README

Overview
--------
The ACCEL-PPP v1.0 is completly new implementation of PPTP/PPPoE/L2TP which was written from scratch.
Userspace daemon has its own PPP implementation, so it does not uses pppd and one process (multi-threaded) manages all connections.
ACCEL-PPP uses only kernel-mode implementations of pptp/l2tp/pppoe.


Features
--------
1.  Modular architecture
2.  High-performance multi-threaded I/O core
3.  Supported PPTP
4.  Supported PPPoE (including TR-101 extension)
5.  Supported L2TPv2 (without IPsec)
5.  Radius authentication/accounting
6.  Radius DM/CoA extention
7.  Supported authentication types: PAP, CHAP (md5), Microsoft CHAP Extentions (including version 2), not supported - EAP
8.  Supported MPPE
9.  Compression is not supported
10. Extensible logging engine with per session logging support, implemented log to file, log to remote host and log to PostgreSQL targets
11. Extensible user/password database, implemented Radius, pppd compatible chap-secrets sources
12. Extensible IP pool, implemented Radius, chap-secrets and static pools
13. Supported pppd compatible ip-up/ip-down scripts
14. Builtin tbf/htb shaper manager
15. Command line interface via telnet
16. SNMP support (master or subagent via AgentX)


Requirment
----------
1. modern linux distribution
2. kernel-2.6.25 or later
4. cmake-2.6 or later
5. libnl-2.0 or probably later (required for builtin shaper)
6. libcrypto-0.9.8 or probably later (openssl-0.9.8)
7. libpcre
8. net-snmp-5.x 


Compilation and instalation
-----------
Make sure you have configured kernel headers in /usr/src/linux,
or specify other location via KDIR.
1. cd /path/to/accel-ppp-1.3.5
2. mkdir build
3. cd build
4. cmake [-DBUILD_DRIVER=FALSE] [-DKDIR=/usr/src/linux] [-DCMAKE_INSTALL_PREFIX=/usr/local] [-DCMAKE_BUILD_TYPE=Release] [-DLOG_PGSQL=FALSE] [-DSHAPER=FALSE] [-DRADIUS=TRUE] [-DNETSNMP=FALSE] ..
   Please note that the double dot record in the end of the command is essential. You'll probably get error or misconfigured sources if you miss it.
   BUILD_DRIVER, KDIR, CMAKE_INSTALL_PREFIX, CMAKE_BUILD_TYPE, LOG_PGSQL, SHAPER, RADIUS  are optional,
   But while pptp is not present in mainline kernel you probably need BUILD_DRIVER.
   For example:
   cmake -DBUILD_DRIVER=TRUE ..
   will configure sources to build pptp driver, search kernel headers at /usr/src/linux, install to /usr/local,
   build with no debug, pgsql and shaper support, build with radius support.
5. If you want to use chap-secrets for authentication purpose then you need to disable radius support, configure as following:
   cmake -DBUILD_DRIVER=TRUE -DRADIUS=FALSE ..
   of course you can include additional options if needed.
6. make
7. make install


Configuration
-------------
read man accel-ppp.conf


Built-in shaper
--------------
accel-ppp supports tbf and htb based shaper manager.
To enable it uncomment shaper in [modules] section.
It accepts radius attributes in various formats: rate, down-rate/up-rate and cisco-like. Values have to be in kilobits except cisco-like.
For example:
Filter-Id=1000 (means 1000Kbit both up-stream and down-stream rate)
Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)
To change radius attribute which containes rate information use 'attr' option, for example:
[shaper]
attr=My-Custom-Rate-Attribute
of course this attribute have to be in radius dictionary.
To specify different attributes for down-stream and up-stream rates use 'attr-down' and 'attr-up' options, for example:
[shaper]
attr-down=PPPD-Downstream-Speed
attr-up=PPPD-Upstream-Speed

