02 07:32:33 01/01    Result Code 1: Call disconnected due to
loss of carrier
2004-09-02 07:32:33 01/01    Error Code 0: No general error
2004-09-02 07:32:33 01/01    Error String: Bad file descriptor
2004-09-02 07:32:33 01/01    AVP 14 (Assigned Session ID) len 2
2004-09-02 07:32:33 01/01    assigned session = 8237
2004-09-02 07:32:33 01/01 Shutting down session 1: Closed (Received CDN)
2004-09-02 07:32:33 01/01 Send RADIUS id 0 sock 1 state RADIUSSTOP try 1
2004-09-02 07:32:33 01/01 Control message (0 bytes): (unacked 1) l-ns 3
l-nr 6 r-ns 6 r-nr 3
2004-09-02 07:32:33 01/01    Got a ZLB ack
2004-09-02 07:32:33 01/01 Received RADIUSSTOP, radius 1 response for
session 1 (code 5, id 0)
2004-09-02 07:32:33 01/01    RADIUS accounting ack recv in state
RADIUSSTOP
2004-09-02 07:32:33 00/00 Sending heartbeat #366 with 2 changes (1
x-sess, 1 x-tunnels, 1 highsess, 1 hightun size 364)

And a little later in the log it says;-

2004-09-02 07:32:50 01/01 Kill session 1 (): Expired

There is no new ppp connection so I try to hangup useing;-

echo "h 10406" > /var/run/l2tp-control

The l2tpns log does not even notice this.

When I stop the client l2tpd daemon this appears in the l2tpns log;-

2004-09-02 07:37:48 00/00 Sending heartbeat #995 with 0 changes (1
x-sess, 1 x-tunnels, 1 highsess, 1 hightun size 220)
2004-09-02 07:37:48 01/00 Control message (34 bytes): (unacked 0) l-ns 4
l-nr 11 r-ns 11 r-nr 4
2004-09-02 07:37:48 01/00    AVP 0 (Message Type) len 2
2004-09-02 07:37:48 01/00    Message type = 0 (StopCCN)
2004-09-02 07:37:48 01/00    AVP 9 (Assigned Tunnel ID) len 2
2004-09-02 07:37:48 01/00    Remote tunnel id = 10406
2004-09-02 07:37:48 01/00    AVP 1 (Result Code) len 12
2004-09-02 07:37:48 01/00    Result Code 1: General request to clear
control connection
2004-09-02 07:37:48 01/00    Error Code 0: No general error
2004-09-02 07:37:48 01/00    Error String: Goodbye!
2004-09-02 07:37:48 01/00 Shutting down tunnel 1 (Stopped)
2004-09-02 07:37:48 01/00 Kill tunnel 1: Stopped
2004-09-02 07:37:48 00/00 Sending heartbeat #996 with 1 changes (1
x-sess, 1 x-tunnels, 1 highsess, 1 hightun size 177)

The radius log has this to say about the whole thing;-

Thu Sep  2 08:15:13 2004 : Error: rlm_sql: Stop packet with zero session
length.  (user '', nas '203.98.5.218')
Thu Sep  2 08:15:13 2004 : Error: rlm_radutmp: Logout for NAS localhost
port 1, but no Login record

And this is what is left in the radius accounting directory;-

Thu Sep  2 08:15:13 2004
        User-Name = ""
        Acct-Status-Type = Stop
        Acct-Session-Id = "0000000541362DD1"
        Acct-Input-Octets = 0
        Acct-Output-Octets = 0
        Acct-Session-Time = 0
        Acct-Input-Packets = 0
        Acct-Output-Packets = 0
        NAS-Port = 1
        NAS-IP-Address = 203.98.5.218
        Client-IP-Address = 203.98.5.218
        Acct-Unique-Session-Id = "ba24775cfba77b1a"
        Timestamp = 1094069713

Thanks for any help you can offer.

Neil Fincham

Re: [l2tpns-users] More info on few l2tpns newbie questions.

From: David Parrish <dparrish@gm...> - 2004-09-02 00:57

>         I hope some else is actually subscribed to this list or I am just
> talking to myself ;) .  Anyway I have been working on l2tpns in order to
> get it to work for me and I have a few log files that you might find
> more info in to help me.

I read it, but I'm not sure about anyone else...

>         To match my system useing the newer radius ports.  With the CVS version
> I used the "set primary_radius_port 1812" option in the startup-config
> file, I assume that achieves the same result (But I am not so sure about
> the accounting port)

That's right. The accounting port is automatically set to the auth port + 1

>         After I have done all this and got it worked out I will right you a
> good howto on this and see what I can do to help out with documentation,
> as long as I can get it working this is the ideal solution for my
> situation.

ooh documentation :)
There's a bit of doco in CVS, I'm not sure if you read it.

