MPD5.6 на FBSD9.0x64 ест память?

Help
user091118
2012-10-17
2013-03-27
1 2 > >> (Page 1 of 2)
  • user091118
    user091118
    2012-10-17

    после переноса системы с x86 на x64 на том же самом сервере
    (при этом никакие настройки в /usr/local/etc не менялись)

    up 27+22:36:15  15:56:36
    1205 root          2  20    0   147M 62136K select  1  35:27  0.00% mpd5
    это строка из top на x64
    за 27 дней 60MБ, каждый день увеличивается на 2-3МБ.
    при том что за несколько месяцев на x86 выше 20МБ никогда не поднималось.
    одновременных pptp сессий 150-200.

    при подключении pptp клиента выделенная память возрастает на несколько килобайт (от 4 до 200), при отключении не освобождается.

    [] show mem
       Type                              Count      Total
       ----                              -----      -----
       AUTH                                 17       2308
       BUND                                 13     101104
       CMD                                   4         74
       CMDL                                  8        227
       COMP                                  1         72
       CONSOLE                               4       5296
       CONSOLE.buckets                       1        248
       CONSOLE.gent                          2         32
       CRYPT                                 1         56
       EVENT                                57       7816
       LINK                                 25      45852
       PHYS                                 26       7024
       PHYS.buckets                          3       2424
       PHYS.gent                            11        176
       PPTP                                 36      17512
       RADIUS                                3         83
       RADSRV                                3         63
       WEB                                   3        360
       http_server                           1        112
       http_server.server_name               1         15
       http_server.vhosts                    1        216
       http_server.vhosts.buck               1        248
       http_server.vhosts.gent               1         16
       http_servlet_hook                     1         80
       http_virthost                         1         24
       http_virthost.host                    1          1
       typed_mem_stats                       1        864
                                         -----      -----
       Totals                              227     192303
    [] show mem
       Type                              Count      Total
       ----                              -----      -----
       AUTH                                 16       2108
       BUND                                 12      92800
       CMD                                   4         74
       CMDL                                  8        227
       COMP                                  1         72
       CONSOLE                               4       5296
       CONSOLE.buckets                       1        248
       CONSOLE.gent                          2         32
       CRYPT                                 1         56
       EVENT                                53       7368
       LINK                                 23      42160
       PHYS                                 24       6488
       PHYS.buckets                          3       2424
       PHYS.gent                            10        160
       PPTP                                 33      16064
       RADIUS                                3         83
       RADSRV                                3         63
       WEB                                   3        360
       http_server                           1        112
       http_server.server_name               1         15
       http_server.vhosts                    1        216
       http_server.vhosts.buck               1        248
       http_server.vhosts.gent               1         16
       http_servlet_hook                     1         80
       http_virthost                         1         24
       http_virthost.host                    1          1
       typed_mem_stats                       1        864
                                         -----      -----
       Totals                              213     177659
    

    а тут как раз все строго, клиент отключился - память освободилась.
    можно повторить подключение/отключение несколько раз, в show mem будет чередоваться 227 / 192303 и 213 / 177659,
    а в top растет постоянно.
    это глюк? или ЧЯДНТ?

     
  • user091118
    user091118
    2012-10-17

    startup:
        set user administrator 8Tnxv0ekkz0mBno2 admin
        set user guest qj6FHfM8xM4be2Ma user
        set console open
        set web self 0.0.0.0 5006
        set web open
        set radsrv self 127.0.0.1 3799
        set radsrv peer 127.0.0.1 0000
        set radsrv open
        set global startrule 21001
    default:
        load pptp_server
    pptp_server:
        create bundle template B1
        set iface enable tcpmssfix
        set iface disable on-demand
        set iface enable proxy-arp
        set ipcp ranges 169.254.0.0/32 0.0.0.0/0
        set bundle fsm-timeout 1
        set bundle yes compression
        set bundle no encryption
        set bundle no ipv6cp
        set ccp yes mppc
        set mppc no compress
        set mppc yes e40
        set mppc yes e56
        set mppc yes e128
        set mppc yes stateless
        set mppc enable policy
        create link template L1 pptp
        set link action bundle B1
        set link enable passive
        set link enable multilink
        set link fsm-timeout 1
        set link keep-alive 15 50
        set link no pap
        set link yes chap
        set link no eap
        set link enable keep-ms-domain
        set link enable peer-as-calling
        set auth disable internal
        set auth max-logins 0 CI
        load radius
        set pptp self 0.0.0.0
        set link enable incoming
    radius:
        set radius server 127.0.0.1 0000 1812 1813
        set radius retries 2
        set radius timeout 2
        set radius me 127.0.0.1
        set auth acct-update 200
        set auth enable radius-auth
        set auth enable radius-acct
        set radius enable message-authentic
    
