platform/external/pppoe.git - Unnamed repository; edit this file 'description' to name the repository.

1 # LIC: GPL
2
3 $Id$
4
5 This package lets you connect a Linux machine to an ISP that uses PPPoE.
6 PPPoE is used by many DSL providers and some wireless providers.
7
8 Follow these steps and you should have your PPPoE service up and running.
9
10 0. Install the rp-pppoe-software
11 --------------------------------
12
13 You should have already done this by the time you're reading this.  If not,
14 go back and read README.
15
16 1. Set up your Ethernet hardware
17 --------------------------------
18
19 First, make sure the Ethernet card you intend to use with the modem is
20 visible to the Linux kernel.  Just how to do this is beyond the scope
21 of this document.  However, if the card is the only Ethernet card in
22 the system, executing:
23
24 	ifconfig eth0
25
26 should display something like this:
27
28 	eth0      Link encap:Ethernet  HWaddr 00:60:67:62:31:D4
29
30 plust some more lines.  Your HWaddr will be different.  As long as you see
31 the HWaddr line, your card should be working.
32
33 DO NOT assign an IP address to the Ethernet card.  DO NOT configure the
34 card to come up at boot time.
35
36 2. Configure various files
37 --------------------------
38
39 Several files need editing.  The easiest way to do this is to run
40 the following command as root:
41
42 	pppoe-setup
43
44 Answer the questions and you should be all set.  If you want to know what
45 goes on behind the scenes, continue reading this document.  If you don't
46 care and your connection works, stop reading. :-)
47
48 3. Edit pap-secrets
49 -------------------
50
51 Edit the "pap-secrets" file, inserting your proper user-ID and password.
52 Install the file (or copy the relevant lines) to /etc/ppp/pap-secrets.
53 Your ISP may use CHAP authentication.  In this case, add the line to
54 /etc/ppp/chap-secrets.
55
56 4. Edit /etc/ppp/pppoe.conf
57 -----------------------------
58
59 The file /etc/ppp/pppoe.conf contains configuration information for the
60 DSL connection.  You need to edit the following items:
61
62 - Change ETH=eth1 to the correct Ethernet device for your modem.
63 - Change USER=bxxxnxnx@sympatico.ca to your proper DSL user-ID.
64
65 Don't edit any of the other settings unless you're an expert.
66
67 5. Set up DNS
68 -------------
69
70 If you are using DNS servers supplied by your ISP, edit the file
71 /etc/resolv.conf to contain these lines:
72
73 	nameserver ip_addr_of_first_dns_server
74 	nameserver ip_addr_of_second_dns_server
75
76 For example:
77
78 	nameserver 204.101.251.1
79 	nameserver 204.101.251.2
80
81
82 6. Firewall your machine
83 ------------------------
84
85 MAKE SURE YOU FIREWALL YOUR MACHINE.  A sample firewall script is given
86 in the shell script "firewall"  To install the script:
87
88 a) Copy it to /etc/rc.d/init.d/firewall
89 b) Type: chkconfig firewall on
90 c) Start the firewall: sh /etc/rc.d/init.d/firewall start
91
92 (The above procedure works ONLY on Red Hat-like systems.)
93
94 You may want to tweak the script somewhat.
95
96 7. Bring up the connection at boot time
97 ---------------------------------------
98
99 On a Red Hat system, the installation procedure should have installed
100 a script called /etc/rc.d/init.d/pppoe.  To bring up the connection
101 at boot time, just type this command as root:
102
103 	chkconfig --add pppoe
104
105 On non-Red-Hat systems, add this line to the end
106 of /etc/rc.d/rc.local:
107
108 	/usr/sbin/pppoe-start
109
110 8. Configure LAN Hosts
111 ----------------------
112
113 If you have a LAN behind the firewall, you have to lower the TCP
114 maximum segment size from the normal 1460 to 1452 (or better, 1412.)
115 You have two options: Either set the MTU of all the interfaces on
116 other hosts on the LAN to 1452, or use the "-m 1412" option to pppoe.
117 The "-m" option for pppoe is far simpler and makes it easier to add
118 hosts to the LAN, but consumes some extra CPU time.
119
120 If you want to manually configure the LAN hosts, here's how:
121
122 In Linux, use: "ifconfig eth0 mtu 1452".  For best results, put this
123 in an /etc/rc.d/rc.local script.
124
125 For Windows, machines, see http://lan.cns.ksu.edu/OS/WIN95/slip95.htm.
126 Set the MaxMTU to 1452.
127
128 9. Commands to control the PPPoE link
129 -------------------------------------
130
131 As root, bring up the link by typing:   pppoe-start
132 As root, bring down the link by typing: pppoe-stop
133
134 That's it!
135
136 --
137 David F. Skoll <dfs@roaringpenguin.com> | Roaring Penguin Software Inc.
138 http://www.roaringpenguin.com           |
139
140 PROBLEMS!  DAVE, IT DOESN'T WORK!
141 ---------------------------------
142
143 Here are some problems PPPoE users have encountered.
144
145 -----------------------------------------------------------------------------
146 A) Can't see the Ethernet interface
147
148 Well, I can't really help you here.  To use these instructions, you must
149 have Linux working to the point where it recognizes your Ethernet card.
150 If you type "ifconfig ethx" and you get back a HWAddr value, your Ethernet
151 card is probably OK.  But I really can't help with hardware configuration
152 issues.
153
154 -----------------------------------------------------------------------------
155 B) Connection seems to come up, but I can't browse the web or ping anything
156
157 You probably don't have DNS set up.  See step 6.
158
159 -----------------------------------------------------------------------------
160 C) Can't compile PPPoE
161
162 Make sure you have "make", the C compiler and all development header
163 files installed.  I only test rp-pppoe on Linux.  It might not work on
164 *BSD and probably won't work on any other version of UNIX.
165
166 -----------------------------------------------------------------------------
167 D) pppd complains about (i) "unknown option pty" or (ii) "pty option precludes
168    specifying device name"
169
170 (i) Your pppd is too old.  You need at least 2.3.7.
171 (ii) Your /etc/ppp/options file is not empty.  Empty it!
172
173 -----------------------------------------------------------------------------
174 E) pppoe dies with the log message "Message too long"
175
176 You set the MTU of the Ethernet interface connected to the DSL modem
177 to less than 1500.  Don't do that.
178
179 -----------------------------------------------------------------------------
180 F) Internal hosts can't see the Internet
181
182 Do you have masquerading set up?  I can't help you in great detail, but
183 see the IPCHAINS-HOWTO and the IP-Masquerade mini-HOWTO.
184
185 -----------------------------------------------------------------------------
186 G) Authentication fails
187
188 Make sure you have the right secret in /etc/ppp/pap-secrets.  Your ISP
189 may be using CHAP; it won't hurt to copy the line to /etc/ppp/chap-secrets.
190
191 Also, MAKE SURE that /etc/ppp/options is EMPTY.  The "pppoe-connect" script
192 supplies all required options on the command line; additional options
193 in /etc/ppp/options may mess things up.
194
195 -----------------------------------------------------------------------------
196 H) VPN software does not work
197
198 If you are using VPN software on a Windows or Linux machine with another
199 Linux machine running PPPoE as the gateway, you MUST NOT use the "-m" option
200 to pppoe.  This alters IP packets, which will break any VPN which uses IPSec.
201 In /etc/ppp/pppoe.conf, set CLAMPMSS to "no".  You'll also have to reduce
202 the MTU on the hosts behind the gateway to 1452.
203
204 -----------------------------------------------------------------------------
205 I) I can browse some web sites just fine, but others stall forever.
206
207 There is probably a buggy router or firewall between you and the Web server.
208 One possible workaround:  In /etc/ppp/pppoe.conf, find the line which reads:
209
210 	CLAMPMSS=1412
211
212 Try lowering the 1412 until it works (go down in steps of 100 or so.)  Each
213 time you lower the value, you have to restart your connection like this:
214
215 	pppoe-stop; pppoe-start
216
217 This should work around buggy routers which do not support Path MTU discovery.
218
219 -----------------------------------------------------------------------------
220 J) Whenever I connect using DSL, my internal LAN no longer sees the gateway
221
222 You are more than likely running a 2.0.X Linux kernel.  To solve this
223 problem, give the Ethernet card connected to the DSL modem a fake IP
224 address.  For example, if eth0 is your internal LAN card and eth1 goes to
225 the DSL modem, do something like this:
226
227 	ifconfig eth1 10.0.0.1 netmask 255.255.255.0
228
229 (You may have to choose a different IP address; experiment.)
