Router:Linux - Debian
You might choose to use a Linux machine as your router rather than an off-the-shelf piece of routing hardware.
You'll need to use an ADSL or FTTC modem in bridge mode for this to work - see the page for your modem to see how to set that up.
This guide provides an example configuration for Debian Jessie.
- a Linux PC with Debian Jessie already installed and two network interfaces - one for the connection to the modem, and one for the connection to your LAN
- a ADSL or FTTC modem, or a fibre ONT (for FTTP) (as appropriate for your connection)
- eth0 is plugged directly into your modem or ONT
- eth1 will be used for your LAN
Setting up pppd
pppd will be used to actually connect to A&A.
To install pppd, and the other software that will be required run:
apt-get update apt-get install pppd pppoe iproute2
pppd uses several different configuration files:
- /etc/ppp/options - default settings for pppd
- /etc/ppp/peers/aaisp - the configuration file for settings specific to connecting to A&A
- /etc/ppp/chap-secrets - the location where your A&A line password is stored
/etc/ppp/options should be left as-is - we will not change this file.
This file contains the settings that are used to configure your connection to A&A:
user your-username-here plugin rp-pppoe.so eth0 noipdefault defaultroute hide-password lcp-echo-interval 1 lcp-echo-failure 10 noauth persist maxfail 0 mtu 1492 noaccomp default-asyncmap +ipv6 ipv6cp-use-ipaddr ifname pppoe-aaisp
Each line in this file sets a different setting:
- user your-username-here - this line sets the username that pppd will use to log in. Replace "your-username-here" with your A&A line username. It will be in the form "email@example.com"
- plugin rp-pppoe.so eth0 - tells pppd to load the PPPoE plugin, and to use the network interface "eth0" to connect
- noipdefault - tells pppd not to try and guess an IP to use, but instead to use the IP explicitly given by A&A
- defaultroute - automatically set the PPP connection as your default route (for IPv4 only)
- hide-password - hides your password when logging authentication packets
- lcp-echo-interval 1 - send a LCP echo to A&A once every second
- lcp-echo-failure 10 - automatically drop the connection after 10 failed LCP echoes
- noauth - don't require A&A to send authentication details
- persist - automatically reconnect if the connection drops
- maxfail 0 - sets the the number of consecutive failed connection attempts before pppd gives up. Setting this to 0 means that pppd will retry forever
- mtu 1492 - sets the max MTU for packets inside the PPP connection - 1492 is a "safe" value for PPPoE on most hardware. Some modems will be able to use "baby jumbo frames" (RFC 4638). See the "Using a full 1500 MTU" section for more details.
- noaccomp - disables address/control compression
- default-asyncmap - disables the negotation of an asyncmap - forces all control characters to be escaped
- +ipv6 - enable IPv6 support
- ipv6cp-use-ipaddr - use your IPv4 address as the local identifier for IPv6CP
- ifname pppoe-aaisp - renames the PPP connection from an automatically generated name (such as ppp0) to pppoe-aaisp - this makes further configuration easier!
This file contains the password that is used to connect to A&A.
# Secrets for authentication using CHAP # client server secret IP addresses firstname.lastname@example.org * YourLinePasswordGoesHere
Replace "YourLinePasswordGoesHere" with the password for your A&A connection.
Making IPv6 work with pppd
Out of the box, you'll notice that you can't access the internet using IPv6.
This is because pppd doesn't create a default route for IPv6. We can force it to do this by creating another file.
Create /etc/ppp/ipv6-up.d/0000-defaultroute, and enter the following contents:
#!/bin/bash /sbin/ip -6 route add default dev $1
chmod 755 /etc/ppp/ipv6-up.d/0000-defaultroute
This file will now be run every time your PPP connects, and will automatically create an IPv6 default route!
Before you proceed, you should test your ppp configuration.
pppoe -I eth0 -A
This should produce some output similar to the following:
Access-Concentrator: acc-aln1.ry Got a cookie: 79 f0 19 2c d3 ec ae 4b 04 75 ee 8a 30 76 a6 ea AC-Ethernet-Address: a0:f3:e4:34:5f:8f
If something is wrong, you will probably get:
pppoe: Timeout waiting for PADO packets
If you get this error message, check your configuration matches the examples above. If you're still stuck, contact A&A support.
Now try to actually connect:
pon aaisp tail -n 20 /var/log/messages
This should produce output like the following:
Jul 15 22:05:45 router pppd: Plugin rp-pppoe.so loaded. Jul 15 22:05:45 router pppd: pppd 2.4.6 started by thomas, uid 0 Jul 15 22:05:45 router pppd: PPP session is 522 Jul 15 22:05:45 router pppd: Connected to 00:03:97:1c:80:02 via interface eth0 Jul 15 22:05:45 router pppd: Renamed interface ppp0 to pppoe-aaisp Jul 15 22:05:45 router pppd: Using interface pppoe-aaisp Jul 15 22:05:45 router pppd: Connect: pppoe-aaisp <--> eth0 Jul 15 22:06:32 router pppd: CHAP authentication succeeded Jul 15 22:06:32 router pppd: CHAP authentication succeeded Jul 15 22:06:32 router pppd: peer from calling number 00:03:97:1C:80:02 authorized Jul 15 22:06:32 router pppd: local IP address <your WAN IP address here> Jul 15 22:06:32 router pppd: remote IP address 220.127.116.11 Jul 15 22:06:32 router pppd: local LL address fe80::5893:5ee6:a435:8672 Jul 15 22:06:32 router pppd: remote LL address fe80::0203:97ff:fe19:8000
If it does, then your pppd configuration works perfectly! Run the following to disconnect, and do the rest of the configuration: