It took me over the course of a week and probably close to 20 hours of troubleshooting to finally get my Linux router to establish a PPPoE connection to my provider. There were two major hurdles I overcame:
- The first was figuring out that the VLAN going to the DSL modem needed to be manually tagged. I found out this out by connecting my Windows laptop and tagging it's VLAN on the network adapter after seeing that it was also tagged in the router they used to setup my initial connection. I suspect they do this to differentiate between the IP phone and cable box traffic.
- The second hurdle was properly configuring PPPoE properly in Linux. I emphasize properly because PPPoE in Linux is one of those topics that are barely documented, or if it is documented its done 50 different ways, all which don't work correctly for you — kind of like LDAP.
Adding VLAN support
Note this part may not be needed, double check your settings on a working router to see if the VLAN is configured for the WAN interface. If you are able to receive a DHCP lease, but can't establish a PPPoE connection or see any response in the PPPoE logs, you may need to tag the VLAN on your network interface.
This is the part which probably took up the majority of my time because when I ran the pppoeconf utility (like many tutorials and StackOverflow responses tell you to do), it would simply hang. I would suggest trying to use pppoeconf first to configure PPPoE (there are several tutorials out there), if that doesn't work for you, try the procedures outlined in this tutorial.
Tagging VLANs isn't supported by default in Ubuntu 14.04, luckily, the vlan package can do that for us. Install the the vlan package:
root@ubuntu:~# aptitude -yvV install vlan
Load the 8021q module and verify it is loaded:
root@ubuntu:~# modprobe 8021q root@ubuntu:~# lsmod | grep ^8021q 8021q 24712 0
Ensure this module is loaded each time at boot by appending it to /etc/modules:
root@ubuntu:~# echo "8021q" >> /etc/modules
Use the vconfig utility to add a VLAN to the specified interface:
root@ubuntu:/etc/network# vconfig add eth0 20 Added VLAN with VID == 20 to IF -:eth0:-
- In the above I tagged my
eth0interface with VLAN 20.
As additional verification you can cat the contents of /proc/net/vlan/config which would give you output similar to the following:
root@ubuntu:/etc/network# cat /proc/net/vlan/config VLAN Dev name | VLAN ID Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD eth0.20 | 20 | eth0
This will allow you to reference the VLAN-tagged interface as eth0.20. As another example, if you were to tag your eth1 interface with VLAN 50 the interface name would be eth1.50.
Network interfaces
After issuing vconfig, you should be able to create and reference the interface in the /etc/network/interfaces file.
# # WAN interface # auto eth0 iface eth0 inet dhcp # # WAN interface tagged with VLAN 20 # auto eth0.20 iface eth0.20 inet manual vlan-raw-device eth0
Now if you have a working physical connection from your ISP facing interface to the DSL modem, you should be able to get a DHCP lease with an private IP address on the original interface, in this case eth0.
The trick was understanding that I had to tell my PPPoE client to use the eth0.20 interface, not eth0, to send the initial request for the PPPoE connection. This is where the pppoeconf setup would hang for me.
RP-PPPoE
Unfortunately it's very easy to get confused between all the PPP/PPPoE packages, e.g. ppp, pppconfig, pppoe, pppoeconf, rp-pppoe, etc. Even worse, is they all dump their configuration files and scripts in the same place, the /etc/ppp directory.
The client that I ended up using was rp-pppoe by Roaring Penguin Software.
Download the tar archive from their website:
root@ubuntu:~# wget https://www.roaringpenguin.com/files/download/rp-pppoe-3.11.tar.gz 2015-02-07 17:15:55 (167 KB/s) - ‘rp-pppoe-3.11.tar.gz’ saved [223234/223234]
Install the build-essential package which contains additional utilities needed to build packages from source:
root@ubuntu:~# aptitude -yvV install build-essential
Unarchive, change into the unarchived directory, and run the ./go script:
root@ubuntu:~# tar xvf rp-pppoe-3.11.tar.gz root@ubuntu:~# cd rp-pppoe-3.11/ root@ubuntu:~/rp-pppoe-3.11# ls configs doc go go-gui gui man README rp-pppoe.spec scripts SERVPOET src root@ubuntu:~/rp-pppoe-3.11# ./go
Now if rp-pppoe compiled correctly it should kick off a script immediately afterwards that prompts you for input:
Welcome to the Roaring Penguin PPPoE client setup. First, I will run
some checks on your system to make sure the PPPoE client is installed
properly...