     
  •   590 root        1  52    0   179M 70948K select  6  81.9H  2.59% mpd5

    # uptime
    12:52PM  up 72 days, 18:56, 1 user, load averages: 1.30, 1.43, 1.39

    # ifconfig -lu | wc -w
         677

    Буду смотреть.

    Используешь ли ipfw или radsrv ?

     
  • В догонку. А какую роль играет на pptp соединениях proxy arp ?

     
  • user091118
    user091118
    2012-10-18

    ipfw используется через передачу атрибутов mpd-rule для некоторых юзеров.
    radsrv пока только слушает на 3799 и никак не используется.

    а proxy-arp по прямому назначению - когда адреса на ng* находятся в одной подсети с ethernet интерфейсом

     
  • Можно ли попробовать запустить mpd с отключенным radsrv? Просто пытаюсь найти, в каком именно модуле mpd течет память.
    Какая версия mpd ?
    Очень странно, но я не вижу типа памяти "IPFW". Можно ли привести примеры IPFW ACL ?

     
  • user091118
    user091118
    2012-10-19

    mpd5.6 из портов

    set radsrv close
    не перезапуская mpd достаточно?

    вот в данный момент

    show mem
       Type                              Count      Total
       ----                              -----      -----
       AUTH                                488      40426
       BUND                                168    1388224
       CMD                                   4         74
       CMDL                                  8        227
       COMP                                  1         72
       CONSOLE                               4       5296
       CONSOLE.buckets                       1        248
       CONSOLE.gent                          2         32
       CRYPT                                 1         56
       EVENT                               676      77144
       IFACE                                11        440
       LINK                                335     618112
       PHYS                                336      90104
       PHYS.buckets                          3       2424
       PHYS.gent                           166       2656
       PPTP                                501     241952
       RADIUS                                3         83
       RADSRV                                3         63
       WEB                                   3        360
       http_server                           1        112
       http_server.server_name               1         15
       http_server.vhosts                    1        216
       http_server.vhosts.buck               1        248
       http_server.vhosts.gent               1         16
       http_servlet_hook                     1         80
       http_virthost                         1         24
       http_virthost.host                    1          1
       typed_mem_stats                       1        896
                                         -----      -----
       Totals                             2723    2469601
    
    ipfw show 21001-28999
    21001      113      16935 allow tcp from any to 81.177.14.202 dst-port 25,110 via ng38
    21002        0          0 allow udp from any to 217.175.140.73 dst-port 55777 via ng42
    21003        0          0 allow tcp from any to 81.177.14.203 dst-port 25,110 via ng149
    21004        0          0 allow tcp from any to 212.248.34.100 dst-port 443 via ng71
    21005        0          0 allow tcp from any to 193.164.146.18 dst-port 25 via ng71
    21006        0          0 allow tcp from any to 193.164.146.13 dst-port 110 via ng71
    21007        0          0 allow tcp from any to 194.186.206.25 dst-port 1352 via ng71
    21008        0          0 allow tcp from any to 193.164.146.5 dst-port 443 via ng71
    21009        0          0 allow tcp from any to 212.45.6.133 dst-port 443 via ng98
    21010      293      18467 allow tcp from any to 217.12.97.58 dst-port 2000 via ng98
    21011      461      68249 allow udp from any to 194.186.207.189 dst-port 87 via ng67
    

    правила ipfw нормально добавляются, при отключении удаляются.
    добавляются передачей радиус, например
    mpd-rule += "1=allow udp from any to 217.175.140.73 dst-port 55777",

    кстати, уже
    1205 root          2  20    0   148M 67520K select  2  38:00  0.00% mpd5
    еще +5МБ

     
  • Можно ли увидеть логи +iface2 +radius2 ?
    Можно ли временно процесс создания правил ipfw перенести в скрипты iface-up и iface-down ?

