| 2021-11-22 12:29:19 |
gregrwm |
bug |
|
|
added bug |
| 2021-11-23 18:26:38 |
Lucas Kanashiro |
strongswan (Ubuntu): status |
New |
Incomplete |
|
| 2021-11-23 22:02:54 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
| 2021-11-25 04:48:19 |
gregrwm |
affects |
strongswan (Ubuntu) |
xl2tpd (Ubuntu) |
|
| 2021-11-25 04:49:20 |
gregrwm |
summary |
no shared key found in 22.04 |
xl2tpd "Can not find tunnel" in jammy |
|
| 2021-11-25 05:09:00 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy strongswan is...still working on it?
This is the output i get in 22.04:
initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
parsed ID_PROT response 0 [ SA V V V ]
received XAuth vendor ID
received DPD vendor ID
received NAT-T (RFC 3947) vendor ID
selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
no shared key found for '1.i.p.2'[1.i.p.2] - '2.i.p.7'[2.i.p.7]
no shared key found for 1.i.p.2 - 2.i.p.7
generating INFORMATIONAL_V1 request 402437601 [ N(INVAL_KE) ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (56 bytes)
establishing connection 'myvp7' failed
This is the output i get in 20.04:
initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
parsed ID_PROT response 0 [ SA V V V ]
received XAuth vendor ID
received DPD vendor ID
received NAT-T (RFC 3947) vendor ID
selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
local host is behind NAT, sending keep alives
generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (108 bytes)
received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (76 bytes)
parsed ID_PROT response 0 [ ID HASH ]
IKE_SA myvp7[1] established between 1.i.p.2[1.i.p.2]...2.i.p.7[2.i.p.7]
scheduling reauthentication in 3397s
maximum IKE_SA lifetime 3577s
generating QUICK_MODE request 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (204 bytes)
received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (204 bytes)
parsed QUICK_MODE response 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
CHILD_SA myvp7{1} established with SPIs ce997cf9_i ccdb93e8_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
connection 'myvp7' established successfully
my ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my ipsec.secrets:
: PSK ... |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts. i extracted them thus:
egrep "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i |
|
| 2021-11-25 05:12:41 |
gregrwm |
attachment added |
|
syslog extract from 20.04 https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543173/+files/fks |
|
| 2021-11-25 05:13:17 |
gregrwm |
attachment added |
|
syslog extract from jammy https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543174/+files/jls |
|
| 2021-11-25 05:14:13 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts. i extracted them thus:
egrep "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i |
|
| 2021-11-25 05:33:32 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i |
|
| 2021-11-25 06:26:26 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
|
| 2021-11-25 06:29:24 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
|
| 2021-11-25 06:34:07 |
gregrwm |
attachment added |
|
er-x charon.log when 20.04 connects https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543179/+files/fcha |
|
| 2021-11-25 06:35:15 |
gregrwm |
attachment added |
|
er-x /var/log/messages when 20.04 connects https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543180/+files/fmes |
|
| 2021-11-25 06:35:51 |
gregrwm |
attachment added |
|
er-x /var/log/charon.log when jammy tries to connect https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543181/+files/jcha |
|
| 2021-11-25 06:36:28 |
gregrwm |
attachment added |
|
er-x /var/log/messages when jammy tries to connect https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543182/+files/jmes |
|
| 2021-11-25 06:40:33 |
gregrwm |
xl2tpd (Ubuntu): status |
Incomplete |
New |
|
| 2021-11-25 06:42:19 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 and #7. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
|
| 2021-11-25 06:43:27 |
