Erinevus lehekülje "Pppoe kiire" redaktsioonide vahel
(New page: Setting a PPPoEd Server This HOWTO is for setting a FreeBSD ppp over Ethernet server with pppoed 1. Compile kernel with this options: options NETGRAPH options NETGRAPH_PPPOE option...) |
|||
| 3. rida: | 3. rida: | ||
1. Compile kernel with this options: | 1. Compile kernel with this options: | ||
| − | options NETGRAPH | + | options NETGRAPH |
| − | options NETGRAPH_PPPOE | + | options NETGRAPH_PPPOE |
| − | options NETGRAPH_SOCKET | + | options NETGRAPH_SOCKET |
2. Edit /etc/rc.conf, add: | 2. Edit /etc/rc.conf, add: | ||
| − | pppoed_enable="YES" | + | pppoed_enable="YES" |
| − | pppoed_flags="-d -P /var/run/pppoed.pid -a "server" -l "default" " | + | pppoed_flags="-d -P /var/run/pppoed.pid -a "server" -l "default" " |
| − | pppoed_interface="fxp1" | + | pppoed_interface="fxp1" |
3. /etc/ppp/ppp.conf | 3. /etc/ppp/ppp.conf | ||
| − | default: | + | default: |
| − | + | set log Chat Command Phase #turn on some logging. See man ppp.conf | |
| − | + | enable pap #turn on chap and pap accounting | |
| − | + | enable chap | |
| − | + | allow mode direct #turn on ppp bridging | |
| − | + | enable proxy #turn on ppp proxyarping (redundant of a | |
| − | + | disable ipv6cp #we don't use ipv6, don't want the errors | |
| − | + | set mru 1492 #set mru below 1500 (PPPoE MTU issue) | |
| − | + | set mtu 1492 #set mtu below 1500 (PPPoE MTU issue) | |
| − | + | set ifaddr 10.0.0.1 10.0.1.1-10.0.5.254 | |
| − | + | set speed sync | |
| − | + | set timeout 0 | |
| − | + | enable lqr | |
| − | + | accept dns | |
4. edit /etc/ppp/ppp.secret | 4. edit /etc/ppp/ppp.secret | ||
| − | username password | + | username password |
Reboot. | Reboot. | ||
Redaktsioon: 18. detsember 2007, kell 19:56
Setting a PPPoEd Server This HOWTO is for setting a FreeBSD ppp over Ethernet server with pppoed
1. Compile kernel with this options:
options NETGRAPH options NETGRAPH_PPPOE options NETGRAPH_SOCKET
2. Edit /etc/rc.conf, add:
pppoed_enable="YES" pppoed_flags="-d -P /var/run/pppoed.pid -a "server" -l "default" " pppoed_interface="fxp1"
3. /etc/ppp/ppp.conf
default: set log Chat Command Phase #turn on some logging. See man ppp.conf enable pap #turn on chap and pap accounting enable chap allow mode direct #turn on ppp bridging enable proxy #turn on ppp proxyarping (redundant of a disable ipv6cp #we don't use ipv6, don't want the errors set mru 1492 #set mru below 1500 (PPPoE MTU issue) set mtu 1492 #set mtu below 1500 (PPPoE MTU issue) set ifaddr 10.0.0.1 10.0.1.1-10.0.5.254 set speed sync set timeout 0 enable lqr accept dns
4. edit /etc/ppp/ppp.secret
username password
Reboot.
Hint: You could configure ipfw firewall to deny any to any and then make a script (easy) for every ppp connection to add a rule in firewall to allow ip for that connection.
Valuable Advices: - If you use different versions of windows boxes (not only xp) let enable pap and chap too - If you want a user to be connected only once (so users cannot give username and passowords to others to use the same account) you must setup a radius server (freeradius or radius-cistron, from ports collection). - If you have problems login in from windows box than set speed sync from /etc/ppp/ppp.conf might help you - pppoed daemon consumes some cpu so a faster cpu is better, also for many users is better to have more ram (512 or 1024 MB) - If you have problems stop your pppoed process (/etc/rc.d/pppoed stop) then launch pppoed with -Fd option instead -d, from command line to have pppoed in foreground to see errors. - On a lan with many users I had a problem, i guess some of the clients had a misconfigured pppoed server so it keeps asking for connection to pppoed server, flooding, forking the pppoed daemon continously. It is a patch that might solve this problem, I've read about it here: http://lists.freebsd.org/pipermail/freebsd-hackers/2005-February/010136.html , but could not find that patch.
