blob: f0d71856378ea56458f5cbb5f95f4f3029677d37
1 | # LIC: GPL |
2 | |
3 | $Id$ |
4 | |
5 | This package lets you connect a Linux machine to an ISP that uses PPPoE. |
6 | PPPoE is used by many DSL providers and some wireless providers. |
7 | |
8 | Follow these steps and you should have your PPPoE service up and running. |
9 | |
10 | 0. Install the rp-pppoe-software |
11 | -------------------------------- |
12 | |
13 | You should have already done this by the time you're reading this. If not, |
14 | go back and read README. |
15 | |
16 | 1. Set up your Ethernet hardware |
17 | -------------------------------- |
18 | |
19 | First, make sure the Ethernet card you intend to use with the modem is |
20 | visible to the Linux kernel. Just how to do this is beyond the scope |
21 | of this document. However, if the card is the only Ethernet card in |
22 | the system, executing: |
23 | |
24 | ifconfig eth0 |
25 | |
26 | should display something like this: |
27 | |
28 | eth0 Link encap:Ethernet HWaddr 00:60:67:62:31:D4 |
29 | |
30 | plust some more lines. Your HWaddr will be different. As long as you see |
31 | the HWaddr line, your card should be working. |
32 | |
33 | DO NOT assign an IP address to the Ethernet card. DO NOT configure the |
34 | card to come up at boot time. |
35 | |
36 | 2. Configure various files |
37 | -------------------------- |
38 | |
39 | Several files need editing. The easiest way to do this is to run |
40 | the following command as root: |
41 | |
42 | pppoe-setup |
43 | |
44 | Answer the questions and you should be all set. If you want to know what |
45 | goes on behind the scenes, continue reading this document. If you don't |
46 | care and your connection works, stop reading. :-) |
47 | |
48 | 3. Edit pap-secrets |
49 | ------------------- |
50 | |
51 | Edit the "pap-secrets" file, inserting your proper user-ID and password. |
52 | Install the file (or copy the relevant lines) to /etc/ppp/pap-secrets. |
53 | Your ISP may use CHAP authentication. In this case, add the line to |
54 | /etc/ppp/chap-secrets. |
55 | |
56 | 4. Edit /etc/ppp/pppoe.conf |
57 | ----------------------------- |
58 | |
59 | The file /etc/ppp/pppoe.conf contains configuration information for the |
60 | DSL connection. You need to edit the following items: |
61 | |
62 | - Change ETH=eth1 to the correct Ethernet device for your modem. |
63 | - Change USER=bxxxnxnx@sympatico.ca to your proper DSL user-ID. |
64 | |
65 | Don't edit any of the other settings unless you're an expert. |
66 | |
67 | 5. Set up DNS |
68 | ------------- |
69 | |
70 | If you are using DNS servers supplied by your ISP, edit the file |
71 | /etc/resolv.conf to contain these lines: |
72 | |
73 | nameserver ip_addr_of_first_dns_server |
74 | nameserver ip_addr_of_second_dns_server |
75 | |
76 | For example: |
77 | |
78 | nameserver 204.101.251.1 |
79 | nameserver 204.101.251.2 |
80 | |
81 | |
82 | 6. Firewall your machine |
83 | ------------------------ |
84 | |
85 | MAKE SURE YOU FIREWALL YOUR MACHINE. A sample firewall script is given |
86 | in the shell script "firewall" To install the script: |
87 | |
88 | a) Copy it to /etc/rc.d/init.d/firewall |
89 | b) Type: chkconfig firewall on |
90 | c) Start the firewall: sh /etc/rc.d/init.d/firewall start |
91 | |
92 | (The above procedure works ONLY on Red Hat-like systems.) |
93 | |
94 | You may want to tweak the script somewhat. |
95 | |
96 | 7. Bring up the connection at boot time |
97 | --------------------------------------- |
98 | |
99 | On a Red Hat system, the installation procedure should have installed |
100 | a script called /etc/rc.d/init.d/pppoe. To bring up the connection |
101 | at boot time, just type this command as root: |
102 | |
103 | chkconfig --add pppoe |
104 | |
105 | On non-Red-Hat systems, add this line to the end |
106 | of /etc/rc.d/rc.local: |
107 | |
108 | /usr/sbin/pppoe-start |
109 | |