     
  • user091118
    user091118
    2012-10-19

    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] Accepting PPTP connection
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] Link: OPEN event
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: Open event
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: state change Initial --> Starting
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: LayerStart
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] PPTP: attaching to peer's outgoing call
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] Link: UP event
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: Up event
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: state change Starting --> Req-Sent
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: SendConfigReq #1
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MRU 1500
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MAGICNUM fe9ac7a1
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   AUTHPROTO CHAP MSOFTv2
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MP MRRU 2048
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MP SHORTSEQ
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [802.1] 10 bf 48 e3 70 61
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: rec'd Configure Request #0 (Req-Sent)
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MRU 1400
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MAGICNUM 08a16620
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   CALLBACK 6
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MP MRRU 1614
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [LOCAL] e9 f2 cd d7 c4 7e 48 1d 87 0c 47 55 15 b7 06 e0 00 00 0
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: SendConfigRej #0
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   CALLBACK 6
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: rec'd Configure Request #1 (Req-Sent)
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MRU 1400
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MAGICNUM 08a16620
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MP MRRU 1614
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [LOCAL] e9 f2 cd d7 c4 7e 48 1d 87 0c 47 55 15 b7 06 e0 00 00 0
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: SendConfigAck #1
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MRU 1400
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MAGICNUM 08a16620
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   MP MRRU 1614
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [LOCAL] e9 f2 cd d7 c4 7e 48 1d 87 0c 47 55 15 b7 06 e0 00 00 0
    Oct 19 11:44:57 fbsd120918 mpd: [L1-9] LCP: state change Req-Sent --> Ack-Sent
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: SendConfigReq #2
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MRU 1500
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MAGICNUM fe9ac7a1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   AUTHPROTO CHAP MSOFTv2
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MP MRRU 2048
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MP SHORTSEQ
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [802.1] 10 bf 48 e3 70 61
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: rec'd Configure Reject #2 (Ack-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MP SHORTSEQ
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: SendConfigReq #3
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MRU 1500
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MAGICNUM fe9ac7a1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   AUTHPROTO CHAP MSOFTv2
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MP MRRU 2048
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [802.1] 10 bf 48 e3 70 61
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: rec'd Configure Ack #3 (Ack-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   ACFCOMP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   PROTOCOMP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MRU 1500
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MAGICNUM fe9ac7a1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   AUTHPROTO CHAP MSOFTv2
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MP MRRU 2048
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   ENDPOINTDISC [802.1] 10 bf 48 e3 70 61
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: state change Ack-Sent --> Opened
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: auth: peer wants nothing, I want CHAP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] CHAP: sending CHALLENGE #1 len: 21
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: LayerUp
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: rec'd Ident #2 (Opened)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MESG: MSRASV5.20
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: rec'd Ident #3 (Opened)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   MESG: MSRAS-0-R113-03S
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] CHAP: rec'd RESPONSE #1 len: 62
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9]   Name: "DPPR\MVI"
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] AUTH: Trying RADIUS
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Authenticating user 'DPPR\MVI'
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Adding server 127.0.0.1 1812
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_IDENTIFIER: fbsd120918.srv.lan
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_IP_ADDRESS: 127.0.0.1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put Message Authenticator
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_SESSION_ID: 647098-L1-9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_PORT: 9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_PORT_TYPE: 5
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_SERVICE_TYPE: RAD_FRAMED
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_FRAMED_PROTOCOL: RAD_PPP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_CALLING_STATION_ID: 192.168.65.24
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_CALLED_STATION_ID: 
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_LINK: L1-9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_PEER_IDENT: MSRASV5.20 MSRAS-0-R113-03S
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_TYPE: 1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_MEDIUM_TYPE: 1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_SERVER_ENDPOINT: 192.168.69.30
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_CLIENT_ENDPOINT: 192.168.65.24
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_SERVER_AUTH_ID: fbsd120918.srv.lan
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_USER_NAME: DPPR\MVI
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MICROSOFT_MS_CHAP_CHALLENGE
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MICROSOFT_MS_CHAP2_RESPONSE
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Send request for user 'DPPR\MVI'
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Sending request for user 'DPPR\MVI'
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'DPPR\MVI'
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_FRAMED_POOL: p5 
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get (RAD_FRAMED_PROTOCOL: 1)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Dropping attribute: 62 
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get (RAD_SERVICE_TYPE: 2)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_MICROSOFT_MS_MPPE_RECV_KEY
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_MICROSOFT_MS_MPPE_SEND_KEY
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_MICROSOFT_MS_CHAP2_SUCCESS: S=C7EE60D6A3BD0DA7556D2C3CEBF9227368B0C05F
