Hi,
I see many messages like:
Dec 18 08:27:25 mpd2 kernel: ng_mppc_decompress: too many (4092) packets dropped, disabling node 0xffffff00385bd400!
Dec 18 08:27:25 mpd2 kernel:
in the logs, any idea how to solve that?
Sody
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
netgraph mppc and mpd that come in the freebsd and the ports is implementation of the properietary ?
the link u gave me last updated 2007, should i use it in production fbsd-R8.2-p4??
what other people do?
Sami
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
MPPC compression algorithm is indeed patented in US and so not included into the base system. Referenced library fills that gap and should still work fine. But all that is not related to your problem. :)
Message you see, supposed to be caused by too many sequential packet drops. I have seen such reports before, but difficult to say what was the reason. I assume it may happen because of packet reorder on a link. Packet counter in MPPC is 12 bit long, so difference of -4 looks more probable to me then difference 4092. Probably some check could be inserted there (into ng_mppc kernel module) to try to handle it. Another workaround could be in enabling multilink PPP. Multilink has own fragment counters and it should protect from reordering.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi amotin,
Thanks for your replay, i enabled multilink, here is my pptp/l2tp config (its same just change ppt2p<==>l2tp):
pptp_server:
# Define dynamic IP address pool.
set ippool add pool1 1.2.3.5 1.2.3.10
# Create clonable bundle template named B
create bundle template B
set iface enable proxy-arp
set iface idle 0
set iface enable tcpmssfix
set ipcp yes vjcomp
# Specify IP address pool for dynamic assigment.
set ipcp ranges 1.2.4.5/32 ippool pool1
set ipcp dns 8.8.4.4 8.8.8.8
set ipcp nbns 0.0.0.0
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e56
set mppc yes e128
set mppc yes stateless
# Create clonable link template named L
create link template L pptp
# Set bundle template to use
set link action bundle B
# Multilink adds some overhead, but gives full 1500 MTU.
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap eap
set link enable chap pap
# We can use use RADIUS authentication/accounting by including
# another config section with label 'radius'.
load radius
set link keep-alive 10 60
# We reducing link mtu to avoid GRE packet fragmentation.
set link mtu 1460
# Configure PPTP
set pptp self 1.2.4.5
# Allow to accept calls
set link enable incoming
please advise me what to do…
Sami
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
is default pptp connection from windows has multilink?, most routers i guess don't support multilink….
how can we improve the 12 bit counter? is it possible?
I asked this question on another forum but got no answer, what is the best server configuration (fbsd version, kernel options, and so on….) to get best performance for pptp/l2tp server.
Sami
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I see many messages like:
Dec 18 08:27:25 mpd2 kernel: ng_mppc_decompress: too many (4092) packets dropped, disabling node 0xffffff00385bd400!
Dec 18 08:27:25 mpd2 kernel:
in the logs, any idea how to solve that?
Sody
mppc is proprietary protocol.
if you want - get it's free realization: http://www.mavhome.dp.ua/MPPC/
Hi,
netgraph mppc and mpd that come in the freebsd and the ports is implementation of the properietary ?
the link u gave me last updated 2007, should i use it in production fbsd-R8.2-p4??
what other people do?
Sami
MPPC compression algorithm is indeed patented in US and so not included into the base system. Referenced library fills that gap and should still work fine. But all that is not related to your problem. :)
Message you see, supposed to be caused by too many sequential packet drops. I have seen such reports before, but difficult to say what was the reason. I assume it may happen because of packet reorder on a link. Packet counter in MPPC is 12 bit long, so difference of -4 looks more probable to me then difference 4092. Probably some check could be inserted there (into ng_mppc kernel module) to try to handle it. Another workaround could be in enabling multilink PPP. Multilink has own fragment counters and it should protect from reordering.
Hi amotin,
Thanks for your replay, i enabled multilink, here is my pptp/l2tp config (its same just change ppt2p<==>l2tp):
pptp_server:
# Define dynamic IP address pool.
set ippool add pool1 1.2.3.5 1.2.3.10
# Create clonable bundle template named B
create bundle template B
set iface enable proxy-arp
set iface idle 0
set iface enable tcpmssfix
set ipcp yes vjcomp
# Specify IP address pool for dynamic assigment.
set ipcp ranges 1.2.4.5/32 ippool pool1
set ipcp dns 8.8.4.4 8.8.8.8
set ipcp nbns 0.0.0.0
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e56
set mppc yes e128
set mppc yes stateless
# Create clonable link template named L
create link template L pptp
# Set bundle template to use
set link action bundle B
# Multilink adds some overhead, but gives full 1500 MTU.
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap eap
set link enable chap pap
# We can use use RADIUS authentication/accounting by including
# another config section with label 'radius'.
load radius
set link keep-alive 10 60
# We reducing link mtu to avoid GRE packet fragmentation.
set link mtu 1460
# Configure PPTP
set pptp self 1.2.4.5
# Allow to accept calls
set link enable incoming
please advise me what to do…
Sami
Just note that multilink should be enabled on both sides to really work.
Hi,
is default pptp connection from windows has multilink?, most routers i guess don't support multilink….
how can we improve the 12 bit counter? is it possible?
I asked this question on another forum but got no answer, what is the best server configuration (fbsd version, kernel options, and so on….) to get best performance for pptp/l2tp server.
Sami