PPPOE, access point
(→Nat) |
m (AccessPoint using pppoe moved to PPPOE, access point) |
Revision as of 06:54, 3 January 2009
Contents |
Introduction
Some internet services provider such as alice in italy have a box(alice gate) that does everything(such as router and access point)...unfortunately we want to offer services to the internet such as:
- ssh
- web server
- port redirection for various applications such as games server(such as wormux that needs an open port in order to serve),or p2p
Fortunately the alice gate let us connect directly to the internet: see here for how to deactivate the router functions and so be connected directly to the internet...
The hardware
For my setup, and the instructions included here, I used the same hardware as in AccessPoint that is to say:
- 2 Realtech PCI 10/100 cards, on FreeBSD. These cards are recognized as rl0 and rl1. (Perhaps there is the possibility to use interfaces aliasing, but as i had 2 cards...)
- 1 Ralink rt2500 PCI card, on FreeBSD. This card is recognized as ral0.
Installation and Configuration
- Install FreeBSD as usual. This example uses FreeBSD 7.0.
- Enable ssh logins during the installation, or add the following line to your /etc/rc.conf:
sshd_enable="YES"
PPPOE
This part can be difficult but we need internet working before following the installation
here's my configuration file:
default: set log Phase Chat LCP IPCP CCP tun command ident user-ppp VERSION (built COMPILATIONDATE) # Ensure that "device" references the correct serial port # for your modem. (cuaa0 = COM1, cuaa1 = COM2) # set device /dev/cuaa1 set speed 115200 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" set timeout 180 # 3 minute idle timer (the default) enable dns # request DNS info (for resolv.conf) alice: disable ipv6cp add default HISADDR set device PPPoE:rl1 set log Phase tun command set ifaddr 10.0.0.1/0 10.0.0.2/0 set MRU 1490 set MTU 1490 # set log Phase tun command set authname username@alice.it set authkey password set dial set login set cd 5 set redial 0 0 set lqrperiod 5 enable dns enable tcpmssfixup enable lqr #nat enable yes #nat use_sockets yes #nat unregistered_only yes
note the space at the beginning of the lines,
here you must change the interface that is rl1 in this line:
set device PPPoE:rl1
i disabled ipv6 because it is not needed and messages error were comming in my logs about it,here's the line:
disable ipv6cp
that is realy the lines that are in my configuration: that's because of my provider(alice from italy)...
set authname username@alice.it set authkey password
you can also optionally change the name alice in this line:
alice:
if you do not have it add theses 2 line in /etc/syslog.conf:
!ppp *.* /var/log/ppp.log
that would permit you to see your log in a separate file that are in /var/log/ppp.log and /var/log/ppp.log.0.bz2(it get created when ppp.log is full, you can see it with bzcat)
then we will run pppd:
pppd -ddial -nat alice
it will create a log file in /var/log/ppp.log
we will explain what nat means later
you should look at it and when it has finished to write things to it you can look if you get an ip on your tun interface:
ifconfig tun0
if you had already some tun interfaces before it will create a new one so change the interface name to the last created interface
Then if you have an ip you can try to ping some well known ip(we will use FreeBSD's website ip):
ping 69.147.83.33:
if it works you can try to ping a website by its name:
ping www.FreeBSD.org
If you are here it means that the internet works...
in case you need to stop the internet you can do the following: ifconfig tun0 will gives you something like this:
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492 inet 79.31.183.27 --> 192.168.100.1 netmask 0xffffffff Opened by PID 438
notice the line Opened by PID 438 here 438 is the PID of the ppp process...just kill it:
kill 438
remplace 438 by the pid you found doing ifconfig Then we will need to destroy the tun0 interface:
ifconfig tun0 destroy
Nat
Then if you stoped your connection restart it,we need it in order to test the nat(that means network address translation...we need this in order to share our connection,see the wikipedia article if you are interrested)
we need to bring up the other wired network interface or the wifi(not the one that you used for connecting to the pppoe modem) card and assign an ip to it,but we will use the wired card for simplicity
note that you need an Ethernet crossover cable if you connect directly to the FreeBSD machine
on the FreeBSD AccessPoint assign an ip to the interface:
ifconfig rl0 up ifconfig rl0 inet 192.168.1.1 netmask 255.255.255.0
on FreeBSD client do:
ifconfig rl0 up ifconfig rl0 inet 192.168.1.2 netmask 255.255.255.0
or on GNU/Linux client do:
ifconfig eth0 up ifconfig eth0 inet 192.168.1.2 netmask 255.255.255.0
then try to ping each other: on the client do:
ping 192.168.1.1
on the server do:
ping 192.168.1.2
if you can ping each other add the route in the client: on FreeBSD client or GNU/Linux client do the following:
route add default gw 192.168.1.1
then try to ping FreeBSD's website's ip:
ping 69.147.83.33
if it works then add your dns to /etc/resolve.conf on the server do:
cat /etc/resolv.conf
then write down the 2 ips,then on the client edit /etc/resolv.conf and recreate the same resolv.conf as the server
alternatively you can copy the following in your resolv.conf...theses are the ip of opendns...as a temporary solution because:
- opendns could be far from your location
- opendns remplace the google querries from firefox's addressbar by his own version of google
- see wikipedia's entry on opendns for more details
here's the file:
nameserver 208.67.222.222 nameserver 208.67.222.220
then try to ping the internet...
then you shurely want to enable ppoe at boot so add the following in your /etc/rc.conf:
ipv6_enable="NO" ppp_enable="YES" ppp_mode="ddial" ppp_profile="alice" ppp_nat="YES"