Router - Linux: Difference between revisions
Content deleted Content added
clean up |
|||
| (8 intermediate revisions by one other user not shown) | |||
| Line 8: | Line 8: | ||
==Debian/squeeze and /wheezy== |
==Debian/squeeze and /wheezy== |
||
This is what RogerBW is using. It'll probably be much the same on other Linuxen. The basic recipe came from |
This is what RogerBW is using. It'll probably be much the same on other Linuxen. The basic recipe came from http://www.aa-asterisk.org.uk/index.php/Connecting_to_AAISP_using_PPPoE. |
||
You will have two ethernet interfaces - one for your internal network (let's assume that's eth1), one for connection to the BT modem (eth0). You will be running PPPoE over the external interface, creating a new interface that actually passes packets. |
You will have two ethernet interfaces - one for your internal network (let's assume that's eth1), one for connection to the BT modem (eth0). You will be running PPPoE over the external interface, creating a new interface that actually passes packets. |
||
===Setup=== |
===Setup=== |
||
*Install ppp, pppoe and iproute. |
|||
*Edit /etc/ppp/peers/aaisp to include: |
|||
user mylogin@a.1 <----- your AAISP login |
user mylogin@a.1 <----- your AAISP login |
||
plugin rp-pppoe.so |
plugin rp-pppoe.so |
||
| Line 34: | Line 36: | ||
ipv6cp-use-ipaddr |
ipv6cp-use-ipaddr |
||
Edit /etc/ppp/chap-secrets to include this line, consisting of three tab-separated words. The first entry is your AAISP router login, the second is an asterisk, and the third is your AAISP router password. For example: |
*Edit /etc/ppp/chap-secrets to include this line, consisting of three tab-separated words. The first entry is your AAISP router login, the second is an asterisk, and the third is your AAISP router password. For example: |
||
mylogin@a.1 * pa$$w0rd |
mylogin@a.1 * pa$$w0rd |
||
Create /etc/ppp/ipv6-up.d/0000defaultroute. In it place the following shell script: |
*Create /etc/ppp/ipv6-up.d/0000defaultroute. In it place the following shell script: |
||
#!/bin/bash |
#!/bin/bash |
||
/sbin/ip -6 route add default dev $1 |
/sbin/ip -6 route add default dev $1 |
||
chmod it 755. |
*chmod it 755. |
||
==Testing== |
==Testing== |
||
| Line 58: | Line 60: | ||
You can check connectivity with a cron job, and add a stanza to /etc/network/interfaces to connect at boot. |
You can check connectivity with a cron job, and add a stanza to /etc/network/interfaces to connect at boot. |
||
==Extra configuration== |
===Extra configuration=== |
||
You will find at this point that most web sites work, but some few don't - they just freeze on loading or during initial SSL negotiation. This is because they are blocking ICMP, which is stupid - in part because they are then unable to indicate or respond to the need to fragment large packets. You can get round it by limiting the maximum packet size for TCP: set TCPfix on your clueless control panel, or on the router: |
You will find at this point that most web sites work, but some few don't - they just freeze on loading or during initial SSL negotiation. This is because they are blocking ICMP, which is stupid - in part because they are then unable to indicate or respond to the need to fragment large packets. You can get round it by limiting the maximum packet size for TCP: set TCPfix on your clueless control panel, or on the router: |
||
| Line 67: | Line 69: | ||
==IPv6== |
==IPv6== |
||
Assign your /64 to the inside interface of your router - eth1 in this example. |
*Assign your /64 to the inside interface of your router - eth1 in this example. |
||
ifconfig eth1 inet6 add 2001:8b0:blah/64 |
ifconfig eth1 inet6 add 2001:8b0:blah/64 |
||
Enable ipv6 forwarding by adding to /etc/sysctl.conf: |
*Enable ipv6 forwarding by adding to /etc/sysctl.conf: |
||
net.ipv6.conf.default.forwarding=1 |
net.ipv6.conf.default.forwarding=1 |
||
net.ipv6.conf.all.forwarding=1 |
net.ipv6.conf.all.forwarding=1 |
||
If you don't want to reboot, also push these values into /proc/sys/etc.: |
*If you don't want to reboot, also push these values into /proc/sys/etc.: |
||
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding |
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding |
||
echo 1 > /proc/sys/net/ipv6/conf/default/forwarding |
echo 1 > /proc/sys/net/ipv6/conf/default/forwarding |
||
| Line 90: | Line 92: | ||
3.2.0-rc5 |
3.2.0-rc5 |
||
==PPPoE== |
===PPPoE=== |
||
Linux is capable of supporting RFC 4638 for an MTU of 1500 (or greater) over PPPoE |
*Linux is capable of supporting RFC 4638 for an MTU of 1500 (or greater) over PPPoE |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | This was reported in IRC on Feb 6th 2011. If you get people saying their line didn't come back or their linux box crashed (as in kernel oopsed) after a blip, turns out there's a bug in the kernel pppoe code for 2.6.36 which has been hitting me. some kind of double free in the disconnect code causes a kernel panic. there's a patch here: http://kerneltrap.org/mailarchive/linux-kernel/2010/12/3/4654538 which seems to work for me |
||
| ⚫ | |||
| ⚫ | |||
[[Category:Routers]] |
|||
| ⚫ | |||
| ⚫ | This was reported in IRC on Feb 6th 2011. If you get people saying their line didn't come back or their linux box crashed (as in kernel oopsed) after a blip, turns out there's a bug in the kernel pppoe code for 2.6.36 which has been hitting me. some kind of double free in the disconnect code causes a kernel panic. there's a patch here: http://kerneltrap.org/mailarchive/linux-kernel/2010/12/3/4654538 which seems to work for me |
||