110 | 8. Configure LAN Hosts |
111 | ---------------------- |
112 | |
113 | If you have a LAN behind the firewall, you have to lower the TCP |
114 | maximum segment size from the normal 1460 to 1452 (or better, 1412.) |
115 | You have two options: Either set the MTU of all the interfaces on |
116 | other hosts on the LAN to 1452, or use the "-m 1412" option to pppoe. |
117 | The "-m" option for pppoe is far simpler and makes it easier to add |
118 | hosts to the LAN, but consumes some extra CPU time. |
119 | |
120 | If you want to manually configure the LAN hosts, here's how: |
121 | |
122 | In Linux, use: "ifconfig eth0 mtu 1452". For best results, put this |
123 | in an /etc/rc.d/rc.local script. |
124 | |
125 | For Windows, machines, see http://lan.cns.ksu.edu/OS/WIN95/slip95.htm. |
126 | Set the MaxMTU to 1452. |
127 | |
128 | 9. Commands to control the PPPoE link |
129 | ------------------------------------- |
130 | |
131 | As root, bring up the link by typing: pppoe-start |
132 | As root, bring down the link by typing: pppoe-stop |
133 | |
134 | That's it! |
135 | |
136 | -- |
137 | David F. Skoll <dfs@roaringpenguin.com> | Roaring Penguin Software Inc. |
138 | http://www.roaringpenguin.com | |
139 | |
140 | PROBLEMS! DAVE, IT DOESN'T WORK! |
141 | --------------------------------- |
142 | |
143 | Here are some problems PPPoE users have encountered. |
144 | |
145 | ----------------------------------------------------------------------------- |
146 | A) Can't see the Ethernet interface |
147 | |
148 | Well, I can't really help you here. To use these instructions, you must |
149 | have Linux working to the point where it recognizes your Ethernet card. |
150 | If you type "ifconfig ethx" and you get back a HWAddr value, your Ethernet |
151 | card is probably OK. But I really can't help with hardware configuration |
152 | issues. |
153 | |
154 | ----------------------------------------------------------------------------- |
155 | B) Connection seems to come up, but I can't browse the web or ping anything |
156 | |
157 | You probably don't have DNS set up. See step 6. |
158 | |
159 | ----------------------------------------------------------------------------- |
160 | C) Can't compile PPPoE |
161 | |
162 | Make sure you have "make", the C compiler and all development header |
163 | files installed. I only test rp-pppoe on Linux. It might not work on |
164 | *BSD and probably won't work on any other version of UNIX. |
165 | |
166 | ----------------------------------------------------------------------------- |
167 | D) pppd complains about (i) "unknown option pty" or (ii) "pty option precludes |
168 | specifying device name" |
169 | |
170 | (i) Your pppd is too old. You need at least 2.3.7. |
171 | (ii) Your /etc/ppp/options file is not empty. Empty it! |
172 | |
173 | ----------------------------------------------------------------------------- |
174 | E) pppoe dies with the log message "Message too long" |
175 | |
176 | You set the MTU of the Ethernet interface connected to the DSL modem |
177 | to less than 1500. Don't do that. |
178 | |
179 | ----------------------------------------------------------------------------- |
180 | F) Internal hosts can't see the Internet |
181 | |
182 | Do you have masquerading set up? I can't help you in great detail, but |
183 | see the IPCHAINS-HOWTO and the IP-Masquerade mini-HOWTO. |
184 | |
185 | ----------------------------------------------------------------------------- |
186 | G) Authentication fails |
187 | |
188 | Make sure you have the right secret in /etc/ppp/pap-secrets. Your ISP |
189 | may be using CHAP; it won't hurt to copy the line to /etc/ppp/chap-secrets. |
190 | |
191 | Also, MAKE SURE that /etc/ppp/options is EMPTY. The "pppoe-connect" script |
192 | supplies all required options on the command line; additional options |
193 | in /etc/ppp/options may mess things up. |
