pavement

PPPOE, access point

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
(Nat)

Revision as of 06:54, 3 January 2009

Contents

Introduction

Some internet services provider such as alice in italy have a box(alice gate) that does everything(such as router and access point)...unfortunately we want to offer services to the internet such as:

  • ssh
  • web server
  • port redirection for various applications such as games server(such as wormux that needs an open port in order to serve),or p2p

Fortunately the alice gate let us connect directly to the internet: see here for how to deactivate the router functions and so be connected directly to the internet...

The hardware

For my setup, and the instructions included here, I used the same hardware as in AccessPoint that is to say:

  • 2 Realtech PCI 10/100 cards, on FreeBSD. These cards are recognized as rl0 and rl1. (Perhaps there is the possibility to use interfaces aliasing, but as i had 2 cards...)
  • 1 Ralink rt2500 PCI card, on FreeBSD. This card is recognized as ral0.

Installation and Configuration

  • Install FreeBSD as usual. This example uses FreeBSD 7.0.
  • Enable ssh logins during the installation, or add the following line to your /etc/rc.conf:
sshd_enable="YES"

PPPOE

This part can be difficult but we need internet working before following the installation
here's my configuration file:

default:
 set log Phase Chat LCP IPCP CCP tun command
 ident user-ppp VERSION (built COMPILATIONDATE)  
 
 # Ensure that "device" references the correct serial port
 # for your modem. (cuaa0 = COM1, cuaa1 = COM2)
 #
 set device /dev/cuaa1 

 set speed 115200
 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
           \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT"
 set timeout 180                        # 3 minute idle timer (the default)
 enable dns                             # request DNS info (for resolv.conf) 


alice:
 disable ipv6cp
 add default HISADDR
 set device PPPoE:rl1
 set log Phase tun command
 set ifaddr 10.0.0.1/0 10.0.0.2/0
 set MRU 1490
 set MTU 1490
 # set log Phase tun command
 set authname username@alice.it
 set authkey password
 set dial
 set login
 set cd 5
 set redial 0 0
 set lqrperiod 5
 enable dns
 enable tcpmssfixup
 enable lqr
 #nat enable yes
 #nat use_sockets yes
 #nat unregistered_only yes

note the space at the beginning of the lines,
here you must change the interface that is rl1 in this line:

set device PPPoE:rl1

i disabled ipv6 because it is not needed and messages error were comming in my logs about it,here's the line:

disable ipv6cp

that is realy the lines that are in my configuration: that's because of my provider(alice from italy)...

set authname username@alice.it
set authkey password

you can also optionally change the name alice in this line:

alice:

if you do not have it add theses 2 line in /etc/syslog.conf:

!ppp
*.*                                             /var/log/ppp.log

that would permit you to see your log in a separate file that are in /var/log/ppp.log and /var/log/ppp.log.0.bz2(it get created when ppp.log is full, you can see it with bzcat)


then we will run pppd:

pppd -ddial -nat alice

it will create a log file in /var/log/ppp.log
we will explain what nat means later you should look at it and when it has finished to write things to it you can look if you get an ip on your tun interface:

ifconfig tun0

if you had already some tun interfaces before it will create a new one so change the interface name to the last created interface
Then if you have an ip you can try to ping some well known ip(we will use FreeBSD's website ip):

ping 69.147.83.33:

if it works you can try to ping a website by its name:

ping www.FreeBSD.org

If you are here it means that the internet works...

in case you need to stop the internet you can do the following: ifconfig tun0 will gives you something like this:

tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492
	inet 79.31.183.27 --> 192.168.100.1 netmask 0xffffffff 
	Opened by PID 438

notice the line Opened by PID 438 here 438 is the PID of the ppp process...just kill it:

kill 438

remplace 438 by the pid you found doing ifconfig Then we will need to destroy the tun0 interface:

ifconfig tun0 destroy

Nat

Then if you stoped your connection restart it,we need it in order to test the nat(that means network address translation...we need this in order to share our connection,see the wikipedia article if you are interrested)

we need to bring up the other wired network interface or the wifi(not the one that you used for connecting to the pppoe modem) card and assign an ip to it,but we will use the wired card for simplicity
note that you need an Ethernet crossover cable if you connect directly to the FreeBSD machine

on the FreeBSD AccessPoint assign an ip to the interface:

ifconfig rl0 up
ifconfig rl0 inet 192.168.1.1 netmask 255.255.255.0

on FreeBSD client do:

ifconfig rl0 up
ifconfig rl0 inet 192.168.1.2 netmask 255.255.255.0

or on GNU/Linux client do:

ifconfig eth0 up
ifconfig eth0 inet 192.168.1.2 netmask 255.255.255.0

then try to ping each other: on the client do:

ping 192.168.1.1

on the server do:

ping 192.168.1.2

if you can ping each other add the route in the client: on FreeBSD client or GNU/Linux client do the following:

route add default gw 192.168.1.1

then try to ping FreeBSD's website's ip:

ping 69.147.83.33

if it works then add your dns to /etc/resolve.conf on the server do:

cat /etc/resolv.conf

then write down the 2 ips,then on the client edit /etc/resolv.conf and recreate the same resolv.conf as the server

alternatively you can copy the following in your resolv.conf...theses are the ip of opendns...as a temporary solution because:

  • opendns could be far from your location
  • opendns remplace the google querries from firefox's addressbar by his own version of google
  • see wikipedia's entry on opendns for more details

here's the file:

nameserver 208.67.222.222
nameserver 208.67.222.220

then try to ping the internet...

then you shurely want to enable ppoe at boot so add the following in your /etc/rc.conf:

ipv6_enable="NO"
ppp_enable="YES"
ppp_mode="ddial"
ppp_profile="alice"
ppp_nat="YES"


Dnsmasq

Personal tools