230 -----------------------------------------------------------------------------
231 K) How can I run a script every time I connect and get a new IP address?
232
233 Put the script in /etc/ppp/ip-up.  See the pppd(8) man page.
234 -----------------------------------------------------------------------------
235 L) Nothing works!
236
237 You may need to put your Ethernet card in half-duplex, 10Mb/s mode to
238 work with the DSL modem.  You may have to run a DOS program to do this,
239 or pass special parameters to the Linux driver.
240
241 Some providers object to attempts to set the MRU or MTU.  Try removing
242 "mtu 1492 mru 1492" from PPP_STD_OPTIONS in the pppoe-connect script.
243 This problem has been seen with an ISP in Hong Kong.
244
245 Your DSL provider may be using non-standard PPPoE frames or require
246 something special in the Service-Name field.  If you have two computers,
247 you can try sniffing out these values with the "pppoe-sniff" program.
248 Type "man pppoe-sniff" for details.  If you don't have two computers,
249 you'll have to ask your DSL provider if it uses non-standard PPPoE frames
250 or special Service-Name fields.  Good luck getting an answer...
251
252 If pppoe-sniff indicates that nothing is amiss, make sure the Ethernet
253 card associated with the DSL modem does NOT have a valid IP address.
254 (NOTE: For 2.0 kernels, you may have to give it a fake IP address
255 which is not on your internal subnet.  Something like 192.168.42.42
256 might work if you are not using 192.168.42.*)
257
258 If you are using synchronous PPP on a slow machine, try switching to
259 asynchronous PPP.
260
261 Make sure no entries in the routing table go through the Ethernet card
262 connected to the DSL modem.  You might want to add these lines in
263 pppoe-connect:
264
265 	ifconfig ethx down
266 	ifconfig ethx up mtu 1500
267
268 which should reset things to sane values.
269
1	# LIC: GPL
2
3	$Id$
4
5	This package lets you connect a Linux machine to an ISP that uses PPPoE.
6	PPPoE is used by many DSL providers and some wireless providers.
7
8	Follow these steps and you should have your PPPoE service up and running.
9
10	0. Install the rp-pppoe-software
11	--------------------------------
12
13	You should have already done this by the time you're reading this. If not,
14	go back and read README.
15
16	1. Set up your Ethernet hardware
17	--------------------------------
18
19	First, make sure the Ethernet card you intend to use with the modem is
20	visible to the Linux kernel. Just how to do this is beyond the scope
21	of this document. However, if the card is the only Ethernet card in
22	the system, executing:
23
24	ifconfig eth0
25
26	should display something like this:
27
28	eth0 Link encap:Ethernet HWaddr 00:60:67:62:31:D4
29
30	plust some more lines. Your HWaddr will be different. As long as you see
31	the HWaddr line, your card should be working.
32
33	DO NOT assign an IP address to the Ethernet card. DO NOT configure the
34	card to come up at boot time.
35
36	2. Configure various files
37	--------------------------
38
39	Several files need editing. The easiest way to do this is to run
40	the following command as root:
41
42	pppoe-setup
43
44	Answer the questions and you should be all set. If you want to know what
45	goes on behind the scenes, continue reading this document. If you don't
46	care and your connection works, stop reading. :-)
47
48	3. Edit pap-secrets
49	-------------------
50
51	Edit the "pap-secrets" file, inserting your proper user-ID and password.
52	Install the file (or copy the relevant lines) to /etc/ppp/pap-secrets.
53	Your ISP may use CHAP authentication. In this case, add the line to
54	/etc/ppp/chap-secrets.
55
56	4. Edit /etc/ppp/pppoe.conf
57	-----------------------------
58
59	The file /etc/ppp/pppoe.conf contains configuration information for the
60	DSL connection. You need to edit the following items:
61
62	- Change ETH=eth1 to the correct Ethernet device for your modem.
