Re: Kernel L2TP support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Oct 25, 2003 at 01:33:56AM +1000, Martijn van Oosterhout wrote:
> However, I've just realised that CIPE currently uses a UDP socket to
> communicate and gets the data packets straight through kernel space without
> any issues. Perhaps it is a good model to start from.

Ok, I've looked at the CIPE code and the PPPoX code and come up with a
basic design. It goes something like:

1. L2TP server starts and opens UDP socket
2. Server handles all tunnel and command packets
3. When a call has been established, server opens a PF_PPPOX/PX_PROTO_L2TP socket
4. Server does ioctl on new socket to "attach" it to the server UDP socket
5. (AFAIK) L2TP server forks and execs pppd with the new socket as device name
6. When packet comes in on the UDP socket that is a data packet and whose
   numbers match the call, the skb is diverted to the PPPOX socket. Else it is
   processed as usual.
7. When a packet comes through the PPPOX socket it is encapsulated and then
   sent out the UDP socket.

The first call that attaches to the server socket will have to reconfigure
it the way CIPE does by replacing the sock_ops table and putting it's own
functions in there. The module then becomes bound to that socket and cannot
be unloaded until the socket is closed.

CIPE stores it's private data in the user_data field of the UDP socket.
Unlike CIPE, L2TP has no interface of its own. The use of magic numbers
would have to ensure that two people don't try to use that field
simultaneously. I feel a bit funny about an ioctl on one FD altering the
properties of another FD but I don't see any way around that.

Finally, PX_MAX_PROTO has been set to one. If this code is made as a
seperate module and loaded into a kernel without that fixed it would fail.
Would it make sense to bump that to four or something to leave space for
future protocols?

Anyone see any flaws in this system or and misunderstanding w.r.t. the use
of PPPoX?

Now to get UML working for testing.

Thanks in advance,
-- 
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> "All that is needed for the forces of evil to triumph is for enough good
> men to do nothing." - Edmond Burke
> "The penalty good people pay for not being interested in politics is to be
> governed by people worse than themselves." - Plato

Attachment: pgp00114.pgp
Description: PGP signature

[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux