RADIUS and DM/CoA features

Since from commit version 385c403 accel-ppp support VRF (Virtual Routing and Forwarding).

Usually, this feature is useful to isolate clients e.g. put client interface to some context with different routing and firewall rules. User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA.

Accel-ppp uses own RADIUS vendor dictionary https://github.com/accel-ppp/accel-ppp/blob/master/accel-pppd/radius/dict/dictionary.accel and RADIUS attribute Accel-VRF-Name

All VRFs should be manually created in advance:

ip link add VRF_NAME type vrf table RT_TABLE_ID
ip link set dev VRF_NAME up

Linux VRF documentation https://www.kernel.org/doc/Documentation/networking/vrf.txt

If Accel-VRF-Name is used in Access-Accept message, but VRF was not created then the session will not be established.

Set VRF via CoA

Put user interface to some VRF context

echo 'User-Name=bob, Accel-VRF-Name="red"' | radclient -x 127.0.0.1:3799 coa testing123

Delete user interface from VRF context

echo 'User-Name=bob, Accel-VRF-Name="0"' | radclient -x 127.0.0.1:3799 coa testing123

If Accel-VRF-Name is used in CoA message and VRF does not exist then CoA-NAK will be sent.