63	- Change USER=bxxxnxnx@sympatico.ca to your proper DSL user-ID.
64
65	Don't edit any of the other settings unless you're an expert.
66
67	5. Set up DNS
68	-------------
69
70	If you are using DNS servers supplied by your ISP, edit the file
71	/etc/resolv.conf to contain these lines:
72
73	nameserver ip_addr_of_first_dns_server
74	nameserver ip_addr_of_second_dns_server
75
76	For example:
77
78	nameserver 204.101.251.1
79	nameserver 204.101.251.2
80
81
82	6. Firewall your machine
83	------------------------
84
85	MAKE SURE YOU FIREWALL YOUR MACHINE. A sample firewall script is given
86	in the shell script "firewall" To install the script:
87
88	a) Copy it to /etc/rc.d/init.d/firewall
89	b) Type: chkconfig firewall on
90	c) Start the firewall: sh /etc/rc.d/init.d/firewall start
91
92	(The above procedure works ONLY on Red Hat-like systems.)
93
94	You may want to tweak the script somewhat.
95
96	7. Bring up the connection at boot time
97	---------------------------------------
98
99	On a Red Hat system, the installation procedure should have installed
100	a script called /etc/rc.d/init.d/pppoe. To bring up the connection
101	at boot time, just type this command as root:
102
103	chkconfig --add pppoe
104
105	On non-Red-Hat systems, add this line to the end
106	of /etc/rc.d/rc.local:
107
108	/usr/sbin/pppoe-start
109
110	8. Configure LAN Hosts
111	----------------------
112
113	If you have a LAN behind the firewall, you have to lower the TCP
114	maximum segment size from the normal 1460 to 1452 (or better, 1412.)
115	You have two options: Either set the MTU of all the interfaces on
116	other hosts on the LAN to 1452, or use the "-m 1412" option to pppoe.
117	The "-m" option for pppoe is far simpler and makes it easier to add
118	hosts to the LAN, but consumes some extra CPU time.
119
120	If you want to manually configure the LAN hosts, here's how:
121
122	In Linux, use: "ifconfig eth0 mtu 1452". For best results, put this
123	in an /etc/rc.d/rc.local script.
124
125	For Windows, machines, see http://lan.cns.ksu.edu/OS/WIN95/slip95.htm.
126	Set the MaxMTU to 1452.
127
128	9. Commands to control the PPPoE link
129	-------------------------------------
130
131	As root, bring up the link by typing: pppoe-start
132	As root, bring down the link by typing: pppoe-stop
133
134	That's it!
135
136	--
137	David F. Skoll <dfs@roaringpenguin.com> \| Roaring Penguin Software Inc.
138	http://www.roaringpenguin.com \|
139
140	PROBLEMS! DAVE, IT DOESN'T WORK!
141	---------------------------------
142
143	Here are some problems PPPoE users have encountered.
144
145	-----------------------------------------------------------------------------
146	A) Can't see the Ethernet interface
147
148	Well, I can't really help you here. To use these instructions, you must
149	have Linux working to the point where it recognizes your Ethernet card.
150	If you type "ifconfig ethx" and you get back a HWAddr value, your Ethernet
151	card is probably OK. But I really can't help with hardware configuration
152	issues.
153
154	-----------------------------------------------------------------------------
155	B) Connection seems to come up, but I can't browse the web or ping anything
156
157	You probably don't have DNS set up. See step 6.
158
159	-----------------------------------------------------------------------------
160	C) Can't compile PPPoE
161
162	Make sure you have "make", the C compiler and all development header
163	files installed. I only test rp-pppoe on Linux. It might not work on
164	*BSD and probably won't work on any other version of UNIX.
165
166	-----------------------------------------------------------------------------
167	D) pppd complains about (i) "unknown option pty" or (ii) "pty option precludes
168	specifying device name"
169
170	(i) Your pppd is too old. You need at least 2.3.7.
171	(ii) Your /etc/ppp/options file is not empty. Empty it!
172
173	-----------------------------------------------------------------------------
174	E) pppoe dies with the log message "Message too long"
175
176	You set the MTU of the Ethernet interface connected to the DSL modem
177	to less than 1500. Don't do that.