194 | |
195 | ----------------------------------------------------------------------------- |
196 | H) VPN software does not work |
197 | |
198 | If you are using VPN software on a Windows or Linux machine with another |
199 | Linux machine running PPPoE as the gateway, you MUST NOT use the "-m" option |
200 | to pppoe. This alters IP packets, which will break any VPN which uses IPSec. |
201 | In /etc/ppp/pppoe.conf, set CLAMPMSS to "no". You'll also have to reduce |
202 | the MTU on the hosts behind the gateway to 1452. |
203 | |
204 | ----------------------------------------------------------------------------- |
205 | I) I can browse some web sites just fine, but others stall forever. |
206 | |
207 | There is probably a buggy router or firewall between you and the Web server. |
208 | One possible workaround: In /etc/ppp/pppoe.conf, find the line which reads: |
209 | |
210 | CLAMPMSS=1412 |
211 | |
212 | Try lowering the 1412 until it works (go down in steps of 100 or so.) Each |
213 | time you lower the value, you have to restart your connection like this: |
214 | |
215 | pppoe-stop; pppoe-start |
216 | |
217 | This should work around buggy routers which do not support Path MTU discovery. |
218 | |
219 | ----------------------------------------------------------------------------- |
220 | J) Whenever I connect using DSL, my internal LAN no longer sees the gateway |
221 | |
222 | You are more than likely running a 2.0.X Linux kernel. To solve this |
223 | problem, give the Ethernet card connected to the DSL modem a fake IP |
224 | address. For example, if eth0 is your internal LAN card and eth1 goes to |
225 | the DSL modem, do something like this: |
226 | |
227 | ifconfig eth1 10.0.0.1 netmask 255.255.255.0 |
228 | |
229 | (You may have to choose a different IP address; experiment.) |
230 | ----------------------------------------------------------------------------- |
231 | K) How can I run a script every time I connect and get a new IP address? |
232 | |
233 | Put the script in /etc/ppp/ip-up. See the pppd(8) man page. |
234 | ----------------------------------------------------------------------------- |
235 | L) Nothing works! |
236 | |
237 | You may need to put your Ethernet card in half-duplex, 10Mb/s mode to |
238 | work with the DSL modem. You may have to run a DOS program to do this, |
239 | or pass special parameters to the Linux driver. |
240 | |
241 | Some providers object to attempts to set the MRU or MTU. Try removing |
242 | "mtu 1492 mru 1492" from PPP_STD_OPTIONS in the pppoe-connect script. |
243 | This problem has been seen with an ISP in Hong Kong. |
244 | |
245 | Your DSL provider may be using non-standard PPPoE frames or require |
246 | something special in the Service-Name field. If you have two computers, |
247 | you can try sniffing out these values with the "pppoe-sniff" program. |
248 | Type "man pppoe-sniff" for details. If you don't have two computers, |
249 | you'll have to ask your DSL provider if it uses non-standard PPPoE frames |
250 | or special Service-Name fields. Good luck getting an answer... |
251 | |
252 | If pppoe-sniff indicates that nothing is amiss, make sure the Ethernet |
253 | card associated with the DSL modem does NOT have a valid IP address. |
254 | (NOTE: For 2.0 kernels, you may have to give it a fake IP address |
255 | which is not on your internal subnet. Something like 192.168.42.42 |
256 | might work if you are not using 192.168.42.*) |
257 | |
258 | If you are using synchronous PPP on a slow machine, try switching to |
259 | asynchronous PPP. |
260 | |
261 | Make sure no entries in the routing table go through the Ethernet card |
262 | connected to the DSL modem. You might want to add these lines in |
263 | pppoe-connect: |
264 | |
265 | ifconfig ethx down |
266 | ifconfig ethx up mtu 1500 |
267 | |
268 | which should reset things to sane values. |
269 |