prol2tp
NAME
prol2tp - command-line management application for ProL2TPSYNOPSIS
prol2tp show system [statistics | config]prol2tp show license
prol2tp show peer profile [<name>]
prol2tp show tunnel profile [<name>]
prol2tp show session profile [<name>]
prol2tp show ppp profile [<name>]
prol2tp show ethernet profile [<name>]
prol2tp show tunnel [<name|id>] [config|status]
prol2tp show session [<name|@id>] [<name|@id>]] [config|status]
prol2tp show ippool [<name>]
prol2tp debug <debug-option-list> <on|off>
prol2tp debug tunnel profile <name> <on|off>
prol2tp debug session profile <name> <on|off>
prol2tp debug ippool <name> <on|off>
prol2tp debug tunnel <name|@id> <on|off>
prol2tp debug session <name|@id> <name|@id> <on|off>
prol2tp show log
prol2tp clear log
DESCRIPTION
This document provides documentation of ProL2TP's prol2tp command line utility, which is used to display status of the prol2tpd daemon. It also provides a convenient interface to modify debug control settings. Refer to prol2tp(7) for a general description of the ProL2TP package. Use the following command to access that page instead of this one.# man 7 prol2tp
ProL2TP is controlled using a private control socket. Messages are exchanged with the prol2tp daemon. This application lets operators examine the state of a running prol2tpd, showing detailed configuration information and listing currently open tunnels and sessions.
With the optional ProL2TP SDK, custom applications using the ProL2TP API may be developed where closer integration with third party systems is needed, e.g. billing systems.
The main configuration interface of prol2tpd is the config file, described in prol2tpd.conf(5). This application provides read-only access to the daemon's state.
For information about the general features of ProL2TP please refer to the prol2tp(7) manual page.
ENVIRONMENT
prol2tpd must be running before the first prol2tp command is issued. ProL2TP uses private Unix sockets to communicate with prol2tpd, so the system must be capable of running Unix sockets. If prol2tpd is not running when prol2tp is invoked, an error will occur.SHOW COMMANDS
The commands supported by prol2tp are listed below.SHOW SYSTEM
prol2tp show system [statistics | config]
Displays system global configuration or statistics. Use this command to quickly see how many active tunnels and sessions that prol2tpd is handling. For debugging problems, dump detailed statistics from the daemon using the optional statistics command switch.
SHOW LICENSE
prol2tp show license
Displays information about the license. Some licenses limit the features available. Use this command to verify the license is installed correctly.
SHOW PEER PROFILE
prol2tp show peer profile [<profile-name>]
Displays a list of peer profiles or information about a specific peer profile. To see detailed configuration of a specific profile, provide the profile name when entering the command.
Peer profiles are the core mechanism used in servers to identify specific tunnel, session and ppp profiles for incoming requests from clients. Peers are identified by name or by IP address / netmask. The peer profile specifies default tunnel, session and PPP profile names which are to be used for the peer, unless overridden by other settings. Peer profiles are matched by IP address or peer identifier, which is provided in the L2TP tunnel setup request. Thus, peer profiles are only needed when different parameters are required for different peers.
SHOW TUNNEL PROFILE
prol2tp show tunnel profile [<profile-name>]
Displays a list of tunnel profiles or information about a specific tunnel profile. To see detailed configuration of a specific profile, provide the profile name when entering the command.
Tunnel profiles provide tunnel parameter values. These are used to configure settings such as tunnel authentication mode and secret, UDP or IP encapsulation, L2TP protocol parameters etc.
SHOW SESSION PROFILE
prol2tp show session profile [<profile-name>]
Displays a list of session profiles or information about a specific session profile. To see detailed configuration of a specific profile, provide the profile name when entering the command.
Session profiles provide session parameter values. These are used to configure settings such as session type, data sequence number enable, allowed framing types etc.
SHOW ETHERNET PROFILE
prol2tp show ethernet profile [<profile-name>]
Displays a list of ethernet profiles or information about a specific ethernet profile. To see detailed configuration of a specific profile, provide the profile name when entering the command.
Ethernet profiles define parameter values for L2TPv3 ethernet pseudowires. Use ethernet profiles to configure interface MTU and network interface parameters, such as bridge association.
SHOW PPP PROFILE
prol2tp show ppp profile [<profile-name>]
Displays a list of ppp profiles or information about a specific ppp profile. To see detailed configuration of a specific profile, provide the profile name when entering the command.
PPP profiles define parameter values for PPP sessions. For most setups, defaults will work fine. However, when certain PPP settings need to be set up, i.e. disabling mschap PPP authentication for some sessions, PPP profiles are useful.
