|
|
ppp_manual_setup(7)
Contents
|
ppp_manual_setup - Describes how to manually set up Pointto-Point
Protocol (PPP) connections
The Point-to-Point Protocol (PPP) provides a standard way
to transmit IP datagrams over a serial link and a standard
way for the systems (peers) at either end of the link to
negotiate various optional characteristics of the link.
Using PPP, a serial link can be used to transmit Internet
Protocol (IP) datagrams, allowing TCP/IP connections
between the peers.
Note that although you do not use a network interface with
PPP, you must have a network interface configured on your
system for the network daemons (such as nfsd and rwhod) to
run properly. The network interface must be configured
with a new IPv4 address. For example, if you have a personal
computer that you use at home and in the office, do
not use the same IPv4 address for the network interface at
home as you use in the office.
You can use the gated daemon to manage IPv4 routing and
the ip6rtrd daemon to manage IPv6 routing, if you are not
using the PPP connection solely to communicate between the
two systems making the connection.
If you plan to use a system as an IP router, it must be
configured to allow the forwarding of IP packets. For more
information on setting a system up as an IP router, see
the Network Administration: Connections manual and
iprsetup(8).
PPP PHYSICAL CONNECTIONS [Toc] [Back] You can connect systems either directly to each other
(using a null modem), if they are in close proximity, or
over telephone lines using modems, if they are not.
If you connect the systems directly, use a null modem
cable, such as BC22D-xx (where xx varies depending on the
length of the cable) to connect the serial ports on the
two hosts. The maximum length of this type of connection
is defined by the RS-232 standard.
If the systems are not in close proximity to each other,
you can connect them using telephone line and modems. To
use this kind of connection, attach a modem to a serial
port on both hosts so that the two hosts can establish a
serial connection between them. You can use an RS-232
cable connected to the serial port on the host. This cable
must be a straight-through cable such as BC22E-xx or
BC22F-xx and the modems must be set to 8 bit, no parity.
PPP works best when hardware flow control is used. High
speed modems often fall-back to a lower data rate when
line degradation occurs. To support hardware flow control
you must use cables with a sufficient number of wires for
full modem control. DECconnect cables do not provide a
sufficient number of wires. Therefore, do not use them.
See modem(7) for a list of modem cables to use and modem
guidelines.
Note
Do not use XON/XOFF flow control. It will corrupt the
data stream causing the TCP layer over IP to issue
retransmit requests for over-runs.
PPP provides three protocols for authenticating hosts and
for authenticating your host system to others: Password
Authentication Protocol (PAP) Challenge Handshake Authentication
Protocol (CHAP) Microsoft Challenge Handshake
Authentication Protocol (MS-CHAP)
All protocols exchange secrets in order to complete the
authentication process. PAP secrets are contained in the
/etc/ppp/pap-secrets file; CHAP secrets are contained in
the /etc/ppp/chap-secrets file. Only root should be able
to read these files.
The pap-secrets and chap-secrets files should have the
following format: client server secret ip_address...
Name of the machine being authenticated. Name of the
machine requiring authentication. Password or CHAP secret
known by both client and server. Zero or more IPv4
addresses that the client may use (this field is used only
on the server).
The MS-CHAP protocol exchange secrets are located in the
/etc/ppp/chap-secrets file. The format for this protocol
is as follows: username server secret
Name of the user to be authenticated. Name of the machine
requiring authentication. Password or CHAP secret known
by both client and server.
Note
The /etc/ppp directory contains files of secrets
used for authentication, and should not be in a
partition that is exported using NFS and accessible
to other hosts.
If authentication is required, the /etc/ppp/options
file must contain the auth and usehostname options.
VERIFYING PPP SUPPORT IN THE KERNEL [Toc] [Back] Verify that PPP is supported in the kernel by entering the
following command: # sysconfig -s | grep ppp
If it is not loaded and configured, do the following: Log
in as root. Rebuild the kernel by running the doconfig
program and selecting the Point-to-Point (PPP) option.