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_MICROSOFT_MS_CHAP_DOMAIN: ^ADPPR
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY: 1 (Allowed)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES: 0 (no encryption required)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_USER_NAME: MVI@dppr.local 
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Get RAD_FRAMED_IP_ADDRESS: 172.19.5.2 
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] AUTH: RADIUS returned: authenticated
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] CHAP: Auth return status: authenticated
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] CHAP: Reply message: S=C7EE60D6A3BD0DA7556D2C3CEBF9227368B0C05F
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] CHAP: sending SUCCESS #1 len: 46
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] LCP: authorization successful
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] Link: Matched action 'bundle "B1" ""'
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] Creating new bundle using template "B1".
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] Bundle: Interface ng8 created
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] Link: Join bundle "B1-9"
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IFACE: setting ng8 MTU to 1500 bytes
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] Bundle: Status update: up 1 link, total bandwidth 64000 bps
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: Open event
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: state change Initial --> Starting
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: LayerStart
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: Open event
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: state change Initial --> Starting
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: LayerStart
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: Up event
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: state change Starting --> Req-Sent
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: SendConfigReq #1
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 169.254.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: Up event
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: Protocol mppc disabled as useless for this setup
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: state change Starting --> Req-Sent
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Accounting user 'MVI@dppr.local' (Type: 1)
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Adding server 127.0.0.1 1813
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_IDENTIFIER: fbsd120918.srv.lan
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_IP_ADDRESS: 127.0.0.1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_SESSION_ID: 647098-L1-9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_PORT: 9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_PORT_TYPE: 5
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_SERVICE_TYPE: RAD_FRAMED
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_FRAMED_PROTOCOL: RAD_PPP
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_CALLING_STATION_ID: 192.168.65.24
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_CALLED_STATION_ID: 
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_LINK: L1-9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_PEER_IDENT: MSRASV5.20 MSRAS-0-R113-03S
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_TYPE: 1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_MEDIUM_TYPE: 1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_SERVER_ENDPOINT: 192.168.69.30
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_CLIENT_ENDPOINT: 192.168.65.24
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_SERVER_AUTH_ID: fbsd120918.srv.lan
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_START
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_FRAMED_IP_ADDRESS: 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_USER_NAME: MVI@dppr.local
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_MULTI_SESSION_ID: 647098-B1-9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_BUNDLE: B1-9
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_IFACE: ng8
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_IFACE_INDEX: 17
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_PEER_IDENT: MSRASV5.20 MSRAS-0-R113-03S
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_LINK_COUNT: 1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_AUTHENTIC: 1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Send request for user 'MVI@dppr.local'
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: rec'd Configure Request #4 (Req-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   MPPC
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]     0x01000001:MPPC, stateless
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: SendConfigRej #4
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   MPPC
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]     0x01000001:MPPC, stateless
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: rec'd Configure Request #5 (Req-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]     NAKing with 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   PRIDNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   PRINBNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   SECDNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   SECNBNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: SendConfigRej #5
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   PRIDNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   PRINBNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   SECDNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   SECNBNS 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: rec'd Configure Reject #1 (Req-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: SendConfigReq #2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 169.254.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: rec'd Configure Ack #1 (Req-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: state change Req-Sent --> Ack-Rcvd
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Request #6 (Ack-Rcvd)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: state change Ack-Rcvd --> Req-Sent
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] CCP: SendTerminateAck #2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: rec'd Configure Request #7 (Req-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 0.0.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]     NAKing with 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: SendConfigNak #7
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: rec'd Configure Ack #2 (Req-Sent)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 169.254.0.0
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: state change Req-Sent --> Ack-Rcvd
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: rec'd Configure Request #8 (Ack-Rcvd)
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]     172.19.5.2 is OK
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: SendConfigAck #8
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   IPADDR 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: state change Ack-Rcvd --> Opened
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IPCP: LayerUp
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9]   169.254.0.0 -> 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IFACE: Connecting tcpmssfix
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IFACE: Add address 169.254.0.0/32->172.19.5.2 to ng8
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IFACE: No interface to proxy arp on for 172.19.5.2
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IFACE: Up event