gregrwm |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. i extracted them thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. the er-x extracts were simple, the ubuntu extracts were thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
|
| 2022-01-31 11:18:28 |
Launchpad Janitor |
xl2tpd (Ubuntu): status |
New |
Confirmed |
|
| 2022-01-31 11:33:40 |
Chaostya |
attachment added |
|
syslog-vpn-l2tp-fails.txt https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5558409/+files/syslog-vpn-l2tp-fails.txt |
|
| 2022-02-06 16:26:55 |
Chaostya |
attachment added |
|
xl2tpd_broken_tunnel_parsing_logs.txt https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5559381/+files/xl2tpd_broken_tunnel_parsing_logs.txt |
|
| 2022-03-18 10:02:24 |
Раиф Габдуллин |
bug |
|
|
added subscriber Раиф Габдуллин |
| 2022-03-23 05:13:51 |
Раиф Габдуллин |
attachment added |
|
syslog-extract https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5572073/+files/syslog-extract |
|
| 2022-03-23 14:50:29 |
Nick Kondratiev |
bug |
|
|
added subscriber nickkon |
| 2022-04-06 12:54:37 |
emsan |
bug |
|
|
added subscriber emsan |
| 2022-04-20 17:30:59 |
NecLimDul |
bug watch added |
|
https://github.com/xelerance/xl2tpd/issues/230 |
|
| 2022-04-21 13:58:13 |
Felipe Marschall |
bug |
|
|
added subscriber Felipe Marschall |
| 2022-04-22 12:11:01 |
Sandldan |
bug |
|
|
added subscriber Sandldan |
| 2022-04-23 10:12:37 |
msaxl |
attachment added |
|
lto-fix-bug-1968336.patch https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5582809/+files/lto-fix-bug-1968336.patch |
|
| 2022-04-23 12:23:07 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
| 2022-04-23 12:23:13 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
| 2022-04-25 01:10:24 |
Xavier Claessens |
bug |
|
|
added subscriber Xavier Claessens |
| 2022-04-25 10:54:25 |
Paweł |
bug |
|
|
added subscriber Paweł |
| 2022-04-25 15:51:10 |
Felix T |
bug |
|
|
added subscriber Felix T |
| 2022-04-25 16:09:51 |
Robie Basak |
tags |
patch |
bitesize patch |
|
| 2022-04-25 16:10:02 |
Robie Basak |
nominated for series |
|
Ubuntu Jammy |
|
| 2022-04-25 16:10:02 |
Robie Basak |
bug task added |
|
xl2tpd (Ubuntu Jammy) |
|
| 2022-04-25 16:10:10 |
Robie Basak |
xl2tpd (Ubuntu Jammy): status |
Confirmed |
Triaged |
|
| 2022-04-25 16:12:33 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2022-04-25 16:24:53 |
Sandldan |
removed subscriber Sandldan |
|
|
|
| 2022-04-26 02:26:31 |
Ikuya Awashiro |
bug |
|
|
added subscriber Ikuya Awashiro |
| 2022-04-26 07:24:02 |
Henrik Nilsson |
bug |
|
|
added subscriber Henrik Nilsson |
| 2022-04-27 16:27:37 |
iJay |
bug |
|
|
added subscriber iJay |
| 2022-04-28 11:29:30 |
Robie Basak |
bug task added |
|
lto-disabled-list (Ubuntu) |
|
| 2022-04-28 11:43:05 |
Hardik Ghadshi |
attachment added |
|
xl2tpd_1.3.12-1.1_amd64.deb https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5584668/+files/xl2tpd_1.3.12-1.1_amd64.deb |
|
| 2022-04-28 12:00:49 |
Robie Basak |
description |
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. the er-x extracts were simple, the ubuntu extracts were thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
[Impact]
Users cannot connect to L2TP VPNs at all, such as through network-manager-l2tp-gnome.
[Development Fix]
Addition to lto-disabled-list and a rebuild of xl2tpd in Kinetic. The upload to lto-disabled-list is in Unapproved, pending Kinetic opening. I've added a task for lto-disabled-list to this bug, so that I'll know to upload the rebuild of xl2tpd when that is built and published. Since the version of the Jammy upload is 1.3.16-1ubuntu0.1, the Kinetic upload will end up "lower" at 1.3.16-1build1, but that shouldn't be a problem because this issue will be fixed in both packages, and then any subsequent uploads to Kinetic will continue "higher" as normal. Alternatively 1.3.16-1ubuntu0.1 could just be copied forward to Kinetic after this SRU lands, but it would be better to avoid the delta in Kinetic so that the package will autosync in the future.