> 2004-09-02 07:31:30 01/00    AVP 0 (Message Type) len 2
> 2004-09-02 07:31:30 01/00    Message type = 0 (SCCCN)
> 2004-09-02 07:31:30 00/00 Sending heartbeat #240 with 1 changes (0
> x-sess, 1 x-tunnels, 0 highsess, 1 hightun size 270)

SCCCN is good.

> 2004-09-02 07:32:33 00/00 Sending heartbeat #365 with 0 changes (0
> x-sess, 1 x-tunnels, 0 highsess, 1 hightun size 203)
> 2004-09-02 07:32:33 01/00 Control message (36 bytes): (unacked 0) l-ns 1
> l-nr 3 r-ns 3 r-nr 1
> 2004-09-02 07:32:33 01/00    AVP 0 (Message Type) len 2
> 2004-09-02 07:32:33 01/00    Message type = 0 (ICRQ)
> 2004-09-02 07:32:33 01/00    AVP 14 (Assigned Session ID) len 2
> 2004-09-02 07:32:33 01/00    assigned session = 8237
> 2004-09-02 07:32:33 01/00    AVP 15 (Call Serial Number) len 4
> 2004-09-02 07:32:33 01/00    call serial number = 1
> 2004-09-02 07:32:33 01/00    AVP 18 (Bearer Type) len 4
> 2004-09-02 07:32:33 01/00    bearer type = 0
> 2004-09-02 07:32:33 00/01 Allocated radius 1
> 2004-09-02 07:32:33 01/01 New session (10406/8237)

At this point, l2tpns sends back an ICRP message (which is good).

> 2004-09-02 07:32:33 01/01 Control message (38 bytes): (unacked 1) l-ns 2
> l-nr 4 r-ns 4 r-nr 2
> 2004-09-02 07:32:33 01/01    AVP 0 (Message Type) len 2
> 2004-09-02 07:32:33 01/01    Message type = 0 (ICCN)
> 2004-09-02 07:32:33 01/01    AVP 24 (Tx Connect Speed) len 4
> 2004-09-02 07:32:33 01/01    TX connect speed <10000000>
> 2004-09-02 07:32:33 01/01    AVP 19 (Framing Type) len 4
> 2004-09-02 07:32:33 01/01    framing type = 1
> 2004-09-02 07:32:33 01/01    AVP 38 (Rx Connect Speed) len 4
> 2004-09-02 07:32:33 01/01    RX connect speed <10000000>
> 2004-09-02 07:32:33 01/01 Magic 413623D1 Flags 0

l2tpd has sent ICCN which means it thinks the l2tp session has been
created. It hasn't started any PPP negotiation yet.

> 2004-09-02 07:32:33 01/01 Control message (45 bytes): (unacked 0) l-ns 2
> l-nr 5 r-ns 5 r-nr 2
> 2004-09-02 07:32:33 01/01    AVP 0 (Message Type) len 2
> 2004-09-02 07:32:33 01/01    Message type = 0 (CDN)
> 2004-09-02 07:32:33 01/01    AVP 1 (Result Code) len 23
> 2004-09-02 07:32:33 01/01    Result Code 1: Call disconnected due to
> loss of carrier
> 2004-09-02 07:32:33 01/01    Error Code 0: No general error
> 2004-09-02 07:32:33 01/01    Error String: Bad file descriptor
> 2004-09-02 07:32:33 01/01    AVP 14 (Assigned Session ID) len 2
> 2004-09-02 07:32:33 01/01    assigned session = 8237

l2tpd (or pppd) has sent CDN (Call Disconnect) requesting the session
to close. It's also passing "Bad file descriptor" as the error
message, so I'm assuming the problem is in your client end.

> 2004-09-02 07:32:50 01/01 Kill session 1 (): Expired

That's just a cleanup message.

> There is no new ppp connection so I try to hangup useing;-
> 
> echo "h 10406" > /var/run/l2tp-control
> 
> The l2tpns log does not even notice this.

It shouldn't, because both ends should know that the session doesn't exist.

> When I stop the client l2tpd daemon this appears in the l2tpns log;-
> 
> 2004-09-02 07:37:48 01/00    Message type = 0 (StopCCN)

Excellent!

> The radius log has this to say about the whole thing;-
> 
> Thu Sep  2 08:15:13 2004 : Error: rlm_sql: Stop packet with zero session
> length.  (user '', nas '203.98.5.218')
> Thu Sep  2 08:15:13 2004 : Error: rlm_radutmp: Logout for NAS localhost
> port 1, but no Login record

I'd enable some more verbose debugging on l2tpd and pppd if you can,
because it *appears* that the problem is in there somewhere. l2tpns is
responding fine to the session creation and shutdown messages it's
getting.