If you want to use cisco-like format configure accel-ppp as following:
[shaper]
vendor=Cisco
attr=Cisco-AVPair
and send two attributes:
Cisco-AVPair=lcp:interface-config#1=rate-limit input 2000000 8000 8000 conform-action transmit exceed-action drop (which means 2000Kbit up-stream rate and 8Kb burst)
Cisco-AVPair=lcp:interface-config#1=rate-limit output 2000000 8000 8000 conform-action transmit exceed-action drop (which means 2000Kbit down-stream rate and 8Kb burst)


Advanced shaper using
---------------------
1. Burst configuration.
If you not using cisco-like format then burst calculates from rate and specified burst factors.
To specify burst factors use 'down-burst-factor' and 'up-burst-factor' options, for example:
[shaper]
down-burst-factor=1.0
up-burst-factor=10.0
which means that burst for tbf/htb qdisc will be calculated as down-stream rate multiply to 1.0 and burst for policer/htb will be calculated as up-stream rate multiply to 10.0.

2. Time ranges.
You can specify time ranges to authomatic rate reconfiguration.
To specify time ranges use following sample configuration:
[shaper]
time-range=1,1:00-3:00
time-range=2,3:00-5:00
time-range=3,5:00-7:00
first number is time range identifier.
To specify time range specific rates use following format of radius attributes: range-id,rate, range-id,down-rate/up-rate or cisco-like, for example:
Filter-Id=1000
Filter-Id=1,2000
Filter-Id=2,3000
Filter-Id=3,4000
which means: set 1000Kbit by default, set 2000Kbit in time range 1, set 3000Kbit in time range 2, set 4000Kbit in time range 3.
You have to pass multiple Filter-Id attributes to utilize this functionality.
Or cisco-like:
Cisco-AVPair=lcp:interface-config#1=rate-limit output access-group 1 1000000 8000 8000 conform-action transmit exceed-action drop
Cisco-AVPair=lcp:interface-config#1=rate-limit input access-group 1 1000000 8000 8000 conform-action transmit exceed-action drop
and so on...

3. chap-secrets.
If you use chap-secrets instead of radius then there is way to utilize built-in shaper too.
The optional fifth column in chap-secrets file is used to pass rate information to shaper.
Its format is same as for radius attributes, except you cann't utilize time ranges functionality.


SNMP
----
SNMP is implemented using net-snmp libraries. By default accel-ppp starts in subagent mode,
so make sure that net-snmp configured with subagent control turned on (read net-snmp's README.agentx for more details).
Also you can start accel-ppp as master agent using following configuration:
[snmp]
master=1

Usage:
Place accel-pppd/extra/net-snmp/ACCEL-PPP-MIB.txt to your mibs directory.
Also you can find used numerical oids in this file.
1. Requesting statistics:
snmpwalk -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::accelPPPStat
2. Requesting sessions:
snmptable -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::sessionsTable
3. Terminate session by session identifier (Acct-Session-ID):
snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::termBySID.0 = 0000000000000001
4. Terminate session by interface name:
snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::termByIfName.0 = ppp2
5. Terminaten session by IP address (Framed-IP-Address):
snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::termByIP.0 = 192.168.10.10
6. Terminate session by username:
snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::termByUsername.0 = user1
7. Execute cli command:
snmpset -m +ACCEL-PPP-MIB -v 2c -c local 127.0.0.1 ACCEL-PPP-MIB::cli.0 = "shaper change all 1024 temp"



Warning !!!
-----------
1. The pptp driver conflicts with ip_gre driver (in kernel), so make sure that ip_gre is not built-in or loaded at run time
   (don't matter if you have 2.6.37 or later kernel).
2. Don't mix connections of accel-ppp and poptop's pptpd, before starting accel-ppp make sure that no connections
   of pptpd exists.


Contacts
--------
http://accel-ppp.sourceforge.net/
mail: xeb@mail.ru
ICQ: 337258064
Jabber: xeb@xeb.homelinux.net