[Stable Fix]
Disabling of LTO in debian/rules. This is a more minimal fix that would not require coordination between two packages in a situation where xl2tpd needs to be rebuilt in Jammy anyway.
[Fix method not adopted]
It would be better to fix upstream so that LTO actually works. Upstream issues are https://github.com/xelerance/xl2tpd/issues/230 and https://github.com/xelerance/xl2tpd/issues/232. However these aren't fixed upstream and the change in the area of code suggested may not be the only necessary fix, so it seems safer for both the stable and development releases in Ubuntu to revert what regressed the package for now, until a proper fix confirmed to cover all cases by upstream.
[Test Plan]
Requirements : An L2TP VPN server (Windows Server)
- Install Ubuntu 22.04
- Install network-manager-l2tp-gnome (and requirements)
- Configure a new L2TP VPN connection for your server
(in my case, not sure if this detail is required)
- Configure gateway address
- Configure password auth
- In the IPsec Options, enable IPsec tunnelling
- Configure the PSK from your server
- In the PPP Options, enable MSPPE, and disable MSCHAP (leaving MSCHAPv2 the only auth option)
With thanks to Adrian Wilkins, who will also do the SRU verification for us, since it requires a configured Windows Server at the other end.
In addition, racb will check the build log to ensure that LTO was actually disabled during the build.
[Where problems could occur]
There might be some other unreported users from whom LTO actually fixes something and we will regress them by disabling it. However this bug seems more important to fix since it is reported with 35 reported to be affected users already.
LTO doesn't actually get disabled, and by some other non-determinism the problem is accidentally fixed and regresses again later. Mitigation: check the build log.
[Original Description]
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. the er-x extracts were simple, the ubuntu extracts were thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
|
| 2022-04-28 12:04:52 |
Robie Basak |
xl2tpd (Ubuntu Jammy): status |
Triaged |
In Progress |
|
| 2022-04-28 12:05:13 |
Robie Basak |
tags |
bitesize patch |
patch regression-release |
|
| 2022-04-28 12:07:06 |
Robie Basak |
description |
[Impact]
Users cannot connect to L2TP VPNs at all, such as through network-manager-l2tp-gnome.
[Development Fix]
Addition to lto-disabled-list and a rebuild of xl2tpd in Kinetic. The upload to lto-disabled-list is in Unapproved, pending Kinetic opening. I've added a task for lto-disabled-list to this bug, so that I'll know to upload the rebuild of xl2tpd when that is built and published. Since the version of the Jammy upload is 1.3.16-1ubuntu0.1, the Kinetic upload will end up "lower" at 1.3.16-1build1, but that shouldn't be a problem because this issue will be fixed in both packages, and then any subsequent uploads to Kinetic will continue "higher" as normal. Alternatively 1.3.16-1ubuntu0.1 could just be copied forward to Kinetic after this SRU lands, but it would be better to avoid the delta in Kinetic so that the package will autosync in the future.
[Stable Fix]
Disabling of LTO in debian/rules. This is a more minimal fix that would not require coordination between two packages in a situation where xl2tpd needs to be rebuilt in Jammy anyway.
[Fix method not adopted]
It would be better to fix upstream so that LTO actually works. Upstream issues are https://github.com/xelerance/xl2tpd/issues/230 and https://github.com/xelerance/xl2tpd/issues/232. However these aren't fixed upstream and the change in the area of code suggested may not be the only necessary fix, so it seems safer for both the stable and development releases in Ubuntu to revert what regressed the package for now, until a proper fix confirmed to cover all cases by upstream.
[Test Plan]
Requirements : An L2TP VPN server (Windows Server)
- Install Ubuntu 22.04
- Install network-manager-l2tp-gnome (and requirements)
- Configure a new L2TP VPN connection for your server
(in my case, not sure if this detail is required)
- Configure gateway address
- Configure password auth
- In the IPsec Options, enable IPsec tunnelling
- Configure the PSK from your server
- In the PPP Options, enable MSPPE, and disable MSCHAP (leaving MSCHAPv2 the only auth option)
With thanks to Adrian Wilkins, who will also do the SRU verification for us, since it requires a configured Windows Server at the other end.