    Oct 19 11:44:58 fbsd120918 mpd: [B1-9] IFACE: Change interface flags: -0 +1
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Sending request for user 'MVI@dppr.local'
    Oct 19 11:44:58 fbsd120918 mpd: [L1-9] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'MVI@dppr.local'
    Oct 19 11:44:59 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #3
    Oct 19 11:45:00 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Request #9 (Req-Sent)
    Oct 19 11:45:00 fbsd120918 mpd: [B1-9] CCP: SendTerminateAck #4
    Oct 19 11:45:00 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #5
    Oct 19 11:45:01 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #6
    Oct 19 11:45:02 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #7
    Oct 19 11:45:02 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #7 (Req-Sent)
    Oct 19 11:45:03 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #8
    Oct 19 11:45:03 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #8 (Req-Sent)
    Oct 19 11:45:04 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #9
    Oct 19 11:45:04 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #9 (Req-Sent)
    Oct 19 11:45:05 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #10
    Oct 19 11:45:05 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #10 (Req-Sent)
    Oct 19 11:45:06 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #11
    Oct 19 11:45:06 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #11 (Req-Sent)
    Oct 19 11:45:07 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #12
    Oct 19 11:45:07 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #12 (Req-Sent)
    Oct 19 11:45:08 fbsd120918 mpd: [B1-9] CCP: SendConfigReq #13
    Oct 19 11:45:08 fbsd120918 mpd: [B1-9] CCP: rec'd Terminate Ack #13 (Req-Sent)
    Oct 19 11:45:09 fbsd120918 mpd: [B1-9] CCP: parameter negotiation failed
    Oct 19 11:45:09 fbsd120918 mpd: [B1-9] CCP: state change Req-Sent --> Stopped
    Oct 19 11:45:09 fbsd120918 mpd: [B1-9] CCP: LayerFinish
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] LCP: rec'd Terminate Request #10 (Opened)
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] LCP: state change Opened --> Stopping
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] Link: Leave bundle "B1-9"
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Accounting user 'MVI@dppr.local' (Type: 2)
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Adding server 127.0.0.1 1813
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IFACE: setting ng8 MTU to 1500 bytes
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_IDENTIFIER: fbsd120918.srv.lan
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_IP_ADDRESS: 127.0.0.1
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] Bundle: Status update: up 0 links, total bandwidth 9600 bps
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: Close event
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: state change Opened --> Closing
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: SendTerminateReq #3
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_SESSION_ID: 647098-L1-9
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_PORT: 9
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_NAS_PORT_TYPE: 5
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_SERVICE_TYPE: RAD_FRAMED
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_FRAMED_PROTOCOL: RAD_PPP
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_CALLING_STATION_ID: 192.168.65.24
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_CALLED_STATION_ID: 
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_LINK: L1-9
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: LayerDown
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IFACE: Remove address 169.254.0.0/32->172.19.5.2 from ng8
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_PEER_IDENT: MSRASV5.20 MSRAS-0-R113-03S
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_TYPE: 1
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_MEDIUM_TYPE: 1
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_SERVER_ENDPOINT: 192.168.69.30
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_CLIENT_ENDPOINT: 192.168.65.24
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_TUNNEL_SERVER_AUTH_ID: fbsd120918.srv.lan
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_FRAMED_IP_ADDRESS: 172.19.5.2
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_USER_NAME: MVI@dppr.local
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_MULTI_SESSION_ID: 647098-B1-9
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_BUNDLE: B1-9
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_IFACE: ng8
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_IFACE_INDEX: 17
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_MPD_PEER_IDENT: MSRASV5.20 MSRAS-0-R113-03S
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_LINK_COUNT: 1
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_AUTHENTIC: 1
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_STATUS_TYPE: RAD_STOP
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_TERMINATE_CAUSE: Peer disconnect, RADIUS: 1
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_SESSION_TIME: 16
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_INPUT_OCTETS: 1007
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_INPUT_GIGAWORDS: 0
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_INPUT_PACKETS: 22
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_OUTPUT_OCTETS: 375
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_OUTPUT_GIGAWORDS: 0
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Put RAD_ACCT_OUTPUT_PACKETS: 21
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Send request for user 'MVI@dppr.local'
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IFACE: Down event
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IFACE: Change interface flags: -4097 +0
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] CCP: Close event
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] CCP: state change Stopped --> Closed
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: Down event
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: LayerFinish
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] Bundle: No NCPs left. Closing links...
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] IPCP: state change Closing --> Initial
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] CCP: Down event
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] CCP: state change Closed --> Initial
    Oct 19 11:45:13 fbsd120918 mpd: [B1-9] Bundle: Shutdown
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] LCP: SendTerminateAck #4
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] LCP: LayerDown
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Sending request for user 'MVI@dppr.local'
    Oct 19 11:45:13 fbsd120918 mpd: [L1-9] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'MVI@dppr.local'
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] LCP: state change Stopping --> Stopped
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] LCP: LayerFinish
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] PPTP call terminated
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] Link: DOWN event
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] LCP: Close event
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] LCP: state change Stopped --> Closed
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] LCP: Down event
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] LCP: state change Closed --> Initial
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] Link: SHUTDOWN event
    Oct 19 11:45:14 fbsd120918 mpd: [L1-9] Link: Shutdown
    

