PPPoE

If PPPoE is necessary to make a DSL connection work, get the latest rp-pppoe from www.roaringpenguin.com/pppoe. Even if you have a copy of this software already installed on your system (e.g. RedHat 8 comes with it), you may need to get the RP version, since on some versions, RedHat has screwed up their implementation of it.

Download then unpack the tar file:

     tar xzvf rp-pppoe-x.y.tar.gz

Change to the source directory, run configure and make the source:

     cd rp-pppoe-x.y/src
     ./configure
     make

Install rp-pppoe as root:

     su
     make install

Next, make sure the Ethernet card you intend to use with the DSL modem is visible to the Linux kernel. You should see interface information if you query the card directly. For example:

     /sbin/ifconfig ethx

Should produce results that look like this:

     ethx      Link encap:Ethernet  HWaddr 00:40:F4:2D:73:64
               BROADCAST MULTICAST  MTU:1500  Metric:1
               RX packets:0 errors:0 dropped:0 overruns:0 frame:0
               TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
               collisions:0 txqueuelen:100
               RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
               Interrupt:9 Base address:0xf000

Note that "x" is the actual number of the network card, such as 0, 1, or 2. Of course, the HWaddr will be different but, as long as you see a valid MAC address in the HWaddr line, your card should be working.

DO NOT assign an IP address to the Ethernet card. You can configure the card to come up at boot time or not, as you prefer. If you see the card and it has an IP address when you do:

     /sbin/ifconfig

There is something wrong. Either use the network control GUI to disable the card at boot time or hack the appropriate files in some or all of these (note that they are often hard links of each other):

/etc/sysconfig/network-scripts/ifcfg-ethx:
/etc/sysconfig/networking/devices/ifcfg-ethx:
/etc/sysconfig/networking/profiles/default/ifcfg-ethx:

The basic ifcfg-ethx file should look like this:

     DEVICE=ethx
     TYPE=Ethernet
     USERCTL=no
     BOOTPROTO=none
     ONBOOT=yes|no

There is, however, one instance where you might want to configure the NIC for regular TCP communication. Some ADSL modems come configured as routers with PPPoE and all sorts of other protocols enabled on the WAN side, along with a firewall, DHCP server, etc. This type of modem can only be used with rp-pppoe if it is put into bridge mode. To do this, one typically aims a Web browser at some well-known IP address which is defined by the modem and then uses its Web administration UI to set it up in bridge mode.

If this is the case, first define the ifcfg-ethx file something like this:

     DEVICE=ethx
     TYPE=Ethernet
     USERCTL=no
     BOOTPROTO=none
     BROADCAST=10.255.255.255
     IPADDR=10.0.0.4
     NETMASK=255.0.0.0
     NETWORK=10.0.0.0
     PEERDNS=no
     ONBOOT=yes

This sets the NIC up so that it can talk to the modem. Once you've done that, restart networking ("/etc/rc.d/init.d/network restart") and use the local Web browser to set up the ADSL modem (for example, you'd use the file above and browse to 10.0.0.2:80 to set up an Encore ENDSL-AR). After the router is disabled and/or the modem is bridged, put the ifcfg-ethx file back the way it should be and restart networking. You can then proceed with the rest of the setup.

Note that you may have to disconnect the WAN side of the modem from the DSL line, if it is already in bridged mode, since the modem will echo the WAN IP address on the LAN side, if it is connected to the DSLAM. If you cannot get the modem to talk to the Web browser, you may need to reset to the factory configuration first, via the Factory Reset button, if there is one.

The settings for a configurable modem's WAN interface should be something like this, for use with rp-pppoe:

     Virtual Circuits: Disabled
     Bridge Mode:      Enabled
     IGMP:             Enabled|Disabled  (depending on whether you want your modem
                                         to respond to pings -- probably not)
     Encapsulation:    RFC 1483 Bridged IP, LLC  (<-- most US & Canada telcos)
                       RFC 1483 Routed IP, LLC
                       RFC 1483 Bridged IP, VC-Mux
                       RFC 1483 Routed IP, VC-Mux
     DHCP Client:      Disabled
     MAC Spoofing:     Disabled  (unless you really need it, which is unlikely)
     VPI:              0  (see chart of ADSL Settings)
     VCI:              35  (see chart of ADSL Settings)

A chart of ADSL Settings by Country is provided at:

     http://www.routertech.org/pages.php?page=43

Now, several config files need to be hacked. The easiest way to do this is to run setup script as root:

     cd ../scripts
     chmod ugo+x *
     ./pppoe-setup

Answer the questions and you should be all set. If you care what the setup script did, it modified the files chap-secrets, pap-secrets, pppoe.conf and pppoe-server-options in the /etc/ppp directory. Usually, it gets things right so that there's no need to monkey with what it did. However, if your connection does not work or you need to know more for some other reason, the rp-pppoe-x.y/doc/how-to-connect file has the whole story.

/etc/ppp/ip-up-adsl:

Create a script to be run when the ADSL link comes up. If you are using ipchains, uncomment the line that starts firewall-rules (below), otherwise uncomment the line that starts iptables (below):

     #!/bin/sh
     #
     # This shell script is called by pppd whenever it brings up a PPP connection
     # to the remote host.  Its purpose is to add into the router's routing
     # tables a default routing to the gateway machine at the other end of the
     # PPP link.  This will cause all non-specifically routed packets to be
     # passed to the gateway at the other end of the PPP link for forwarding to
     # the Internet.
     #
     # This script also registers the ppp0 device via the firewall rules script to
     # change the rules so that they use the correct active device (ppp0 when the
     # link is up).
     #
     # The parameters that pppd passes to this script are (see pppd(8)):
     #
     #      <iface> <ttydev> <speed> <local-ip> <remote-ip> <ipparam>
     #
     #
     # When the PPP link comes up, add the default route.
     #
     /sbin/route add default gw $5
     #
     # Register the new interface with the firewall and masquerade.
     #
     #/etc/rc.d/init.d/firewall-rules $1 register
     #/etc/rc.d/init.d/iptables reload $1
     #
     # Restart the NTP daemon in case the lease on our IP address has expired.
     # NTP needs to receive packets sent to the address it registered with the
     # stratum 2 NTP server.  If the IP address changes, this won't happen and
     # NTP will cease to work (silently, of course).
     #
     /etc/rc.d/init.d/ntpd restart
     #
     # Set up all of the dynamically addressed Web server links and advertise
     # our WAN IP address.
     #
     /etc/dyndns/PropagateIP
     exit 0

Note that, if you are using iptables/NARC as your firewall/packetfilter, you'll need to make the changes, mentioned in the firewall/packetfilter section that deals with iptables, that allow the external device address to be passed to the iptables and NARC scripts.

/etc/ppp/ip-up.local:

Copy the ip-up-adsl script to this file. This mimics what the switch-ppp script does when it switches the system to using the ADSL connection. It sets things up to run the ADSL connection by default.

/etc/ppp/options:

The default values for this file created by installation has the "lock" option set. It seems that this is not a good choice. Its probably best to clear the options file for use with PPPoE:

     echo "" >/etc/ppp/options

/etc/rc.d/init.d/adsl or /etc/rc.d/init.d/pppoe (for later versions):

Install the supplied script but do not enable it, if you will be using the transport switcher (below). Otherwise, install it with:

     chkconfig --add adsl
     chkconfig adsl on

or

     chkconfig --add pppoe
     chkconfig pppoe on

However, before doing this, you might want to change the start and stop levels for the script, so that the DSL connection will come up before the other networking stuff that might depend on it. Change the chkconfig line to:

     # chkconfig: 2345 11 89