In addition, racb will check the build log to ensure that LTO was actually disabled during the build.
[Where problems could occur]
There might be some other unreported users from whom LTO actually fixes something and we will regress them by disabling it. However this bug seems more important to fix since it is reported with 35 reported to be affected users already.
LTO doesn't actually get disabled, and by some other non-determinism the problem is accidentally fixed and regresses again later. Mitigation: check the build log.
[Original Description]
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. the er-x extracts were simple, the ubuntu extracts were thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
[Impact]
Users cannot connect to L2TP VPNs at all, such as through network-manager-l2tp-gnome.
[Development Fix]
Addition to lto-disabled-list and a rebuild of xl2tpd in Kinetic. The upload to lto-disabled-list is in Unapproved, pending Kinetic opening. I've added a task for lto-disabled-list to this bug, so that I'll know to upload the rebuild of xl2tpd when that is built and published. Since the version of the Jammy upload is 1.3.16-1ubuntu0.1, the Kinetic upload will end up "lower" at 1.3.16-1build1, but that shouldn't be a problem because this issue will be fixed in both packages, and then any subsequent uploads to Kinetic will continue "higher" as normal. Alternatively 1.3.16-1ubuntu0.1 could just be copied forward to Kinetic after this SRU lands, but it would be better to avoid the delta in Kinetic so that the package will autosync in the future.
[Stable Fix]
Disabling of LTO in debian/rules. This is a more minimal fix that would not require coordination between two packages in a situation where xl2tpd needs to be rebuilt in Jammy anyway.
[Fix method not adopted]
It would be better to fix upstream so that LTO actually works. Upstream issues are https://github.com/xelerance/xl2tpd/issues/230 and https://github.com/xelerance/xl2tpd/issues/232 and this is tracked in bug 1970740. However these aren't fixed upstream and the change in the area of code suggested may not be the only necessary fix, so it seems safer for both the stable and development releases in Ubuntu to revert what regressed the package for now, until a proper fix confirmed to cover all cases by upstream.
[Test Plan]
Requirements : An L2TP VPN server (Windows Server)
- Install Ubuntu 22.04
- Install network-manager-l2tp-gnome (and requirements)
- Configure a new L2TP VPN connection for your server
(in my case, not sure if this detail is required)
- Configure gateway address
- Configure password auth
- In the IPsec Options, enable IPsec tunnelling
- Configure the PSK from your server
- In the PPP Options, enable MSPPE, and disable MSCHAP (leaving MSCHAPv2 the only auth option)
With thanks to Adrian Wilkins, who will also do the SRU verification for us, since it requires a configured Windows Server at the other end.
In addition, racb will check the build log to ensure that LTO was actually disabled during the build.
[Where problems could occur]
There might be some other unreported users from whom LTO actually fixes something and we will regress them by disabling it. However this bug seems more important to fix since it is reported with 35 reported to be affected users already.
LTO doesn't actually get disabled, and by some other non-determinism the problem is accidentally fixed and regresses again later. Mitigation: check the build log.
[Original Description]
My connection works in 20.04 and fails in 22.04. Perhaps something i've been using is now depricated? Or perhaps jammy xl2tpd is...still working on it?
see my attached syslog extracts at comments #6 thru #11. the er-x extracts were simple, the ubuntu extracts were thus:
egrep -i "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep -v "INFORMATIONAL_V1|packet: from"
what seems to stand out is:
These lines show up in syslog only in 20.04:
Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
These lines show up in syslog only in jammy:
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202. Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
my /etc/ipsec.conf:
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes256-sha1-modp2048!
esp=aes-sha1!
