Merge pull request vyos#1176 from aapostoliuk/T5688-circunis

accel-ppp: T5688: Changing CLI to create client address pool
nicolas-fort · Dec 7, 2023 · 4144d78 · 4144d78
2 parents 3c101fe + 1096cbc
commit 4144d78
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 46 deletions.
diff --git a/docs/configuration/service/pppoe-server.rst b/docs/configuration/service/pppoe-server.rst
@@ -57,48 +57,35 @@ Client Address Pools
 --------------------
 
 To automatically assign the client an IP address as tunnel endpoint, a
-client IP pool is needed. The source can be either RADIUS or a local
-subnet or IP range definition.
-
-Once the local tunnel endpoint ``set service pppoe-server gateway-address
-'10.1.1.2'`` has been defined, the client IP pool can be either defined
-as a range or as subnet using CIDR notation. If the CIDR notation is
-used, multiple subnets can be setup which are used sequentially.
+client IP pool is needed. The source can be either RADIUS or a
+named pool. There is possibility to create multiple named pools.
+Each named pool can include only one address range. To use multiple
+address ranges configure ``next-pool`` option.
 
 
 **Client IP address via IP range definition**
 
-.. cfgcmd:: set service pppoe-server client-ip-pool start <address>
-
-   Use this command to define the first IP address of a pool of
-   addresses to be given to PPPoE clients. It must be within a /24
-   subnet.
-
-.. cfgcmd:: set service pppoe-server client-ip-pool stop <address>
-
-   Use this command to define the last IP address of a pool of
-   addresses to be given to PPPoE clients. It must be within a /24
-   subnet.
-
-.. code-block:: none
+.. cfgcmd:: set service pppoe-server client-ip-pool <POOL-NAME> range <x.x.x.x-x.x.x.x | x.x.x.x/x>
 
-  set service pppoe-server client-ip-pool start '10.1.1.100'
-  set service pppoe-server client-ip-pool stop '10.1.1.111'
+   Use this command to define the IP address range to be given
+   to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``,
+   it must be within a /24 subnet. If notation ``x.x.x.x/x`` is
+   used there is possibility to set host/netmask.
 
+.. cfgcmd:: set service pppoe-server client-ip-pool <POOL-NAME> next-pool <NEXT-POOL-NAME>
 
-**Client IP subnets via CIDR notation**
+   Use this command to define the next address pool name.
 
-.. cfgcmd:: set service pppoe-server client-ip-pool subnet <address>
+.. cfgcmd:: set service pppoe-server default-pool <POOL-NAME>
 
-   Use this command for every pool of client IP addresses you want to
-   define. The addresses of this pool will be given to PPPoE clients.
-   You must use CIDR notation.
+   Use this command to define default address pool name.
 
 .. code-block:: none
 
-  set service pppoe-server client-ip-pool subnet '10.1.1.0/24'
-  set service pppoe-server client-ip-pool subnet '10.1.2.0/23'
-  set service pppoe-server client-ip-pool subnet '10.1.4.0/22'
+  set service pppoe-server client-ip-pool IP-POOL next-pool 'IP-POOL2'
+  set service pppoe-server client-ip-pool IP-POOL range '10.0.10.5/24'
+  set service pppoe-server client-ip-pool IP-POOL2 range '10.0.0.10-10.0.0.12'
+  set service pppoe-server default-pool 'IP-POOL'
 
 
 **RADIUS based IP pools (Framed-IP-Address)**
@@ -213,8 +200,8 @@ For Local Users
   set service pppoe-server authentication local-users username foo rate-limit download '20480'
   set service pppoe-server authentication local-users username foo rate-limit upload '10240'
   set service pppoe-server authentication mode 'local'
-  set service pppoe-server client-ip-pool start '10.1.1.100'
-  set service pppoe-server client-ip-pool stop '10.1.1.111'
+  set service pppoe-server client-ip-pool IP-POOL range '10.1.1.100/24'
+  set service pppoe-server default-pool 'IP-POOL'
   set service pppoe-server name-server '10.100.100.1'
   set service pppoe-server name-server '10.100.200.1'
   set service pppoe-server interface 'eth1'
@@ -367,8 +354,8 @@ address from the pool 10.1.1.100-111, terminates at the local endpoint
   set service pppoe-server access-concentrator 'ACN'
   set service pppoe-server authentication local-users username foo password 'bar'
   set service pppoe-server authentication mode 'local'
-  set service pppoe-server client-ip-pool start '10.1.1.100'
-  set service pppoe-server client-ip-pool stop '10.1.1.111'
+  set service pppoe-server client-ip-pool IP-POOL range '10.1.1.100-10.1.1.111'
+  set service pppoe-server default-pool 'IP-POOL'
   set service pppoe-server interface eth1
   set service pppoe-server gateway-address '10.1.1.2'
   set service pppoe-server name-server '10.100.100.1'
@@ -385,8 +372,8 @@ The example below covers a dual-stack configuration via pppoe-server.
 