SHOW TUNNEL
prol2tp show tunnel [<tunnel-name>|<@tunnel-id>] [config | status]
Displays a list of tunnels or detailed configuration and status of a specific tunnel. The tunnel is identified by a name (the name it is given in prol2tpd.conf) or its tunnel-id, which is usually assigned by the L2TP protocol. The optional config keyword may be used to suppress detailed status and statistics data from the tunnel dump output. Similarly, the optional status keyword suppresses detailed configuration data from the tunnel dump output. Tunnels can only have names when they are locally created. Tunnels created as a result of a request from a remote peer are marked with a '*' in the first column of the summary listing.
The tunnel summary listing lists some information about each tunnel, namely its tunnel id, the peer tunnel id, local and remote IP addresses and operational state. To dump more detailed configuration of a specific tunnel, simply provide the tunnel name or id with the command.
To distinguish tunnel names from tunnel ids, the @ character is used to prefix tunnel ids. This is needed because it is legal to name a tunnel with a numeric value. Therefore, to display detail about tunnel with tunnel-id 1234, use
# prol2tp show tunnel @1234not
# prol2tp show tunnel 1234
SHOW SESSION
prol2tp show session [<tunnel-name>|<@tunnel-id>] \ [<session-name>|<@session-id>] [config | status]
Displays a list of sessions or detailed configuration and status of a specific session. The session is identified by a name (the name it is given in prol2tpd.conf) or its session-id, which is usually assigned by the L2TP protocol. Sessions can only have names when they are locally created. Session names and session ids are scoped by tunnels. Thus, it is possible to have two sessions with id 3456 in different tunnels. The optional config keyword may be used to suppress detailed status and statistics data from the session dump output. Similarly, the optional status keyword suppresses detailed configuration data from the session dump output.
The session summary listing lists some information about each session, namely its session id, the peer session id, session type and operational state. To dump a list of sessions only on a specific tunnel, give the tunnel name or id with the command (but omit the session information). To dump more detailed configuration of a specific session, provide the tunnel name or id and the session name or id with the command. Sessions created as a result of a request from a remote peer are marked with a '*' in the first column of the summary listing.
To distinguish session names from session ids, the @ character is used to prefix session ids. This is needed because it is legal to name a session with a numeric value. Therefore, to display detail about session with session-id 1234, use
# prol2tp show session @4567 @1234not
# prol2tp show session @4567 1234
SHOW IPPOOL
prol2tp show ippool [<pool-name>]
Show a named ip pool, or list ip pool instances if no pool name is given.
DEBUG COMMANDS
The debug commands supported by prol2tp are listed below.Debug options are specified as a comma separated list of one or more of:-
protocol - L2TP protocol events fsm - Finite State Machine events (e.g. state changes) api - Management interface interactions transport - Log tunnel transport activity, e.g. packet sequence numbers, packet receive and transmit, to debug tunnel link establishment or failures data - Log L2TP data channel activity. Only L2TP control messages are logged, never user data packets. ppp - Enables trace of PPP packets from the PPP subsystem avp - L2TP Attribute Value Pairs (AVPs). func - Internal functional behavior system - Low level system activity, e.g. timers, sockets etc kernel - Messages from the kernel's L2TP subsystem all - Special value, meaning all of the above. none - Special value, meaning none of the above.
DEBUG SYSTEM
prol2tp debug <debug-option-list> <on|off>
Enable or disable the specified list of debug message types. Changing this value is equivalent to setting the same value using the debug setting in the system block of the config file.
DEBUG TUNNEL PROFILE
prol2tp debug tunnel profile <name> <on|off>
Enable or disable debug in tunnel instances created using the named tunnel profile.
DEBUG SESSION PROFILE
prol2tp debug session profile <name> <on|off>
Enable or disable debug in session instances created using the named session profile.
DEBUG IPPOOL
prol2tp debug ippool <name> <on|off>
Enable or disable debug of operations to the named IP pool. This may be useful to trace the allocation and release of addresses from the pool.
DEBUG TUNNEL
prol2tp debug tunnel <name|@id> <on|off>
Enable or disable debug messages of the specified tunnel instance. The tunnel must aleady exist. Tunnels may be identified by name or id. Tunnel ids are denoted using an '@' in front of the numeric tunnel id.
DEBUG SESSION
prol2tp debug session <name|@id> <name|@id> <on|off>
Enable or disable debug messages of the specified session instance. The session must already exist. Tunnels and sessions may be identified by name or id. Ids are denoted using an '@' in front of the numeric tunnel or session id.
LOG COMMANDS
ProL2TP has support for a separately configurable, internal log buffer. Debug messages can be configured to be logged there and viewed or cleared using commands defined here. The logging commands supported by prol2tp are listed below.SHOW LOG
Shows all the messages in the log buffer. The log buffer can be configured to overwrite old messages when it becomes full, or to stop logging when it fills up.CLEAR LOG
Clears the log buffer.EXAMPLES
-
- Show system configuration and statistics
-
# prol2tp show system
- List tunnel profiles, then show detail of one of them.
