tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

docs: networking: convert l2tp.txt to ReST

- add SPDX header;
- add a document title;
- mark tables as such;
- adjust identation, whitespaces and blank lines;
- add to networking/index.rst.

Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Mauro Carvalho Chehab and committed by
David S. Miller 10ebb221 9f049606

+80 -66
+1
Documentation/networking/index.rst
··· 74 74 ipvlan 75 75 ipvs-sysctl 76 76 kcm 77 + l2tp 77 78 78 79 .. only:: subproject and html 79 80
+79 -66
Documentation/networking/l2tp.txt Documentation/networking/l2tp.rst
··· 1 + .. SPDX-License-Identifier: GPL-2.0 2 + 3 + ==== 4 + L2TP 5 + ==== 6 + 1 7 This document describes how to use the kernel's L2TP drivers to 2 8 provide L2TP functionality. L2TP is a protocol that tunnels one or 3 9 more sessions over an IP tunnel. It is commonly used for VPNs ··· 127 121 setsockopt and ioctl on the PPPoX socket. The following socket 128 122 options are supported:- 129 123 130 - DEBUG - bitmask of debug message categories. See below. 131 - SENDSEQ - 0 => don't send packets with sequence numbers 132 - 1 => send packets with sequence numbers 133 - RECVSEQ - 0 => receive packet sequence numbers are optional 134 - 1 => drop receive packets without sequence numbers 135 - LNSMODE - 0 => act as LAC. 136 - 1 => act as LNS. 137 - REORDERTO - reorder timeout (in millisecs). If 0, don't try to reorder. 124 + ========= =========================================================== 125 + DEBUG bitmask of debug message categories. See below. 126 + SENDSEQ - 0 => don't send packets with sequence numbers 127 + - 1 => send packets with sequence numbers 128 + RECVSEQ - 0 => receive packet sequence numbers are optional 129 + - 1 => drop receive packets without sequence numbers 130 + LNSMODE - 0 => act as LAC. 131 + - 1 => act as LNS. 132 + REORDERTO reorder timeout (in millisecs). If 0, don't try to reorder. 133 + ========= =========================================================== 138 134 139 135 Only the DEBUG option is supported by the special tunnel management 140 136 PPPoX socket. ··· 185 177 186 178 The following debug mask bits are available: 187 179 180 + ================ ============================== 188 181 L2TP_MSG_DEBUG verbose debug (if compiled in) 189 182 L2TP_MSG_CONTROL userspace - kernel interface 190 183 L2TP_MSG_SEQ sequence numbers handling 191 184 L2TP_MSG_DATA data packets 185 + ================ ============================== 192 186 193 187 If enabled, files under a l2tp debugfs directory can be used to dump 194 188 kernel state about L2TP tunnels and sessions. To access it, the 195 - debugfs filesystem must first be mounted. 189 + debugfs filesystem must first be mounted:: 196 190 197 - # mount -t debugfs debugfs /debug 191 + # mount -t debugfs debugfs /debug 198 192 199 - Files under the l2tp directory can then be accessed. 193 + Files under the l2tp directory can then be accessed:: 200 194 201 - # cat /debug/l2tp/tunnels 195 + # cat /debug/l2tp/tunnels 202 196 203 197 The debugfs files should not be used by applications to obtain L2TP 204 198 state information because the file format is subject to change. It is ··· 221 211 222 212 To create an L2TPv3 ethernet pseudowire between local host 192.168.1.1 223 213 and peer 192.168.1.2, using IP addresses 10.5.1.1 and 10.5.1.2 for the 224 - tunnel endpoints:- 214 + tunnel endpoints:: 225 215 226 - # ip l2tp add tunnel tunnel_id 1 peer_tunnel_id 1 udp_sport 5000 \ 227 - udp_dport 5000 encap udp local 192.168.1.1 remote 192.168.1.2 228 - # ip l2tp add session tunnel_id 1 session_id 1 peer_session_id 1 229 - # ip -s -d show dev l2tpeth0 230 - # ip addr add 10.5.1.2/32 peer 10.5.1.1/32 dev l2tpeth0 231 - # ip li set dev l2tpeth0 up 216 + # ip l2tp add tunnel tunnel_id 1 peer_tunnel_id 1 udp_sport 5000 \ 217 + udp_dport 5000 encap udp local 192.168.1.1 remote 192.168.1.2 218 + # ip l2tp add session tunnel_id 1 session_id 1 peer_session_id 1 219 + # ip -s -d show dev l2tpeth0 220 + # ip addr add 10.5.1.2/32 peer 10.5.1.1/32 dev l2tpeth0 221 + # ip li set dev l2tpeth0 up 232 222 233 223 Choose IP addresses to be the address of a local IP interface and that 234 224 of the remote system. The IP addresses of the l2tpeth0 interface can be ··· 238 228 addresses reversed. The tunnel and session IDs can be any non-zero 239 229 32-bit number, but the values must be reversed at the peer. 240 230 231 + ======================== =================== 241 232 Host 1 Host2 233 + ======================== =================== 242 234 udp_sport=5000 udp_sport=5001 243 235 udp_dport=5001 udp_dport=5000 244 236 tunnel_id=42 tunnel_id=45 245 237 peer_tunnel_id=45 peer_tunnel_id=42 246 238 session_id=128 session_id=5196755 247 239 peer_session_id=5196755 peer_session_id=128 240 + ======================== =================== 248 241 249 242 When done at both ends of the tunnel, it should be possible to send 250 - data over the network. e.g. 243 + data over the network. e.g.:: 251 244 252 - # ping 10.5.1.1 245 + # ping 10.5.1.1 253 246 254 247 255 248 Sample Userspace Code 256 249 ===================== 257 250 258 - 1. Create tunnel management PPPoX socket 251 + 1. Create tunnel management PPPoX socket:: 259 252 260 - kernel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); 261 - if (kernel_fd >= 0) { 262 - struct sockaddr_pppol2tp sax; 263 - struct sockaddr_in const *peer_addr; 253 + kernel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP); 254 + if (kernel_fd >= 0) { 255 + struct sockaddr_pppol2tp sax; 256 + struct sockaddr_in const *peer_addr; 264 257 265 - peer_addr = l2tp_tunnel_get_peer_addr(tunnel); 266 - memset(&sax, 0, sizeof(sax)); 267 - sax.sa_family = AF_PPPOX; 268 - sax.sa_protocol = PX_PROTO_OL2TP; 269 - sax.pppol2tp.fd = udp_fd; /* fd of tunnel UDP socket */ 270 - sax.pppol2tp.addr.sin_addr.s_addr = peer_addr->sin_addr.s_addr; 271 - sax.pppol2tp.addr.sin_port = peer_addr->sin_port; 272 - sax.pppol2tp.addr.sin_family = AF_INET; 273 - sax.pppol2tp.s_tunnel = tunnel_id; 274 - sax.pppol2tp.s_session = 0; /* special case: mgmt socket */ 275 - sax.pppol2tp.d_tunnel = 0; 276 - sax.pppol2tp.d_session = 0; /* special case: mgmt socket */ 258 + peer_addr = l2tp_tunnel_get_peer_addr(tunnel); 259 + memset(&sax, 0, sizeof(sax)); 260 + sax.sa_family = AF_PPPOX; 261 + sax.sa_protocol = PX_PROTO_OL2TP; 262 + sax.pppol2tp.fd = udp_fd; /* fd of tunnel UDP socket */ 263 + sax.pppol2tp.addr.sin_addr.s_addr = peer_addr->sin_addr.s_addr; 264 + sax.pppol2tp.addr.sin_port = peer_addr->sin_port; 265 + sax.pppol2tp.addr.sin_family = AF_INET; 266 + sax.pppol2tp.s_tunnel = tunnel_id; 267 + sax.pppol2tp.s_session = 0; /* special case: mgmt socket */ 268 + sax.pppol2tp.d_tunnel = 0; 269 + sax.pppol2tp.d_session = 0; /* special case: mgmt socket */ 277 270 278 - if(connect(kernel_fd, (struct sockaddr *)&sax, sizeof(sax) ) < 0 ) { 279 - perror("connect failed"); 280 - result = -errno; 281 - goto err; 282 - } 283 - } 271 + if(connect(kernel_fd, (struct sockaddr *)&sax, sizeof(sax) ) < 0 ) { 272 + perror("connect failed"); 273 + result = -errno; 274 + goto err; 275 + } 276 + } 284 277 285 - 2. Create session PPPoX data socket 278 + 2. Create session PPPoX data socket:: 286 279 287 - struct sockaddr_pppol2tp sax; 288 - int fd; 280 + struct sockaddr_pppol2tp sax; 281 + int fd; 289 282 290 - /* Note, the target socket must be bound already, else it will not be ready */ 291 - sax.sa_family = AF_PPPOX; 292 - sax.sa_protocol = PX_PROTO_OL2TP; 293 - sax.pppol2tp.fd = tunnel_fd; 294 - sax.pppol2tp.addr.sin_addr.s_addr = addr->sin_addr.s_addr; 295 - sax.pppol2tp.addr.sin_port = addr->sin_port; 296 - sax.pppol2tp.addr.sin_family = AF_INET; 297 - sax.pppol2tp.s_tunnel = tunnel_id; 298 - sax.pppol2tp.s_session = session_id; 299 - sax.pppol2tp.d_tunnel = peer_tunnel_id; 300 - sax.pppol2tp.d_session = peer_session_id; 283 + /* Note, the target socket must be bound already, else it will not be ready */ 284 + sax.sa_family = AF_PPPOX; 285 + sax.sa_protocol = PX_PROTO_OL2TP; 286 + sax.pppol2tp.fd = tunnel_fd; 287 + sax.pppol2tp.addr.sin_addr.s_addr = addr->sin_addr.s_addr; 288 + sax.pppol2tp.addr.sin_port = addr->sin_port; 289 + sax.pppol2tp.addr.sin_family = AF_INET; 290 + sax.pppol2tp.s_tunnel = tunnel_id; 291 + sax.pppol2tp.s_session = session_id; 292 + sax.pppol2tp.d_tunnel = peer_tunnel_id; 293 + sax.pppol2tp.d_session = peer_session_id; 301 294 302 - /* session_fd is the fd of the session's PPPoL2TP socket. 303 - * tunnel_fd is the fd of the tunnel UDP socket. 304 - */ 305 - fd = connect(session_fd, (struct sockaddr *)&sax, sizeof(sax)); 306 - if (fd < 0 ) { 307 - return -errno; 308 - } 309 - return 0; 295 + /* session_fd is the fd of the session's PPPoL2TP socket. 296 + * tunnel_fd is the fd of the tunnel UDP socket. 297 + */ 298 + fd = connect(session_fd, (struct sockaddr *)&sax, sizeof(sax)); 299 + if (fd < 0 ) { 300 + return -errno; 301 + } 302 + return 0; 310 303 311 304 Internal Implementation 312 305 =======================