sun.com   |  docs.sun.com
How To Buy  |  My Sun  |  Worldwide Sites
         
 
Sun Microsystems Logo
 Products and Services
 		 Support and Training
 
 
System Administration Guide: Resource Management and Network Services >> 32.  Solaris PPP 4.0 Reference >> Creating PPPoE Tunnels for DSL Support >> PPPoE Access Server Commands and Files 

Previous Previous     Contents     Index     Next Next

Example 32-6 /etc/ppp/options File for an Access Server

 	auth
 	proxyarp
 	nodefaultroute
 	name no-service	# don't authenticate otherwise

The option name no-service overrides the server name that is normally searched for during PAP or CHAP authentication. The server's default name is found in the /usr/bin/hostname file. The name option in the previous example changes the server's name to no-service. The name no-service is not likely to be found in a pap or chap-secrets file. This action prevents a random user from running pppd and overriding the auth and name options that are set in /etc/ppp/options. pppd then fails because no secrets can be found for the client with a server name of no-service.

The access server scenario uses the following /etc/hosts file.

Example 32-7 /etc/hosts File for an Access Server

     172.16.0.1	orange-server
     172.17.0.1	purple-server
     172.18.0.1	green-server
     172.18.0.2	joes-pc
     172.18.0.3	marys-pc

Here is the /etc/ppp/pap-secrets file that is used for PAP authentication for clients that attempt to access the orange and purple networks.

Example 32-8 /etc/ppp/pap-secrets File for an Access Server

* orange-server "" 172.16.0.2/16+
* purple-server "" 172.17.0.2/16+

Here is the /etc/ppp/chap-secrets file that is used for CHAP authentication. Note that only clients joe and mary are listed in the file.

Example 32-9 /etc/ppp/chap-secrets File for an Access Server

 joe green-server "joe's secret" joes-pc
mary green-server "mary's secret" marys-pc

PPPoE Client Commands and Files

To run PPP over a DSL modem, a machine must become a PPPoE client. You have to plumb an interface to run PPPoE, and then use the pppoec utility to "discover" the existence of an access server. Thereafter, the client can create the PPPoE tunnel over the DSL modem and run PPP.

The PPPoE client relates to the access server in the traditional client-server model. The PPPoE tunnel is not a dial-up link, but the tunnel is configured and operated in much the same manner.

The commands and files that set up a PPPoE client include the following:

/usr/lib/inet/pppoec Utility

The /usr/lib/inet/pppoec utility is responsible for negotiating the client side of a PPPoE tunnel. pppoec is similar to the Solaris PPP 4.0 chat utility. You do not invoke pppoec directly. Rather, you start /usr/lib/inet/pppoec as an argument to the connect option of pppd.

pppoe.so Plugin

pppoe.so is the PPPoE shared object that must be loaded by PPPoE to provide PPPoE capability to access servers and clients. The pppoe.soshared object limits MTU and MRU to 1492, filters packets from the driver, and handles runtime PPPoE messages.

On the client side, pppd loads pppoe.so when the user specifies the plugin pppoe.so option.

/etc/ppp/peers/peer-name File for Defining an Access Server Peer

When you define an access server to be discovered by pppoec, you use options that apply to both pppoec and the pppd daemon. A /etc/ppp/peers/peer-name file for an access server requires the following parameters:

  • sppptun - Name for the serial device that is used by the PPPoE tunnel

  • plugin pppoe.so - Instructs pppd to load the pppoe.so shared object

  • connect "/usr/lib/inet/pppoec device" - Starts a connection. connect then invokes the pppoec utility over device, the interface that is plumbed for PPPoE

The remaining parameters in the /etc/ppp/peers/peer-name file should apply to the PPP link on the server. Use the same options that you would for /etc/ppp/peers/peer-name on a dial-out machine. Try to limit the number of options to the minimum you need for the PPP link.

The following example is introduced in How to Define a PPPoE Access Server Peer.

Example 32-10 /etc/ppp/peers/peer-name to Define a Remote Access Server

# vi /etc/ppp/peers/dslserve
sppptun
plugin pppoe.so
connect "/usr/lib/inet/pppoec hme0"
noccp
noauth
user Red
password redsecret
noipdefault
defaultroute

This file defines parameters to be used when setting up a PPPoE tunnel and PPP link to access server dslserve. The options that are included are as follows.

Option

Description

sppptun

Defines sppptun as the name of the serial device.

plugin pppoe.so

Instructs pppd to load the pppoe.so shared object.

connect "/usr/lib/inet/pppoec hme0"

Runs pppoec and designates hme0 as the interface for the PPPoE tunnel and PPP link.

noccp

Turns off CCP compression on the link.

Note - Many ISPs use only proprietary compression algorithms. Turning off the publicly available CCP algorithm saves negotiation time and avoids very occasional interoperability problems.

noauth

Stops pppd from demanding authentication credentials from the access server. Most ISPs do not provide authentication credentials to customers.

user Red

Sets the name Red as the user name for the client, which is required for PAP authentication by the access server.

password redsecret

Defines redsecret as the password to be provided to the access server for PAP authentication.

noipdefault

Assigns 0.0.0.0 as the initial IP address.

defaultroute

Tells pppd to install a default IPv4 route after IPCP negotiation. You should include defaultroute in /etc/ppp/peers/peer-name when the link is the system's link to the Internet, which is true for a PPPoE client.

Previous Previous     Contents     Index     Next Next
 
Copyright 1994-2003 Sun Microsystems