According to the npppd.conf man page:

     pool-address address-range | address-mask [for dynamic | static]
             Specify the IP address space that is pooled for this IPCP
             setting.  The address space can be specified by address-range
             (e.g. 192.168.0.2-192.168.0.254) or address-mask (e.g.
             192.168.0.0/24) .  dynamic means the address space is reserved
             for dynamic allocation; static means the address space is
             reserved for static allocation.  The default is dynamic.  This
             option can be used multiple times.

However, if I try to specify an address-mask:

ipcp IPCP {
        pool-address 10.128.120.0/24
        dns-servers 10.128.0.4
        allow-user-selected-address no
}

It says there's a syntax error:

2014-02-28 11:48:24:NOTICE: Starting npppd pid=31351 version=5.0.0
2014-02-28 11:48:24:WARNING: pptpd GRE protocol not allowed
2014-02-28 11:48:24:CRIT: /etc/npppd/npppd.conf:12: syntax error
2014-02-28 11:48:24:CRIT: /etc/npppd/npppd.conf:17: ipcp IPCP is not found
2014-02-28 11:48:24:CRIT: /etc/npppd/npppd.conf:18: interface pppx0 is not found

I had originally specified an address range:

ipcp IPCP {
        pool-address 10.128.120.2-10.128.120.254
        dns-servers 10.128.0.4
        allow-user-selected-address no
}

This works, but it's rather confusing in that it shows a whole bunch of tiny
allocations rather than a contiguous one:

2014-02-28 11:53:08:INFO: ipcp=IPCP pool 
dyn_pool=[10.128.120.2/31,10.128.120.4/30,10.128.120.8/29,10.128.120.16/28,10.128.120.32/27,10.128.120.64/26,10.128.120.128/26,10.128.120.192/27,10.128.120.224/28,10.128.120.240/29,10.128.120.248/30,10.128.120.252/31,10.128.120.254/32]
 
pool=[10.128.120.2/31,10.128.120.4/30,10.128.120.8/29,10.128.120.16/28,10.128.120.32/27,10.128.120.64/26,10.128.120.128/26,10.128.120.192/27,10.128.120.224/28,10.128.120.240/29,10.128.120.248/30,10.128.120.252/31,10.128.120.254/32]

I thought maybe if I used the address-mask rather than a range this would
be cleaner.

Is the man page incorrect or am I specifying the CIDR address wrong? Assuming
I want to allocate 10.128.120.1 as the local tunnel endpoint, and the rest of
that /24 as VPN addresses, what's the best way to configure it?

Thanks...

Reply via email to