   set service pppoe-server authentication local-users username test password 'test'
   set service pppoe-server authentication mode 'local'
-  set service pppoe-server client-ip-pool start '192.168.0.1'
-  set service pppoe-server client-ip-pool stop '192.168.0.10'
+  set service pppoe-server client-ip-pool IP-POOL range '192.168.0.1/24'
+  set service pppoe-server default-pool 'IP-POOL'
   set service pppoe-server client-ipv6-pool delegate '2001:db8:8003::/48' delegation-prefix '56'
   set service pppoe-server client-ipv6-pool prefix '2001:db8:8002::/48' mask '64'
   set service pppoe-server ppp-options ipv6 allow

diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst
@@ -17,8 +17,8 @@ with native Windows and Mac VPN clients):
   set vpn ipsec interface eth0
 
   set vpn l2tp remote-access outside-address 192.0.2.2
-  set vpn l2tp remote-access client-ip-pool start 192.168.255.2
-  set vpn l2tp remote-access client-ip-pool stop 192.168.255.254
+  set vpn l2tp remote-access client-ip-pool L2TP-POOL range 192.168.255.2-192.168.255.254
+  set vpn l2tp remote-access default-pool 'L2TP-POOL'
   set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
   set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret <secret>
   set vpn l2tp remote-access authentication mode local
@@ -95,8 +95,8 @@ Below is an example to configure a LNS:
 .. code-block:: none
 
   set vpn l2tp remote-access outside-address 192.0.2.2
-  set vpn l2tp remote-access client-ip-pool start 192.168.255.2
-  set vpn l2tp remote-access client-ip-pool stop 192.168.255.254
+  set vpn l2tp remote-access client-ip-pool L2TP-POOL range 192.168.255.2-192.168.255.254
+  set vpn l2tp remote-access default-pool 'L2TP-POOL'
   set vpn l2tp remote-access lns shared-secret 'secret'
   set vpn l2tp remote-access ccp-disable
   set vpn l2tp remote-access authentication mode local
@@ -122,8 +122,8 @@ The rate-limit is set in kbit/sec.
 .. code-block:: none
 
   set vpn l2tp remote-access outside-address 192.0.2.2
-  set vpn l2tp remote-access client-ip-pool start 192.168.255.2
-  set vpn l2tp remote-access client-ip-pool stop 192.168.255.254
+  set vpn l2tp remote-access client-ip-pool L2TP-POOL range 192.168.255.2-192.168.255.254
+  set vpn l2tp remote-access default-pool 'L2TP-POOL'
   set vpn l2tp remote-access authentication mode local
   set vpn l2tp remote-access authentication local-users username test password test
   set vpn l2tp remote-access authentication local-users username test rate-limit download 20480

diff --git a/docs/configuration/vpn/pptp.rst b/docs/configuration/vpn/pptp.rst
@@ -20,8 +20,8 @@ server example
 
   set vpn pptp remote-access authentication local-users username test password 'test'
   set vpn pptp remote-access authentication mode 'local'
-  set vpn pptp remote-access client-ip-pool start '192.168.0.10'
-  set vpn pptp remote-access client-ip-pool stop '192.168.0.15'
+  set vpn pptp remote-access client-ip-pool PPTP-POOL range 192.168.0.10-192.168.0.15
+  set vpn pptp remote-access default-pool 'PPTP-POOL'
   set vpn pptp remote-access gateway-address '10.100.100.1'
   set vpn pptp remote-access outside-address '10.1.1.120'
 

diff --git a/docs/configuration/vpn/sstp.rst b/docs/configuration/vpn/sstp.rst
@@ -116,9 +116,20 @@ Configuration
   Specifies the port `<port>` that the SSTP port will listen on (default 443).
 
 
-.. cfgcmd:: set vpn sstp client-ip-pool subnet <subnet>
+.. cfgcmd:: set vpn sstp client-ip-pool <POOL-NAME> range <x.x.x.x-x.x.x.x | x.x.x.x/x>
 
-  Use `<subnet>` as the IP pool for all connecting clients.
+   Use this command to define the first IP address of a pool of
+   addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``,
+   it must be within a /24 subnet. If notation ``x.x.x.x/x`` is
+   used there is possibility to set host/netmask.
+
+.. cfgcmd:: set vpn sstp client-ip-pool <POOL-NAME> next-pool <NEXT-POOL-NAME>
+
+   Use this command to define the next address pool name.
+
+.. cfgcmd:: set vpn sstp default-pool <POOL-NAME>
+
+   Use this command to define default address pool name.
 
 
 .. cfgcmd:: set vpn sstp client-ipv6-pool prefix <address> mask <number-of-bits>