Looks good! Now, please enter some information:
USER NAME
>>> Enter your PPPoE user name (default bxxxnxnx@sympatico.ca): dsluser
INTERFACE
>>> Enter the Ethernet interface connected to the DSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethn, where 'n' is a number.
(default eth0): eth0.20
Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped. If you want the link to
stay up permanently, enter 'no' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses. You may have some problems with demand-activated links.
>>> Enter the demand value (default no):
DNS
Please enter the IP address of your ISP's primary DNS server.
If your ISP claims that 'the server will provide DNS addresses',
enter 'server' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
>>> Enter the DNS information here: server
PASSWORD
>>> Please enter your PPPoE password:
>>> Please re-enter your PPPoE password:
FIREWALLING
Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose 'NONE' and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.
The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are responsible
for ensuring the security of your machine. You are STRONGLY
recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
for a LAN
>>> Choose a type of firewall (0-2): 0
** Summary of what you entered **
Ethernet Interface: eth0.20
User name: dsluser
Activate-on-demand: No
DNS addresses: Supplied by ISP's server
Firewalling: NONE
>>> Accept these settings and adjust configuration files (y/n)? y
Adjusting /etc/ppp/pppoe.conf
Adjusting /etc/ppp/pap-secrets and /etc/ppp/chap-secrets
(But first backing it up to /etc/ppp/pap-secrets-bak)
(But first backing it up to /etc/ppp/chap-secrets-bak)
Congratulations, it should be all set up!
Type 'pppoe-start' to bring up your PPPoE link and 'pppoe-stop' to bring
it down. Type 'pppoe-status' to see the link status.
- This script will create the
/etc/ppp/pppoe.confpopulated with configuration parameters that you provided as input. - It will also put the username and password into the
/etc/ppp/pap-secretsand/etc/ppp/chap-secretsfile for you.
Again, note that I specified my VLAN-tagged interface eth0.20 as my interface connected to the DSL modem, and not eth0.
Now you should be able to run pppoe-start:
root@ubuntu:~/rp-pppoe-3.11# pppoe-start . Connected!
The plog command will show you logging information from the initiated connection:
root@d54250wyk:~# plog Feb 7 15:32:08 ubuntu pppd[2134]: Remote message: Login ok Feb 7 15:32:08 ubuntu pppd[2134]: PAP authentication succeeded Feb 7 15:32:08 ubuntu pppd[2134]: not replacing existing default route via 10.150.32.1 Feb 7 15:32:08 ubuntu pppd[2134]: local IP address 176.205.250.149 Feb 7 15:32:08 ubuntu pppd[2134]: remote IP address 31.215.80.1 Feb 7 15:32:08 ubuntu pppd[2134]: primary DNS address 213.42.20.20 Feb 7 15:32:08 ubuntu pppd[2134]: secondary DNS address 195.229.241.222
You should now have a ppp0 interface, use ifconfig or ip addr ls to verify it is there.
In the above output you can see the message not replacing existing default route via 10.150.32.1. This was the default route that was obtained from the original DHCP lease on the eth0 interface. There was a bug in the rp-pppoe utility that regardless of settings in the /etc/ppp/pppoe.conf file, it would not obtain and correctly replace the default route via the ppp0 interface.
To resolve this issue, and correctly obtain the default route upon connect, delete all the files in the /etc/ppp/peers/ directory:
root@ubuntu:~# rm -v /etc/ppp/peers/* removed ‘/etc/ppp/peers/dsl-provider’ removed ‘/etc/ppp/peers/dsl-provider.dpkg-old’ removed ‘/etc/ppp/peers/provider’
Run pppoe-stop and pppoe-start to connect again:
root@ubuntu:/etc/openvpn# pppoe-stop Killing pppd (2769) Killing pppoe-connect (2749) root@ubuntu:/etc/openvpn# pppoe-start . Connected!
After your connection is established and verified, your configurations for all your network applications, such as iptables should reference the ppp0 interface as your primary interface.
No comments:
Post a Comment