IPoE with trunked VLANs

lamaral · January 1, 2022, 5:46pm

Hello,

I setup a GPON lab to test IPoE but I ran into an issue with the IPoE server configuration. My setup is as follows:
ONU ---- OLT ---- L2 Switch ---- VyOS Router

I am using VLAN 100 configured all the way from the VyOS router to the ONU and I would like to have all clients sharing VLAN 100.

At first, I configured my router as a router on a stick, with all VLANs on the same physical interface:

 interfaces {
     ethernet eth0 {
         hw-id xxx
         vif 100 {
         }
         vif 202 {
             address 2.2.2.2/29
         }
     }
     ethernet eth1 {
         hw-id xxx
     }
 }
 service {
     ipoe-server {
         authentication {
             mode noauth
         }
         interface eth0.100 {
             client-subnet 100.64.0.0/24
             network shared
             network-mode L2
         }
         name-server 8.8.8.8
         name-server 8.8.4.4
     }
 }

When configured like this, the clients on VLAN 100 can’t obtain an IP address. When running tcpdump -epni eth0.100 port 67 or 68, I can see the DHCP requests and the DHCP replies, but on the client, I was only seeing the requests.

I then mirrored the port towards eth0 on the L2 switch and run tcpdump on a computer plugged to the mirrored port.
I could see:

DHCP discover from client
DHCP offer from VyOS
DHCP request from client

It looks like after the ipoe interface was created, VyOS couldn’t send packets properly anymore towards the VLAN.

I then delivered VLAN 100 to the eth1 tagged and changed the VyOS configuration as follows:

 interfaces {
     ethernet eth0 {
         hw-id xxx
         vif 202 {
             address 2.2.2.2/29
         }
     }
     ethernet eth1 {
         hw-id xxx
     }
 }
 service {
     ipoe-server {
         authentication {
             mode noauth
         }
         interface eth1 {
             client-subnet 100.64.0.0/24
             network vlan
             vlan-id 100
         }
         name-server 8.8.8.8
         name-server 8.8.4.4
     }
 }

This one “works” as the client can successfully obtain an IP address. The problem is that with the above configuration, only a single client can exist per VLAN and that wasn’t my intention.

So here is the question: did I misunderstand how the IPoE Server can be used? Did I misconfigure something? Or did I hit a bug?

Thank you,
Luiz

Dmitry · January 1, 2022, 6:25pm

Hi @lamaral , in general, it should works, which is the VyOS version running?

lamaral · January 1, 2022, 7:48pm

I’m running 1.4-rolling-202112180318 on a PCEngines apu2.

RyVolodya · January 2, 2022, 12:13pm

Hello @lamaral
I recreated the first configuration option in the network lab. Hosts receive addresses from the dhcp server of VyOS. Your configuration is working. Check the settings on the L2 switch.

lamaral · January 2, 2022, 1:38pm

Hi @RyVolodya,

I did some further testing in a much simpler setup in order to rule things out of the equation. I just connected my laptop directly to the VyOS router, nothing in between.
I added an interface for vlan 100 on the laptop and configured VyOS on the router with the first configuration I posted.

Same broken behavior was observed.
tcpdump on the VyOS router, shows Discover, Offer, Request, ACK.
tcpdump on the laptop shows Discover, Offer, Request, but the ACK is never received.

So additionally, I spawned one VyOS VM and one Debian VM in a virtual network and performed the same configuration. There it worked fine.

I fiddled a lot with my VyOS router, as I tested PPPoE, LAC+LNS and now trying IPoE. I have another apu2 board available, so I will try a brand new installation of VyOS there and see if the problem persists. I will keep the broken install untouched for now, in case you would like me to get some debugging info out of there.

lamaral · January 2, 2022, 2:16pm

I just tested with a brand new VyOS install with my laptop plugged straight into the interface and I observed the same problematic behavior.

VyOS is using the igb driver for the NICs, as the apu2d4 uses the Intel i210AT.

I tried disabling the VLAN HW offloading sudo ethtool -K eth1 rx-vlan-offload off tx-vlan-offload off and then it started working as expected.

Could it be a problem with the igb driver?

lamaral · January 2, 2022, 2:51pm

I just tried the same configuration on a Poweredge R510 with a Mellanox Connect-X3 NIC and there everything worked as expected.

I’m a little bit out of my league to debug this on my own, but I’m happy to test things and provide you with any information I can if you want to dig deeper into this.

Keegan · January 13, 2022, 12:23pm

Thanks for sharing i was posting my issue and forum suggest me this post and my issue is something like this but still looking for solution any suggestions for me must share.