Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router - Linux: Difference between revisions

← Older edit
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,616 edits
m Blanked the page
Reedy (talk | contribs)
editor
706 edits
clean up
 
(11 intermediate revisions by one other user not shown)
Line 1: Line 1:
=The Basics=

You can use a Linux box in place of a PPPoE-capable router. Why would you want to do this?
*You're already running a Linux box, and you don't see any point in powering a router as well
*You want fine control over packets
*You have a PPPoE router but it doesn't do everything you want

==Debian/squeeze and /wheezy==

This is what RogerBW is using. It'll probably be much the same on other Linuxen. The basic recipe came from http://www.aa-asterisk.org.uk/index.php/Connecting_to_AAISP_using_PPPoE.

You will have two ethernet interfaces - one for your internal network (let's assume that's eth1), one for connection to the BT modem (eth0). You will be running PPPoE over the external interface, creating a new interface that actually passes packets.

===Setup===
*Install ppp, pppoe and iproute.
*Edit /etc/ppp/peers/aaisp to include:

user mylogin@a.1 <----- your AAISP login
plugin rp-pppoe.so
eth0 <----- The ethernet interface to run PPPoE on
noipdefault
defaultroute
#usepeerdns <----- uncomment this if you want resolv.conf to be set up automatically
hide-password
lcp-echo-interval 1 <---- this is how often the LCP echo packets get sent to AAISP, in seconds.
lcp-echo-failure 10 <---- this is how many LCP echo failures before the ppp daemon quits
connect /bin/true
noauth
persist
maxfail 0 <---- redial forever until your modem regains sync else default is 10x or N times if you enter N
#holdoff 120 <---- this will cause pppd to dial once every 2 mins else default is 0 sec
mtu 1492
noaccomp
default-asyncmap
+ipv6
ipv6cp-use-ipaddr

*Edit /etc/ppp/chap-secrets to include this line, consisting of three tab-separated words. The first entry is your AAISP router login, the second is an asterisk, and the third is your AAISP router password. For example:
mylogin@a.1 * pa$$w0rd

*Create /etc/ppp/ipv6-up.d/0000defaultroute. In it place the following shell script:

#!/bin/bash
/sbin/ip -6 route add default dev $1

*chmod it 755.

==Testing==
Run as root: pppoe -A
This should show something like this:
Access-Concentrator: BT_ADSL
Got a cookie: 6e c5 4a dd 1e c0 d6 b6 fe b4 4b 23 38 8f 63 58
AC-Ethernet-Address: 00:90:1a:40:f2:9f

To start your PPPoE session just type
pon aaisp
and to stop it running
poff aaisp

You can check connectivity with a cron job, and add a stanza to /etc/network/interfaces to connect at boot.

===Extra configuration===

You will find at this point that most web sites work, but some few don't - they just freeze on loading or during initial SSL negotiation. This is because they are blocking ICMP, which is stupid - in part because they are then unable to indicate or respond to the need to fragment large packets. You can get round it by limiting the maximum packet size for TCP: set TCPfix on your clueless control panel, or on the router:

iptables -t mangle -F FORWARD
iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452

==IPv6==

*Assign your /64 to the inside interface of your router - eth1 in this example.
ifconfig eth1 inet6 add 2001:8b0:blah/64
*Enable ipv6 forwarding by adding to /etc/sysctl.conf:
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
*If you don't want to reboot, also push these values into /proc/sys/etc.:
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
echo 1 > /proc/sys/net/ipv6/conf/default/forwarding

In theory, "default" should apply to all interfaces created later, while "all" should apply to all interfaces that exist now. This doesn't always seem to be the case.

==Full startup sequence==

ifconfig eth1 up
pon aaisp

==PPP==

There's a bug in 2.6.36, 2.6.36.1, 2.6.36.2 that can cause a kernel panic when the link goes down (55c95e73, fixed in 2a27a03d)
IP-over-LCP patches (receive only):
2.6.35.4
3.2.0-rc5

===PPPoE===
*Linux is capable of supporting RFC 4638 for an MTU of 1500 (or greater) over PPPoE
**This is supported on BT FTTC
**Kernel 2.6.34 is required to fix bugs with certain network cards and non-linear SKBs (ea8420e9, 19937d04)
**pppd 2.4.6 is required for RFC 4638 support (this is in git but not yet released)

==PPP Not coming back after a blip==

This was reported in IRC on Feb 6th 2011. If you get people saying their line didn't come back or their linux box crashed (as in kernel oopsed) after a blip, turns out there's a bug in the kernel pppoe code for 2.6.36 which has been hitting me. some kind of double free in the disconnect code causes a kernel panic. there's a patch here: http://kerneltrap.org/mailarchive/linux-kernel/2010/12/3/4654538 which seems to work for me

[[Category:Routers]]
Retrieved from "http://support.aa.net.uk/Router_-_Linux"