    убрать ipfw можно, напр в выходной попробую.
    но там всего для 10-15 юзеров заданы эти правила
    а память растет для всех.

     
  • user091118
    user091118
    2012-10-19

    кстати, а вот более простой пример:

    система x64
    FreeBSD 9.0-RELEASE-p3 (GENERIC) #0: Tue Jun 12 02:52:29 UTC 2012

    конфиг mpd5.6, без радиуса

    startup:
        set console close
        set web close
        log -all
    default:
        load pptp_server
    pptp_server:
        create bundle template B1
        set iface enable tcpmssfix
        set iface disable on-demand
        set iface enable proxy-arp
        set ipcp ranges 169.254.0.0/32 172.24.0.0/16
        set bundle fsm-timeout 1
        set bundle yes compression
        set bundle no encryption
        set bundle no ipv6cp
        set ccp yes mppc
        set mppc no compress
        set mppc yes e40
        set mppc yes e56
        set mppc yes e128
        set mppc yes stateless
        set mppc enable policy
        create link template L1 pptp
        set link action bundle B1
        set link enable passive
        set link enable multilink
        set link fsm-timeout 1
        set link keep-alive 15 50
        set link no pap
        set link yes chap
        set link no eap
        set link enable keep-ms-domain
        set link enable peer-as-calling
        set auth enable internal
        set auth max-logins 0 CI
        set pptp self 0.0.0.0
        set link enable incoming
    

    mpd.secret

    user1   passw1
    user2   passw2
    user3   passw3
    

    sockstat | grep mpd

    root     mpd5       23039 3  dgram  -> /var/run/logpriv
    root     mpd5       23039 19 tcp4   *:1723                *:*
    

    клиент с Windows подключается и сразу отключается несколько раз подряд

    top

    23039 root        1  30    0 41664K  3708K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 45888K  4584K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 50112K  4780K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 54336K  4968K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 58560K  5152K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 62784K  5336K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 66880K  5508K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 70976K  5684K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 75072K  5804K select  0   0:00  0.00% mpd5
    23039 root        1  20    0 75072K  5904K select  0   0:00  0.00% mpd5
    

    растет с каждым подключением!

     
  • Oct 19 11:44:58 fbsd120918 mpd:  IFACE: Add address 169.254.0.0/32->172.19.5.2 to ng8
    Oct 19 11:44:58 fbsd120918 mpd:  IFACE: No interface to proxy arp on for 172.19.5.2

    Какой смысл в опции proxy-arp ?

    Oct 19 11:44:58 fbsd120918 mpd:  RADIUS: Dropping attribute: 62
    Что это за аттрибут?

     
  • Вдогонку: Очень странно выглядит значение аттрибута RAD_MICROSOFT_MS_CHAP_DOMAIN

     
  • Статистика `show mem` была специально предусмотрена для поиска утечет памяти в mpd. Если она не показывает утечки, то вероятно она происходит где-то в стороннем коде. Как возможны варианты могут быть libradius, libthr (порождение и разрушение нитей авторизации/аккаунтинга) и многое другое. К сожалению поиск утечек процесс нетривиальный. По скольку утечки не фиксировались до момента миграции, я могу предполоить что что-то могло пойти не так. Убедитесь что вы пересобрали _все_ программное обеспечение и все библиотеки. Хотя 64битные приложения не могут работаь с 32битными библиотеками, кто может знать все возможные комбинации…

