Review your favorite Linux distribution.
Go Back > Blogs > kostya
User Name


Rate this Entry

PPPoE: Roaring Penguin VS Kernel PPPoE, issues & solutions

Posted 02-09-2011 at 05:00 AM by kostya
Updated 02-21-2011 at 10:47 PM by kostya

OK, recently I posted this question; by now I guess I've got my answer.

So here are the steps I followed to test the KERNEL LEVEL PPPOE and the issues I had to resolve.

1. Setup.

When you read about it on Debian PPPoE Wiki page, it seems you need `pppoeconf` script or some other stuff to run it...
So wherever I'd go, there's never a simple and clear exhaustive explanation. So I figured, why not write one now?

OK, the kernel mode PPPoE setup is after all even simpler, than what some distros offer is very simple. Basically you only need a
name <your ISP login name from chap-secrets file>
#mtu 1492
#mru 1492
As usual with PPPoE or PPP, you sure have this file /etc/ppp/chap-secrets with your ISP login and password information. Very simple, as it doesn't depend on the kind of PPP type you're using.

OK! That's pretty much all you need to make a connection. You make it by calling `pppd` like this:
pppd eth2
You want, of course, to replace "eth2" with whatever your NIC connected to ADSL modem is (eth0, eth1 or other).

2.Problems & solutions

So far so good! `ifconfig` will show you `ppp0` interface to be up, but... in some cases you may fail to have "Internet connectivity" even though ppp0 is up.
And in /var/log/messages you see a self-explanatory message:
pppd[1234]: not replacing default route ... bla-bla-bla
NOT replacing default route!!!
But I sure have "defaultroute" option in my /etc/ppp/options, do I not???
Ah, but "defaultroute" option is not meant (contrary to what some idealists would naturally expect) to REPLACE default route. As pppd is meant for a wide variety of systems varying from simple to advanced configuration and fucntionality, "defaultroute" option can only ADD default route after bringing up ppp0 iface (if there was none before ppp0 was up), which will work if your PPP connection is the only one to connect you to the network.
But if you already have a network connection and default route set before you make a PPP connection (as in case of l2tp connections or your ISP's LAN), you'll have to manage the default route otherwise.

Let's see what the documentation says anyway...
Reading man pppd one finds out more about the files residing in /etc/ppp directory which are used to configure the behaviour of the pppd daemon.
...In most cases the defaultroute and/or
       proxyarp options are sufficient for  this,  but  in  some  cases  further  intervention  is
       required.  The /etc/ppp/ip-up script can be used for this....

              A  program  or  script  which  is  executed just before the ppp network interface is
              brought up...
OK! In Debian configuration it is defined in /etc/network/interfaces as a pre-up directive.
So if we're on a RedHat derivatives we can add the string to delete default route into /etc/ppp/ip-pre-up (and make it executable). And no dirty fixes any more!
In my installation (Fedora 14)this file doesn't exist by default, so it needs to be created.There we can place this line:
#!/bin/bash  #don't forget this, too:)
if [ -n "$(ip route list | grep default)" ]; then
   ip route del default > /dev/null 2>&1
Then the rest of it must be done automatically after you call the ppp daemon from init script, which in such case need not contain much more than the line
pppd ethN
Then, while pppd is called, /etc/ppp/pre-ip-up is called deleting the default route and bring up ppp0, which then will ADD default route as per option 'defaultroute' in our /etc/ppp/options file. In case it goes down and ppp has to bring it up again, the whole procedure will be run again automatically.

In this straightforward configuration PPPoE is really more stable and takes much less of system resources to run. And this is actually how Debian systems do it, only in a slightly different way. For example, in Debian they use /etc/ppp/peers options file and invoke pppd with
pppd call $peers_file
, which possibility is very well described in pppd man pages as a way unprivileged user can call pppd. Well on some systems this is not what you want, so you can stick to the more generic way described here, where pppd is called on system startup without any control by unprivileged users.

ONE MORE THING. As is mentioned in many sources (and Roaring Penguin configuration script does it, too), if your PPPoE machine is a GATEWAY for a small network, you need to define a so-called TCP MSS value, or else some sites like Google, Yahoo and some other will never be accessible from the local network.
for this you just add this line to your iptables script:
iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
1. /etc/ppp/options file
2. /etc/ppp/pre-up-up file (optional) to delete default route.
3. /etc/ppp/{ ip-up, ip-up.local } file to run additional commands AFTER ppp0 is up.
4. init script to start pppd.
Then again pppd package includes scripts to bring things back to what they were before
ppp0 was brought up: /etc/ppp/{ ip-down, ip-down.local } One may need these if he's configuring it all manually relying only on the pppd provided scripts to handle PPPoE (and basically, PPP).

However, in various distros there are automated scripts to handle network interfaces in slightly different ways, including also ppp0 iface, but it wasn't my purpose here to discuss these things.
Posted in Uncategorized
Views 3157 Comments 0
« Prev     Main     Next »
Total Comments 0




All times are GMT -5. The time now is 12:52 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration