Hi,
I have this kind of situation
[edit service pppoe-server]
vyos@VYOS# show interface | commands
set interface eth5.179 vlan-range ‘3000-4000’
set interface eth5.201 vlan-range ‘3000-4000’
set interface eth5.203 vlan-range ‘3000-4000’
set interface eth5.205 vlan-range ‘3000-4000’
set interface eth5.206 vlan-range ‘3000-4000’
set interface eth5.755 vlan-range ‘3000-4000’
set interface eth5.774 vlan-range ‘3000-4000’
set interface eth5.935 vlan-range ‘3000-4000’
set interface eth5.1061 vlan-range ‘3000-4000’
set interface eth5.1495 vlan-range ‘3000-4000’
set interface eth5.1517 vlan-range ‘3000-4000’
set interface eth5.1732 vlan-range ‘3000-4000’
set interface eth5.2024 vlan-range ‘3000-4000’
set interface eth5.2268 vlan-range ‘3000-4000’
set interface eth5.4067 vlan-range ‘3000-4000’
set interface eth5.4076 vlan-range ‘3000-4000’
set interface eth5.4077 vlan-range ‘3000-4000’
and tons of customers up and running …
But … if I had to add a new svlan+cvlan to the main interface, that’s if I do for example
set interface eth5.4087 vlan-range ‘3000-4000’
commit
all the customers fall down … and a tons of auth- requests arrive to the radius server few seconds after !
and really, it’s not good! How could I avoid it ?
thanks
Nobody ? Really?
I know that accel-ppp permit to add/remove vlan on the fly (via accel-cmd) … but after a commit i vyos, the accel-ppp daemon seems to be restarted, so all sessions fall.
No solutions ?
This appears to be a known bug upstream. Have you seen this article?
https://support.vyos.io/en/support/solutions/articles/103000096275-pppoe-server
Looks like you’ll have to do these ops during a maintenance window as much as a PITA it’s going to be.
It seems accel-ppp cannot corectly add interfaces without restart
Hi, I’m here again after almost 2 years for the same question …
… beacause it seems thate accel-ppp does not need to restart after adding/removing interfaces
So I think it could be possible to change something to avoid the massive down.
Just let me write my nonsenses and fell free to insult me 
I have a vyos-test-server with pppoe-server configured on vxlan1219 + vxlan1228
and tried this thing, first with accel-cmd itself, and after with a vyos-configuration mod.
show session
remove interface
show session
add interface interface
show session
when using accel-cmd sessions remain online
when committing configuration mod sessions go down, and up again
when trying with accel-cmd
**root@VYOS-CIRCINUS-TEST:# accel-cmd**
**pppoe interface show**
interface: connections: state:
-----------------------------------
vxlan1219 0 active
vxlan1228 1 active
**show sessions**
ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
--------+------------------------------+-------------------+--------------+-------------+-------+------+--------+----------
ppp0 | [email protected] | ff:cc:e7:d2:02:af | 100.68.0.249 | 20000/10000 | pppoe | | active | 16:37:10
pppoe interface del vxlan1219
**show sessions**
ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
--------+------------------------------+-------------------+--------------+-------------+-------+------+--------+----------
ppp0 | [email protected] | ff:cc:e7:d2:02:af | 100.68.0.249 | 20000/10000 | pppoe | | active | 16:37:34
**pppoe interface show**
interface: connections: state:
-----------------------------------
vxlan1228 1 active
**pppoe interface add vxlan1219**
**show sessions**
ifname | username | calling-sid | ip | rate-limit | type | comp | state | uptime
--------+------------------------------+-------------------+--------------+-------------+-------+------+--------+----------
ppp0 | [email protected] | ff:cc:e7:d2:02:af | 100.68.0.249 | 20000/10000 | pppoe | | active | 16:38:07
**pppoe interface show**
interface: connections: state:
-----------------------------------
vxlan1228 1 active
vxlan1219 0 active
when trying with configuration mod
**vyos@VYOS-CIRCINUS-TEST:~$ show version**
Version: VyOS 1.5-stream-2025-Q1
Release train: circinus
Release flavor: generic
Built by: VyOS Networks Iberia S.L.U.
Built on: Thu 13 Feb 2025 18:06 UTC
Build UUID: b38b28e0-a516-4f56-a596-5502ae094d3b
Build commit ID: 5128f5e45cdb73-dirty
Architecture: x86_64
Boot via: installed image
System type: ???
Hardware vendor: ???
Hardware model: ???
Hardware S/N: ???
Hardware UUID: ???
