[Swan] xl2tpd up/down

Paul Wouters paul at nohats.ca
Tue Mar 31 19:49:26 EEST 2015

On Tue, 31 Mar 2015, John Crisp wrote:

> I can see that when my connection comes up, options.xl2tpd is read and
> pppd runs ip-up.local
> What I can't see is what happens in reverse.

pppd should go through its regular down scripting. Add some "debug" to
options.xl2tpd to figure out what's going on? Note that xl2tpd also has
some debug options you can add in its compile:

# -DDEBUG_PPPD shows the command line of pppd and how we signal pppd

And there is code that kills pppd really hard to work around other bugs.
That behaviour in xl2tpd is tweaked using:

# Defining TRUST_PPPD_TO_DIE disables a workaround for broken pppds. Do NOT
# define this unless you fully trust your version of pppd to honour SIGTERM. 
# However, if you experience hanging pppd's, which cause xl2tpd to also hang,
# enable this. 
# The cost of not trusting pppd to die (and shoot it down hard), is that your
# pppd's ip-down scripts will not have a chance to run.
# For more details see: http://bugs.xelerance.com/view.php?id=739
# Confirmed bad versions of pppd:
# - ppp-2.4.2-6.4.RHEL4
# Confirmed good version of pppd:
# - recent Ubuntu/Debian pppd's
# ppp 2.4.3 sends a SIGTERM after 5 seconds, so it should be safe to
# trust pppd. This work around will be removed in the near future.

(note the link has been broken for a few years)

It looks like the xl2tpd package in fedora/epel does not set the
TRUST_PPPD_TO_DIE (which at this point is a bug - I'll fire up a
rebuild enabling it)


> I'd like to be able to run some stuff when the connection comes down and
> not sure how to easily detect that.

Additionally, you can specify leftupdown=/your/script.sh but you should
be sure to base it on updown.netkey.

More information about the Swan mailing list