Make a backup copy of the current /vmunix file. Copy the
newly-created /sys/HOSTNAME/vmunix kernel file to the
/vmunix file. Reboot the system
A PPP connection between two systems involves setting up a
serial link and running the PPP daemon, pppd, on both ends
of the link. Guidelines for running pppd are as follows:
If you want to run IPv6 over PPP, set the Maximum Receive
Unit (mru) parameter to 1280 or higher. See pppd(8) for
more information. If you want the interface ID for IPv6
over PPP to differ from the address for the local host's
Ethernet or other broadcast interface, put the desired
address on the pppd command line with a colon appended as
follows:
ip6cp-interface-id interface-id: If you want the
local address of the PPP link to differ from the
IPv4 address for the local host's Ethernet or other
broadcast interface, put the desired address on the
pppd command line with a colon appended as follows:
local_addr: Do not use ifconfig to configure the
addresses of the PPP interface. The pppd daemon
assigns addresses and identifies the interface as
active. Whether you run pppd manually on the
remote machine or use a script file on the local
machine to run pppd on the remote machine, do not
provide a device name to pppd; it uses the controlling
tty by default.
For information on pppd options, see pppd(8) and Network
Administration: Connections.
ESTABLISHING A PPP DIAL-OUT CONNECTION [Toc] [Back] To a PPP dial-out connection, do the following: Verify
that you can communicate with the modem. Do the following:
Edit the /etc/remote file and copy the kdebug entry.
Modify the new entry, providing a system name for the
entry, the correct Tru64 UNIX device (tty00 or tty01
depending on your system), the correct baud rate, and correct
parity. See remote(4) for more information. Check
the /usr/spool/locks directory for LCK..ttynn lock files.
If any exist for the terminal device you are configuring
for PPP, remove them.
When you establish a connection over a terminal
device, the system generates a lock file to prevent
the connection from being disrupted by another
application. If the connection terminates abnormally,
the lock file might persist, preventing you
from establishing new connections. Use the tip
command to access the modem as follows: % tip system_name
system_name is the system name from the /etc/remote
file.
Note
Be sure you do not have a getty process running on
the port to which the modem is connected.
For more information on the tip command, see tip(1)
and the Command and Shell User's Guide. If your
modem is using the AT command language, enter the
following command: AT <Return>
If the modem is not in quiet mode, it responds with
an OK message. Contact the remote system administrator
or your Internet Service Provider (ISP) and
obtain the following information: Your remote IPv4
address and netmask, unless the remote system
assigns the IPv4 address dynamically (IPv4 over PPP
only) Characters that might need to be escaped
Instructions on how to log in and use the remote
service
This information is used to create a chat script,
which automates the dial-out process. Create a
file for commands that the chat program uses to
direct the modem what number to dial and what to
send the remote system in order to start pppd.
This file is called a chat script. Each entry in a
chat script has the following format:
string_chat_expects string_chat_sends
See chat(8) for more information onchat and chat
scripts. Copy the PPP options file template from
the /etc/ppp.common directory to the /etc/ppp
directory, as follows: # cp /etc/ppp.common/options
/etc/ppp
This file must exist and must be readable by pppd;
otherwise, the daemon will not run. Set the file
permissions so that only root has write access: #
ls -l /etc/ppp/options -rw-r--r-- 1 root bin
3348 Feb 26 22:32 options Edit the /etc/ppp/options
file and include the pppd options as required by
the remote system or ISP. See pppd(8) for a complete
list of pppd options. See Network Administration:
Connections for a sample /etc/ppp/options
file for dial-out access. Edit the /etc/syslog.conf
file and do the following to enable logging
for PPP: Add the local2 facility (used by pppd
and chat) to the line that specifies /dev/console
as the message destination as follows:
kern.debug;local2.notice /dev/console
In this example, the notice level is specified.
Add the following entry to the file to create a
ppp-log file:
local2.debug /etc/ppp/ppp-log
Save the edits and close the file.
See syslogd(8) for more information. Create the
ppp-log file by issuing the following command: #
touch /etc/ppp/ppp-log
This file must be created before the next step to
ensure that PPP event logging is started. Stop and
start syslogd by entering the following commands: #
/sbin/init.d/syslog stop # /sbin/init.d/syslog
start Invoke pppd on the local system to connect to
the remote system. For example, the following command
starts a link on tty01 and specifies the connect
option to run the chat program using the specified
chat script file. % pppd /dev/tty01 38400
connect \ 'chat -v -f /etc/ppp/chat-script' Issue
the following command to monitor the ppp-log file
and determine whether the PPP connection is active:
% tail -f /etc/ppp/ppp-log
After you have established a connection, you can use the
pppstats and netstat commands to obtain current statistics
for the PPP interface. For example: % pppstats
IN PACK VJCOMP VJUNC VJERR | OUT PACK VJCOMP
VJUNC NON-VJ 9425 311 5 2 0 | 9574
308 1 3 304
% netstat -I ppp0
Name Mtu Network Address Ipkts Ierrs Opkts
Oerrs Coll
ppp0 1500 <Link> Link#6 305 0 302
0 0 ppp0 1500 10 10.1.2.2 305 0
302 0 0
For more information about the pppstats and netstat commands,
see pppstats(8) and netstat(1).