Copyright: VyOS maintainers and contributors
**vyos@VYOS-CIRCINUS-TEST:~$ conf**
[edit]
**vyos@VYOS-CIRCINUS-TEST# show |commands | match "service pppoe-server"**
set service pppoe-server access-concentrator 'VYOSTEST'
set service pppoe-server authentication mode 'radius'
set service pppoe-server authentication radius dynamic-author key '???'
set service pppoe-server authentication radius dynamic-author port '3799'
set service pppoe-server authentication radius dynamic-author server '192.168.0.31'
set service pppoe-server authentication radius max-try '3'
set service pppoe-server authentication radius rate-limit enable
set service pppoe-server authentication radius server 192.168.1.48 fail-time '30'
set service pppoe-server authentication radius server 192.168.1.48 key '1Shoot08'
set service pppoe-server authentication radius source-address '192.168.0.31'
set service pppoe-server authentication radius timeout '5'
set service pppoe-server gateway-address '192.168.10.1'
set service pppoe-server interface vxlan1219
set service pppoe-server interface vxlan1228
set service pppoe-server name-server '8.8.8.8'
set service pppoe-server name-server '2001:4860:4860::8888'
set service pppoe-server name-server '8.8.4.4'
set service pppoe-server name-server '2001:4860:4860::4444'
set service pppoe-server ppp-options disable-ccp
set service pppoe-server ppp-options ipv6 'allow'
set service pppoe-server session-control 'replace'
set service pppoe-server snmp master-agent
[edit]
**vyos@VYOS-CIRCINUS-TEST# show | commands | match "service pppoe-server interface"**
set service pppoe-server interface vxlan1219
set service pppoe-server interface vxlan1228
[edit]
**vyos@VYOS-CIRCINUS-TEST# run show pppoe-server sessions**
ifname | username | ip | ip6 | ip6-dp | calling-sid | rate-limit | state | uptime | rx-bytes | tx-bytes
--------+------------------------------+--------------+----------------------------+---------------------+-------------------+-------------+--------+----------+----------+-----------
ppp0 | [email protected] | 100.68.0.249 | 2a09:3e47:f000:ba:200::/64 | 2a09:3e47:f0ba::/48 | ff:cc:e7:d2:02:af | 20000/10000 | active | 18:01:52 | 22.7 MiB | 630.6 MiB
[edit]
**vyos@VYOS-CIRCINUS-TEST# delete service pppoe-server interface vxlan1219**
[edit]
**vyos@VYOS-CIRCINUS-TEST# commit**
[edit]
**vyos@VYOS-CIRCINUS-TEST# run show pppoe-server sessions**
ifname | username | ip | ip6 | ip6-dp | calling-sid | rate-limit | state | uptime | rx-bytes | tx-bytes
--------+------------------------------+--------------+----------------------------+---------------------+-------------------+-------------+--------+----------+----------+-----------
ppp0 | [email protected] | 100.68.0.249 | 2a09:3e47:f000:ba:200::/64 | 2a09:3e47:f0ba::/48 | ff:cc:e7:d2:02:af | 20000/10000 | active | 00:00:01 | 0.0 MiB | 0.0 MiB
[edit]
**vyos@VYOS-CIRCINUS-TEST# show | commands | match "service pppoe-server interface"**
set service pppoe-server interface vxlan1219
[edit]
**vyos@VYOS-CIRCINUS-TEST# add service pppoe-server interface vxlan1219**
[edit]
**vyos@VYOS-CIRCINUS-TEST# commit**
[edit]
**vyos@VYOS-CIRCINUS-TEST# run show pppoe-server sessions**
ifname | username | ip | ip6 | ip6-dp | calling-sid | rate-limit | state | uptime | rx-bytes | tx-bytes
--------+------------------------------+--------------+----------------------------+---------------------+-------------------+-------------+--------+----------+----------+-----------
ppp0 | [email protected] | 100.68.0.249 | 2a09:3e47:f000:ba:200::/64 | 2a09:3e47:f0ba::/48 | ff:cc:e7:d2:02:af | 20000/10000 | active | 00:00:02 | 0.0 MiB | 0.0 MiB
What do you think about it ?
What abount adding and removing interface, after a diff between new and old interfaces , instead of brutally restart the service ?
We don’t use accel-cmd
Try the same thing with reloading daemon.
It will not work
Conf mode generates accel-ppp config and applies it by reload/restart daemon
Interfaces cannot added for the config without restart
Yes , I know, but … just think different 
My question was, why don’t you change your mind and use accel-cmd ?
You could calc and save new conf, to use at reboot, but instead of restaring the service (and get down all sessions) you could do a
accel-cmd reload (for the basic settings reload)
and execute multiple
accel-cmd interface add/del …
and if needed
accel-cmd shaper change …
to match all the requested changes in the new confuration (for the settings not reloaded by the basic reload command)
I think it would be really appreciated .
I think the current method is more “foolproof” and way easier to implement with the downside as you have experienced that the service will restart.
Afterall the current method is what occurs during boot so it had to be done but to later on add logic to inject commands on the fly (be able to diff current config vs previous config and based on that use add/remove commands) without restarting needs some more coding so it becomes optional.
Your suggestion should be possible (same with injecting stuff to FRR using tcmd or whatever its called instead of reloading the whole daemon) but “someone have to do it” codewise so the payback of spending time to refactor the code to behave more logical and “optimal” is limited for any other than those who still use PPPoE (which when it comes to VyOS seems to be more than a few since the PPPoE support is kind of unique these days).