178
179	-----------------------------------------------------------------------------
180	F) Internal hosts can't see the Internet
181
182	Do you have masquerading set up? I can't help you in great detail, but
183	see the IPCHAINS-HOWTO and the IP-Masquerade mini-HOWTO.
184
185	-----------------------------------------------------------------------------
186	G) Authentication fails
187
188	Make sure you have the right secret in /etc/ppp/pap-secrets. Your ISP
189	may be using CHAP; it won't hurt to copy the line to /etc/ppp/chap-secrets.
190
191	Also, MAKE SURE that /etc/ppp/options is EMPTY. The "pppoe-connect" script
192	supplies all required options on the command line; additional options
193	in /etc/ppp/options may mess things up.
194
195	-----------------------------------------------------------------------------
196	H) VPN software does not work
197
198	If you are using VPN software on a Windows or Linux machine with another
199	Linux machine running PPPoE as the gateway, you MUST NOT use the "-m" option
200	to pppoe. This alters IP packets, which will break any VPN which uses IPSec.
201	In /etc/ppp/pppoe.conf, set CLAMPMSS to "no". You'll also have to reduce
202	the MTU on the hosts behind the gateway to 1452.
203
204	-----------------------------------------------------------------------------
205	I) I can browse some web sites just fine, but others stall forever.
206
207	There is probably a buggy router or firewall between you and the Web server.
208	One possible workaround: In /etc/ppp/pppoe.conf, find the line which reads:
209
210	CLAMPMSS=1412
211
212	Try lowering the 1412 until it works (go down in steps of 100 or so.) Each
213	time you lower the value, you have to restart your connection like this:
214
215	pppoe-stop; pppoe-start
216
217	This should work around buggy routers which do not support Path MTU discovery.
218
219	-----------------------------------------------------------------------------
220	J) Whenever I connect using DSL, my internal LAN no longer sees the gateway
221
222	You are more than likely running a 2.0.X Linux kernel. To solve this
223	problem, give the Ethernet card connected to the DSL modem a fake IP
224	address. For example, if eth0 is your internal LAN card and eth1 goes to
225	the DSL modem, do something like this:
226
227	ifconfig eth1 10.0.0.1 netmask 255.255.255.0
228
229	(You may have to choose a different IP address; experiment.)
230	-----------------------------------------------------------------------------
231	K) How can I run a script every time I connect and get a new IP address?
232
233	Put the script in /etc/ppp/ip-up. See the pppd(8) man page.
234	-----------------------------------------------------------------------------
235	L) Nothing works!
236
237	You may need to put your Ethernet card in half-duplex, 10Mb/s mode to
238	work with the DSL modem. You may have to run a DOS program to do this,
239	or pass special parameters to the Linux driver.
240
241	Some providers object to attempts to set the MRU or MTU. Try removing
242	"mtu 1492 mru 1492" from PPP_STD_OPTIONS in the pppoe-connect script.
243	This problem has been seen with an ISP in Hong Kong.
244
245	Your DSL provider may be using non-standard PPPoE frames or require
246	something special in the Service-Name field. If you have two computers,
247	you can try sniffing out these values with the "pppoe-sniff" program.
248	Type "man pppoe-sniff" for details. If you don't have two computers,
249	you'll have to ask your DSL provider if it uses non-standard PPPoE frames
250	or special Service-Name fields. Good luck getting an answer...
251
252	If pppoe-sniff indicates that nothing is amiss, make sure the Ethernet
253	card associated with the DSL modem does NOT have a valid IP address.
254	(NOTE: For 2.0 kernels, you may have to give it a fake IP address
255	which is not on your internal subnet. Something like 192.168.42.42
256	might work if you are not using 192.168.42.*)
257
258	If you are using synchronous PPP on a slow machine, try switching to
259	asynchronous PPP.
260
261	Make sure no entries in the routing table go through the Ethernet card
262	connected to the DSL modem. You might want to add these lines in
263	pppoe-connect:
264
265	ifconfig ethx down
266	ifconfig ethx up mtu 1500
267
268	which should reset things to sane values.
269