Filed in archive
by Michael Hammer on August 26, 2006
This is for setting a FreeBSD ppp over Ethernet server with pppoe
1. Compile kernel with this options:
options NETGRAPH
options NETGRAPH_PPPOE
options NETGRAPH_SOCKET
2. Edit /etc/rc.conf, add:
pppoed_enable="YES"
pppoed_flags="-d -P /var/run/pppoed.pid -a "server" -l "default" "
pppoed_interface="fxp1"
3. /etc/ppp/ppp.conf
default:
set log Chat Command Phase #turn on some logging. See man ppp.conf
enable pap #turn on chap and pap accounting
enable chap
allow mode direct #turn on ppp bridging
enable proxy #turn on ppp proxyarping (redundant of a
disable ipv6cp #we don't use ipv6, don't want the errors
set mru 1492 #set mru below 1500 (PPPoE MTU issue)
set mtu 1492 #set mtu below 1500 (PPPoE MTU issue)
set ifaddr 10.0.0.1 10.0.1.1-10.0.5.254
set speed sync
set timeout 0
enable lqr
accept dns
4. edit /etc/ppp/ppp.secret
username password
Reboot.
Hint:
You could configure ipfw firewall to deny any to any and then make a script (easy) for every ppp connection to add a rule in firewall to allow ip for that connection.
Valuable Advices:
- If you use different versions of windows boxes (not only xp) let enable pap and chap too
- If you want a user to be connected only once (so users cannot give username and passowords to others to use the same account) you must setup a radius server
(freeradius or radius-cistron, from ports collection).
- If you have problems login in from windows box than set speed sync from /etc/ppp/ppp.conf might help you
- pppoed daemon consumes some cpu so a faster cpu is better, also for many users is better to have more ram (512 or 1024 MB)
- If you have problems stop your pppoed process (/etc/rc.d/pppoed stop) then launch pppoed with -Fd option instead -d, from command line to have pppoed in foreground to see errors.
- On a lan with many users I had a problem, i guess some of the clients had a misconfigured pppoed server so it keeps asking for connection to pppoed server, flooding, forking the pppoed daemon continously. It is a patch that might solve this problem, I've read about it here: http://lists.freebsd.org/pipermail/freebsd-hackers/2005-February/010136.html , but could not find that patch.
1. Compile kernel with this options:
options NETGRAPH
options NETGRAPH_PPPOE
options NETGRAPH_SOCKET
2. Edit /etc/rc.conf, add:
pppoed_enable="YES"
pppoed_flags="-d -P /var/run/pppoed.pid -a "server" -l "default" "
pppoed_interface="fxp1"
3. /etc/ppp/ppp.conf
default:
set log Chat Command Phase #turn on some logging. See man ppp.conf
enable pap #turn on chap and pap accounting
enable chap
allow mode direct #turn on ppp bridging
enable proxy #turn on ppp proxyarping (redundant of a
disable ipv6cp #we don't use ipv6, don't want the errors
set mru 1492 #set mru below 1500 (PPPoE MTU issue)
set mtu 1492 #set mtu below 1500 (PPPoE MTU issue)
set ifaddr 10.0.0.1 10.0.1.1-10.0.5.254
set speed sync
set timeout 0
enable lqr
accept dns
4. edit /etc/ppp/ppp.secret
username password
Reboot.
Hint:
You could configure ipfw firewall to deny any to any and then make a script (easy) for every ppp connection to add a rule in firewall to allow ip for that connection.
Valuable Advices:
- If you use different versions of windows boxes (not only xp) let enable pap and chap too
- If you want a user to be connected only once (so users cannot give username and passowords to others to use the same account) you must setup a radius server
(freeradius or radius-cistron, from ports collection).
- If you have problems login in from windows box than set speed sync from /etc/ppp/ppp.conf might help you
- pppoed daemon consumes some cpu so a faster cpu is better, also for many users is better to have more ram (512 or 1024 MB)
- If you have problems stop your pppoed process (/etc/rc.d/pppoed stop) then launch pppoed with -Fd option instead -d, from command line to have pppoed in foreground to see errors.
- On a lan with many users I had a problem, i guess some of the clients had a misconfigured pppoed server so it keeps asking for connection to pppoed server, flooding, forking the pppoed daemon continously. It is a patch that might solve this problem, I've read about it here: http://lists.freebsd.org/pipermail/freebsd-hackers/2005-February/010136.html , but could not find that patch.
Permalink: Setting a PPPoEd Server
Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/34445
Addthis
Ask
Blinklist
del.icio.us
Digg
Fark
Facebook
Google
Lycos
Ma.gnolia
Mr Wong
Netscape
Netvousz
Newsvine
Reddit
StumbleUpon
Slashdot
Tailrank
Technorati
Wink
Yahoo
Vote for Setting a PPPoEd Server:
|
Rating: 9.00 out of 1 vote(s) cast.
|
Subscribe
Use the search to look for other interesting posts
| RSS |  See all blog subscribe options |
 What is RSS? | |
| Yahoo! |
|
| Addthis |
|
| Bloglines |
|
| Newsletter | |
| Follow us on Twitter! |