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my /etc/ipsec.secrets:
: PSK ...
my /etc/xl2tpd/xl2tpd.conf:
[lac myvp7]
lns = 2.i.p.7
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
my /etc/ppp/options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name ...
password ...
my startup commands:
ipsec up myvp7&&
echo>/var/run/xl2tpd/l2tp-control c myvp7&&
while i=$(ip route) j=${i#*3.i.p.}
[[ $j = "$i" ]]
do echo -n .;sleep .3
done
i="ip route add 3.i.p.0/21 via 3.i.p.${j%% *}"
echo $i;$i
er-x /etc/ipsec.conf:
config setup
conn %default
keyexchange=ikev1
conn remote-access
authby=secret
type=transport
keyexchange=ikev1
left=2.i.p.7
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add
dpddelay=15
dpdtimeout=45
dpdaction=clear
rekey=no
ikelifetime=3600
keylife=3600
er-x /etc/ipsec.secrets:
2.i.p.7 %any : PSK ...
er-x /etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 2.i.p.7
[lns default]
ip range = 3.i.p.4-3.i.p.9
local ip = 10.255.255.0
refuse pap = yes
require authentication = yes
name = VyattaL2TPServer
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
er-x /etc/ppp/options.xl2tpd:
name xl2tpd
linkname l2tp
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
nodefaultroute
debug
proxyarp
connect-delay 5000
idle 1800 |
|
| 2022-04-28 14:05:53 |
Andrea C |
bug |
|
|
added subscriber Andrea C |
| 2022-04-28 17:38:37 |
Launchpad Janitor |
lto-disabled-list (Ubuntu): status |
New |
Confirmed |
|
| 2022-04-28 17:38:37 |
Launchpad Janitor |
lto-disabled-list (Ubuntu Jammy): status |
New |
Confirmed |
|
| 2022-04-28 22:43:46 |
Launchpad Janitor |
lto-disabled-list (Ubuntu): status |
Confirmed |
Fix Released |
|
| 2022-04-29 21:22:10 |
Robie Basak |
xl2tpd (Ubuntu): status |
Triaged |
Fix Committed |
|
| 2022-04-29 21:22:22 |
Robie Basak |
lto-disabled-list (Ubuntu Jammy): status |
Confirmed |
Invalid |
|
| 2022-04-29 22:22:20 |
Launchpad Janitor |
xl2tpd (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2022-04-30 07:51:38 |
Mahdi Abbariki |
bug |
|
|
added subscriber Mahdi Abbariki |
| 2022-05-03 11:59:14 |
Łukasz Zemczak |
xl2tpd (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
| 2022-05-03 11:59:15 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2022-05-03 11:59:17 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2022-05-03 11:59:25 |
Łukasz Zemczak |
tags |
patch regression-release |
patch regression-release verification-needed verification-needed-jammy |
|
| 2022-05-03 18:54:53 |
Eugene |
bug |
|
|
added subscriber Eugene |
| 2022-05-04 08:28:28 |
pgallent |
xl2tpd (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
| 2022-05-04 09:06:22 |
Robie Basak |
xl2tpd (Ubuntu Jammy): status |
Fix Released |
Fix Committed |
|
| 2022-05-04 13:47:51 |
Robie Basak |
tags |
patch regression-release verification-needed verification-needed-jammy |
patch regression-release verification-done verification-done-jammy |
|
| 2022-05-04 14:39:59 |
Robie Basak |
tags |
patch regression-release verification-done verification-done-jammy |
lto patch regression-release verification-needed verification-needed-jammy |
|
| 2022-05-05 09:55:30 |
Adam Keglovits |
xl2tpd (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
| 2022-05-05 10:21:21 |
Robie Basak |
xl2tpd (Ubuntu Jammy): status |
Fix Released |
Fix Committed |
|
| 2022-05-05 10:37:49 |
Hardik Ghadshi |
bug |
|
|
added subscriber Hardik Ghadshi |
| 2022-05-05 10:37:59 |
Hardik Ghadshi |
removed subscriber Hardik Ghadshi |
|
|
|
| 2022-05-05 20:33:57 |
Launchpad Janitor |
xl2tpd (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
