GitHub - HouzuoGuo/xl2tpd: Official Xelerance fork of L2TPd

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 546 Commits
contrib		contrib
debian		debian
doc		doc
examples		examples
packaging		packaging
scripts		scripts
.gitignore		.gitignore
.travis.yml		.travis.yml
BUGS		BUGS
CHANGES		CHANGES
CREDITS		CREDITS
LICENSE		LICENSE
Makefile		Makefile
README.xl2tpd		README.xl2tpd
TODO		TODO
aaa.c		aaa.c
aaa.h		aaa.h
avp.c		avp.c
avp.h		avp.h
avpsend.c		avpsend.c
call.c		call.c
call.h		call.h
common.h		common.h
control.c		control.c
control.h		control.h
file.c		file.c
file.h		file.h
ipsecmast.h		ipsecmast.h
l2tp.h		l2tp.h
md5.c		md5.c
md5.h		md5.h
misc.c		misc.c
misc.h		misc.h
network.c		network.c
osport.h		osport.h
pty.c		pty.c
scheduler.c		scheduler.c
scheduler.h		scheduler.h
xl2tpd-control.c		xl2tpd-control.c
xl2tpd.c		xl2tpd.c

Repository files navigation

URL : https://www.xelerance.com/software/xl2tpd/
Summary : Layer 2 Tunnelling Protocol Daemon (RFC 2661)
Description :
xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661).
L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user
sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP
servers. Another important application is Virtual Private Networks where
the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec,
RFC 3193). The L2TP/IPsec protocol is mainly used by Windows and
Mac OS X clients. On Linux, xl2tpd can be used in combination with IPsec
implementations such as Openswan.
Example configuration files for such a setup are included in this RPM.

xl2tpd works by opening a pseudo-tty for communicating with pppd.
It runs completely in userspace but supports kernel mode L2TP.

xl2tpd supports IPsec SA Reference tracking to enable overlapping internak
NAT'ed IP's by different clients (eg all clients connecting from their
linksys internal IP 192.168.1.101) as well as multiple clients behind
the same NAT router.

xl2tpd supports the pppol2tp kernel mode operations on 2.6.23 or higher,
or via a patch in contrib for 2.4.x kernels. Note that kernel mode and
IPsec SA Reference tracking do not yet work together.

Xl2tpd is based on the 0.69 L2TP by Jeff McAdams <jeffm@iglou.com>
It was de-facto maintained by Jacco de Leeuw <jacco2@dds.nl> in 2002 and 2003.

Mailing Lists :
https://lists.openswan.org/cgi-bin/mailman/listinfo/xl2tpd is home of the
mailing list. Note: This is a closed list - you *must* be subscribed to post.

The fork by Howard Guo:
I setup a xl2tpd server on Amazon EC2, and it worked beautifully with iOS/MacOS/Windows 7, but always disconnects Android L2TP client after several minutes.

After nearly a month of debugging effort, I still cannot give a definitive answer to the problem, but there is a workaround.

In the original issue, the Android client appears to always request tunnel twice - "peer requested tunnel xxx twice", but it does not happen on other clients (MacOS, Macbook, Windows 7, iOS).

In the source code, xl2tpd kills a tunnel if retransmission counter reaches certain threshold, it logs a message saying "Maximum retries exceeded for tunnel xxx" then hangs up on PPP connection.

But the problem is: for whatever reason, the tunnel is the __actively used__ tunnel, so hanging it up means terminating Android's L2TP connection.

The issue is resolved with my patch and all clients are now happy.