# prol2tp show tunnel profile default five nine seven ten two eight four one six three # prol2tp show tunnel profile three Tunnel profile three authorization mode NONE, hide AVPs OFF hello timeout 60, retry timeout 1, idle timeout 0 persist pend timeout: 300 rx window size 10, tx window size 10, max retries 5 use UDP checksums: ON do pmtu discovery: OFF, mtu: 1460 framing capability: SYNC ASYNC bearer capability: DIGITAL ANALOG use tiebreaker: OFF peer profile: default session profile: default ppp profile: default
- List session profiles, then show detail of one of them.
# prol2tp show session profile default five nine seven ten two eight four one six three # prol2tp show session profile nine Session profile nine ppp profile: default session type: unspecified data sequencing required: OFF use data sequence numbers: OFF persist pend timeout: 60 framing types: SYNC ASYNC bearer types: DIGITAL ANALOG connect speed: 1000000
- List ppp profiles, then show detail of one of them.
# prol2tp show ppp profile default five nine seven ten two eight four one six three # prol2tp show ppp profile two Ppp profile two mru: 1500, mtu: 1500, mode: SYNC|ASYNC allowed authentications: PAP CHAP MSCHAP max connect time: 0, max failure count: 10, idle timeout: 0 multilink: NO, proxy arp: NO IP parameters:- local address: NOT SET, peer address: NOT SET dns addresses: NOT SET / NOT SET wins addresses: NOT SET / NOT SET use radius: YES PAP parameters:- max auth requests: 10, restart interval: 3, timeout: 0 CHAP parameters:- interval: 10, max challenge: 10, restart: 3 LCP parameters:- echo failure count: 0, echo interval: 0 max config requests: 10, max config naks: 10 max terminate requests: 3, retransmit interval: 3 IPCP parameters:- max config requests: 10, max config naks: 10 max terminate requests: 3, retransmit interval: 3
- List tunnels, then show detail of one of them.
# prol2tp show tunnel TunId Local Peer PeerTId State * 60676 192.168.1.12 192.168.1.10 8 ESTABLISHED * 49634 192.168.1.12 192.168.1.11 8 ESTABLISHED # prol2tp show tunnel @60676 config Tunnel 60676, from 192.168.1.12 to 192.168.1.10:- state: ESTABLISHED created at: Feb 15 17:07:36 2009 created by admin: NO, tunnel mode: LNS peer tunnel id: 8, host name: NOT SET UDP ports: local 36638, peer 1701 authorization mode: NONE, hide AVPs: OFF session limit: 0, session count: 1 tunnel profile: default, peer profile: default session profile: default, ppp profile: default hello timeout: 60, retry timeout: 1, idle timeout: 0 rx window size: 10, tx window size: 10, max retries: 5 use udp checksums: ON do pmtu discovery: OFF, mtu: 1460 framing capability: SYNC ASYNC, bearer capability: DIGITAL ANALOG use tiebreaker: OFF trace flags: PROTOCOL FSM API peer vendor name: Microsoft peer protocol version: 1.0, firmware 1280 peer framing capability: SYNC peer bearer capability: NONE peer rx window size: 8 negotiated tx window size: 8
- List sessions, then show detail of one of them.
# prol2tp show session TunId SessId PeerSessId Type Name State * 60676 48098 1 PPP ESTABLISHED * 49634 3780 1 PPP ESTABLISHED # prol2tp show session @60676 @48098 Session 48098 on tunnel 60676:- type: LNS Incoming Call, state: ESTABLISHED created at: Feb 15 17:07:36 2009 created by admin: NO, peer session id: 1 interface name: ppp0 data sequencing required: OFF use data sequence numbers: OFF trace flags: PROTOCOL FSM API framing types: SYNC ASYNC bearer types: DIGITAL ANALOG connect speed: 1000000 use ppp proxy: NO Peer configuration data:- data sequencing required: OFF framing types: SYNC bearer types: ANALOG connect speed: 54000000 data rx packets: 1053, rx bytes: 121084, rx errors: 0 data tx packets: 8, tx bytes: 259, tx errors: 0
- List connected users.
# prol2tp show ppp TunId SesId User Create Time * 60676 48098 james Sun Feb 15 17:07:36 2009 * 49634 3780 chris Sun Feb 15 18:12:42 2009
REPORTING BUGS
Please report bugs to support@prol2tp.com.SEE ALSO
prol2tp(7), prol2tpd(8), prol2tpd.conf(5).
Index
- NAME
- SYNOPSIS
- DESCRIPTION
- ENVIRONMENT
- SHOW COMMANDS
- DEBUG COMMANDS
- LOG COMMANDS
- EXAMPLES
- REPORTING BUGS
- SEE ALSO
This document was created by man2html, using the manual pages.
Time: 12:19:17 GMT, April 05, 2016