In your case will the PPPoE service restart if you commit something else in the config or only if the PPPoE parts are changed?
Wouldnt (as a workaround) it be possible for you to preconfigure all the future combos of
set interface ethX.YYY vlan-range ‘AAAA-BBBB’
so that the PPPoE doesnt have to be touched just because you add/remove a customer but you can block them elsewhere in the code (given that PPPoE wont restart if you touch something else in the config)?
You can use it natively without any change 
To answer you question check the sources of the service.
I tried one time and won’t spend time to feature that never be merged T2102: Add interface to PPPoE-server without restarting sessions by sever-sever · Pull Request #2182 · vyos/vyos-1x · GitHub
The PPPoE service restart only if change PPPoE settings.
I have to implement an automatic deploy of services, that att new interface (vxlan not vlan) and ad it to the pppoe-server.
At this moment my workaround is NOT TO USE vyos configuration to inject the interfaces, but a cron (every minute) make a diff between wanted interfaces and the result of
accel-cmd pppoe interface show | awk 'NR > 2 {print $1}'
then I iterate over the result with a foreach and create a temp file with the needed commands
pppoe interface add/del $interface
and at last execute a single
accel-cmd < /tmp/myfile.tmp
seting vlan-range is not an option, because I have vxlan interfaces and not a vlan
the vxlan act a ServiceVlan and inside it there will be hundreds of customers, each one with his own CustomerVlan … it works like a charm, but I’d like to have everything inside the vyos configuration without external “helpers” … that’s all
Feel free to create a PR. I like the idea of adding interfaces without restarting the service.
However, I do not see any solution integrated into the configuration.
In my opinion, it is an accel-ppp bug/feature and should be fixed in the upstream repo.
If it can be useful to anyone, this is my script , executed by cron * * * * *
very simple, quick’n’dirty
it only watch vxlans but very easy to modify
#!/usr/bin/python3
import glob, subprocess
def get_vxlan_interfaces():
vxlan_interfaces = glob.glob('/sys/class/net/vxlan*')
return {interface.split('/')[-1] for interface in vxlan_interfaces}
def get_vxlan_pppoe_interfaces():
try:
result = subprocess.run(['/usr/bin/accel-cmd', 'pppoe', 'interface', 'show'], capture_output=True, text=True, check=True)
interfaces = set()
for line in result.stdout.splitlines():
if line.startswith('vxlan'):
interfaces.add(line.split()[0])
return interfaces
except subprocess.CalledProcessError as e:
return set()
if __name__ == "__main__":
vxlan = get_vxlan_interfaces()
vxlan_pppoe = get_vxlan_pppoe_interfaces()
to_add = vxlan - vxlan_pppoe
to_remove = vxlan_pppoe - vxlan
to_exec = []
for item in to_add:
to_exec.append(f"pppoe interface add {item}")
print(f"+{item}")
for item in to_remove:
print(f"-{item}")
to_exec.append(f"pppoe interface del {item}")
process = subprocess.Popen(['/usr/bin/accel-cmd'], stdin=subprocess.PIPE, text=True)
process.communicate(input="\n".join(to_exec))
As soon as I have time I’ll take a look at the reload function of accel-cmd to see if a similar solution can be adopted
Yes but cant you make a “schema” so you then can preconfigure all 4096 or whatever vxlan tunnels and call it a day?
You could then add a script as post-hook to disable notused interfaces:
https://docs.vyos.io/en/latest/automation/command-scripting.html#executing-pre-hooks-post-hooks-scripts
This way you will never have to touch the PPPoE config in VyOS until the next batch of 4096 or so VXLAN-tunnels that you will preconfigure.
In the accel-ppp you can add regex which interface should listen to PPP like vxlan[0-9]
Probably this solution will be better. Requires a feature request.
You are right … I tried and it works!
I’m trying now on another instance (with vyos 1.4), no vxlan, but dualTag QinQ vlans on eth5
I manually changed pppoe.conf using this patterns
interface=re:^eth5.([2-9]|[1-9]\d|[1-9]\d{2}|[1-3]\d{3}|40[0-8]\d|409[0-4]).([1-9]|[1-9]\d|[1-9]\d{2}|[1-3]\d{3}|40[0-8]\d|409[0-4])$
vlan-mon=re:^eth5.([2-9]|[1-9]\d|[1-9]\d{2}|[1-3]\d{3}|40[0-8]\d|409[0-4])$,2-4094
now I can add/delete vif on eth5 (without touching pppoe settings in vyos conf) and it seems to works, without any down for pppoe-customers
1 Like
No … it’s not really working well … at least with vxlan
That’s … in pppoe.conf I have
interface=re:^vxlan([2-9]|[1-9]\d|[1-9]\d{2}|[1-3]\d{3}|40[0-8]\d|409[0-4])$
at service restart it works and watch all matching vxlan
but if I add e new VXLAN (via vyos conf) the new interface is not monitored.