[Sussex] pppoa
Jacqui Caren
jacqui.caren at ntlworld.com
Mon Apr 6 08:06:04 UTC 2009
Steve Dobson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Angus
>
> John Crowhurst wrote:
>> On Fri, April 3, 2009 13:25, Angus Robinson wrote:
>>> Sorry, at times i do have a problem with what i want to do, in a an
>>> email. I am wanting to make the linux box connect to the internet, so
>>> the linux box does the authentication and the router would then be in
>> You don't want to do that, seriously!
>
> I completely agree - this is WAN technology and best left to the ISP
> geeks not the likes of us mortals.
I disagree - pretty straighforward stuff and you get an extra IP to
play with if you run a block :-)
-------------------------------------------------------
This is one of my gentoo configs (username/password "gibberised")
Note that ppp0 links to eth1 because I have a pool of
IP's ppp0 has the "router" IP and eth1 has the 'range'.
This way I get one more IP that if I were using router
as it would 'hog' one IP for itself.
I also run my own DNS servers so peerdns is disabled.
config_ppp0=( "ppp" )
link_ppp0="eth1"
plugins_ppp0=( "pppoe" )
#plugins_ppp0=( "pppoa vc-encaps" )
username_ppp0='abc123456789 at zen'
password_ppp0='abc1234566'
pppd_ppp0=(
"noauth"
"defaultroute"
# "usepeerdns"
"updetach"
"default-asyncmap"
"ipcp-accept-remote"
"ipcp-accept-local"
"lcp-echo-interval 15"
"lcp-echo-failure 10"
"mru 1428"
"mtu 1428"
"debug"
)
and shorewall has the following start rule
/sbin/iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
to ensure 1428 is honoured - symptoms are that larger web requests FTP transfers etc
will all randomly hang...
Shorewall is not perfect but it covers the basics and lets me manage multiple /28 DSL
blocks easily.
I found that a AMD64 server mobo has clock drift and unless you keep this under
control, you end up periodically dropping the DSL lines...
Anyway we have multiple DSL lines with pppoa-pppoe bridges and they work mcuh better than
the very expensive routers hacked to be bridges ever did.
Jacqui
More information about the Sussex
mailing list