     
  • user091118
    user091118
    2012-10-23

    2 amotin:

    миграция заключась в
    dd if=/dev/zero of=/dev/ada0
    новая установка FreeBSD x64
    новая сборка/установка приложений, т.е. кроме конфигов в /usr/local/etc ничего от x86 не осталось

    2 dmitryluhtionov:
    Oct 23 09:16:19 fbsd120918 mpd:  IPCP: LayerUp
    Oct 23 09:16:19 fbsd120918 mpd:    169.254.0.0 -> 217.111.111.155
    Oct 23 09:16:19 fbsd120918 mpd:  IFACE: Connecting tcpmssfix
    Oct 23 09:16:19 fbsd120918 mpd:  IFACE: Add address 169.254.0.0/32->217.111.111.155 to ng8
    Oct 23 09:16:19 fbsd120918 mpd:  exec: /usr/sbin/arp -S 217.111.111.155 10:bf:11:11:11:11 pub
    Oct 23 09:16:19 fbsd120918 mpd:  IFACE: Up event

    а здесь proxy-arp очень даже нужно

    RAD_MICROSOFT_MS_CHAP_DOMAIN
    это freeradius получает в таком виде от MS IAS
    и 62 атрибут это тоже от MS IAS (видимо установка "Do not allow multilink connections")

     
  • Можно ли увидеть логи CoA запросов. В приведенных логах вижу только стандартные радиус пакеты.

     
  • user091118
    user091118
    2012-12-14

    CoA нет,
    встроенный радиус отключил

    это не помогло
    17555 root          2  20    0   181M    99M select  2  65:15  0.00% mpd5

    есть, конечно, труЪ решение :)
    0 0 1 * * root /usr/local/etc/rc.d/mpd5 restart
    в cron

     
  • Попробуй последнюю версию из CVS.

     
  • Я понимаю, что это фантастика, но тем не менее.

    root@117-12:/home/mitya # uptime
    10:34AM  up 132 days, 17:38, 1 user, load averages: 2.01, 1.43, 1.29
    root@117-12:/home/mitya # uname -a
    FreeBSD 117-12.cabletv.dp.ua 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0: Mon Aug  6 15:36:14 EEST 2012     mitya@117-12.cabletv.dp.ua:/usr/src/sys/amd64/compile/vpn8-12  amd64
    root@117-12:/home/mitya #

      PID USERNAME  THR PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND
      590 root        1  52    0   257M   113M select  0 174.7H  2.78% mpd5

    При этом используется radius, ng_bpf, ng_car

    Надо искать различия между нашими машинами

     
  • user091118
    user091118
    2012-12-17

    последнюю версию mpd или OC? mpd и так последняя 5.6

    системы у нас различаются
    FreeBSD fbsd120918.srv.lan 9.0-RELEASE-p4 FreeBSD 9.0-RELEASE-p4 #0: Tue Sep 18 15:48:27 UTC 2012     root@fbsd120423.srv.lan:/usr/obj/usr/src/sys/KRN120423  amd64

    а у тебя netgraph и т.п. в ядро вкомпилен?

     
  • mpd бери последнюю версию из CVS

    netgraph в ядре, а не в виде модулей

     
  • user091118
    user091118
    2012-12-18

    590 root        1  52    0   179M 70948K select  6  81.9H  2.59% mpd5
      590 root        1  52    0   257M   113M select  0 174.7H  2.78% mpd5
    у тебя тоже растет

    и еще дико извиняюсь)) но при сборке версии из CVS пишет:

    5:33:08 /mpd> make
    ERROR: Please specify TAG in environment
    *** Error code 1
    Stop in /mpd.
    

    какое значение должно быть у TAG?

     
  • Ээээ…
    Зайди в каталог src
    набери ./configure
    потом make
    потом make install

     
  • user091118
    user091118
    2012-12-19

    начал с
    99255 root          2  26    0 71232K  6304K select  0   0:00  0.00% mpd5
    дальше жду.

    кстати, а почему "экзешник" mpd5 такой большой по сравнению с 5.6?
    2682335 против 649352

     
  • Вероятно просто потому что не strip'аный (с отладочной информацией).

     
  • strip ему сделать надо

     
1 2 > >> (Page 1 of 2)