If any problems occur while using PPP, see the Network
Administration: Connections manual.
ESTABLISHING A DIAL-IN CONNECTION [Toc] [Back] To configure a PPP dial-in system, complete the following
steps: Set up your modem for dial-in accss. See modem(7)
for more information. Edit the /etc/passwd file and create
a dedicated entry for a PPP user. For the login shell
field, specify /usr/sbin/startppp; for example:
ppp1:password:10:20:Remote PPP
User:/usr/users/guest:/usr/sbin/startppp Edit the
/etc/inittab file and create an entry for each terminal
device that is to run PPP. For example:
modem:3:respawn:/usr/sbin/getty /dev/tty00 M38400
vt100
See inittab(4) for more information. Issue the
init q command to start the getty process immediately.
If the dial-in system is going to be a
gateway for the dial-out system to reach other systems
on the LAN, the dial-in system must be configured
as an IP router and must also run one of the
following daemons: For IPv4 routing, run the gated
daemon. Edit the /etc/gated.conf file and delete
the nobroadcast option (if specified) in the rip
statement. See the Network Administration: Connections
manual for basic network setup information
and gated.conf(4) for gated options. For IPv6
routing, run the ip6rtrd daemon. You must include
the ppp interface in the ip6rtrd.conf file. See
ip6_setup(8) for more information. In addition,
set the ipv6forwarding and ip6gateway kernel configuration
attributes to 1. Copy the PPP options
file template from the /etc/ppp.common directory to
the /etc/ppp directory, as follows: # cp
/etc/ppp.common/options /etc/ppp
This file must exist and must be readable by pppd;
otherwise, the daemon will not run. Set the file
permissions so that only root has write access: #
ls -l /etc/ppp/options -rw-r--r-- 1 root bin
3348 Feb 26 22:32 options Edit the /etc/ppp/options
file and include the pppd options required to support
dial-in access for all remote users. See Network
Administration: Connections for a sample
/etc/ppp/options file for dial-in access.
If you want to specify options for each individual
serial port, create a /etc/ppp/options.ttyxx file
and include the remote IP address and any other
options that apply to that specific serial port.
See pppd(8) for a complete list ofpppd options.
After an incoming call is received and a connection
established, startppp runs in the background. The
process ID is logged in the /etc/ppp/pppxx.pid
file.
If any problems occur while using PPP, see the Network
Administration: Connections manual.
TERMINATING PPP CONNECTIONS [Toc] [Back] To terminate the PPP link, send a TERM or INTR signal to
one of the pppd daemons by issuing the following command:
# kill `cat /etc/ppp/pppxx.pid`
In this command, pppxx specifies the pppd used for the PPP
connection. The pppd specified in the command also
instructs other pppd daemons to terminate.
If pppd is attached to a hardware serial port that is connected
to a modem, the daemon should get a HUP signal when
the modem hangs up, which will cause it to clean up and
exit. This action depends on the driver and its current
settings.
Do not use a SIGKILL (kill -9) to terminate the process.
It might not allow the pppd daemon to terminate properly,
which could corrupt the tty files.
Files: gated.conf(4), inittab(4), ip6rtrd.conf(4),
remote(4)
Daemons: ip6rtrd(8), nd6hostd(8), pppd(8), syslogd(8)
Commands: tip(1), chat(8), iprsetup(8), netstat(1),
pppd(8), pppstats(8), syslogd(8)
Networks: modem(7)
Network Administration: Connections
RFC 1332, The PPP Internet Protocol Control Protocol
(IPCP), G. McGregor
RFC 1334, PPP Authentication Protocols, B. Lloyd, W. Simpson
RFC 1661, The Point-to-Point Protocol (PPP), W. Simpson
RFC 1662, PPP in HDLC-like Framing, W. Simpson
RFC 2461, Neighbor Discovery for IP Version 6 (IPv6), T.
Narten, E. Nordmark, and W. A. Simpson
RFC 2472, IP Version 6 over PPP
ppp_manual_setup(7)
[ Back ] |
