How to create a PPPoE Server on Ubuntu?
For one reason or another, I needed to setup a PPPoE Server on my Ubuntu machine. Unfortunately almost all the guides found were talking about setting a PPPoE client connected to a PPPoE Server. So I spend a few days testing and trying out different configurations, until I finally found how to set it up from scratch. The below instructions will look similar to the guide I referenced, but there are some extra steps to ensure that your connection will be able to access Internet properly.
Step #1: Topology Setup
First of all, the topology needs to be setup as followed:
PC --- PPPoE Server (Ubuntu) --- Internet
You can add your typical cable modem and/or router into the mix. The
main issue here is to ensure that your PPPoE Server can access the
Internet without any problems. To verify this, just do a quick ping test
to google.com or yahoo.com.
> ping http://www.google.com
PING www.l.google.com (74.125.155.103) 56*84) bytes of data. 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=1 ttl=52 time=36.9 ms 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=2 ttl=52 time=37.5 ms 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=3 ttl=52 time=34.3 ms 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=4 ttl=52 time=37.6 ms -- www.l.google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss
If you cannot access this, check your interface. Most likely something is misconfigured there. There are several guides on how to enable your interface properly:
- Network Configuration
Step #2: Install PPP and RP-PPPoE
You will need to install these components
to get the PPPoE Server working. The first one is simple: just grab the
ppp package from Ubuntu:
> sudo apt-get install ppp
The second package (rp-pppoe) requires you to build it on your own. Start by grabbing the package from this website (Roaring Penguin)
> wget http://www.roaringpenguin.com/files/download/rp-pppoe-3.10.tar.gz
> tar -zxf rp-pppoe-3.10.tar.gz
> cd rp-pppoe-3.10/src
> ./configure
> make
> sudo make install
Step #3: Setup PPPoE Settings
Several files need to be created before we
can start PPPoE Server. First, modify the /etc/ppp/pppoe-server-options
and change it to the following:
/etc/ppp/pppoe-server-options:
# PPP options for the PPPoE Server # LOC: GPL #require-pap require-chap login lcp-echo-interval 10 lcp-echo-failure 2 ms-dns 4.2.2.1 ms-dns 4.2.2.3 netmask 255.255.255.0 defaultroute noipdefault usepeerdns
Next, add a username into the correct secrets file. Since we’re using require-chap, we will add it into /etc/ppp/chap-secrets. The syntax is simple: follow the example below to add a user (alice) with a simple password (1234).
/etc/ppp/chap-secrets:
# Secrets for authentication using CHAP # client server secret IP addresses "alice" * "1234" 172.32.50.2
One note: make sure that the file has the correct permissions. Sometimes the PPPoE Server won’t start if the file isn’t restricted enough. A simple chmod command will do here:
> sudo chmod 600 /etc/ppp/chap-secrets
Last of all, setup the IP addresses to lease for the PPPoE Server. We’re giving IP addresses 172.32.50.2 to 172.32.50.30:
/etc/ppp/ipaddress_pool:
172.32.50.2-30
Step #4: Set PPPoE Scripts
We are ready to start PPPoE Server. Several things to worry about: the firewall needs to be set properly so that the PPPoE Server will be able to transfer traffic from one interface to the other, and IP forwarding needs to be enabled. Since these options will have to set every time Ubuntu reboots, they’re part of the start PPPoE script. It’s placed under /etc/ppp/start_pppoe.
/etc/ppp/pppoe_start:
#!/bin/bash ############################## # Simple script that starts PPPoE Server ############################## # Enable IP Forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Start PPPoE Server pppoe-server -C isp -L 172.32.50.1 -p /etc/ppp/ipaddress_pool -I eth1 -m 1412 # Set Firewall rules iptables -t nat -F POSTROUTING iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
The -m option for pppoe-server is needed so that the packets don’t go beyond MTU size after the PPPoE header is attached.
For complete purposes, below is a stop script to nicely tear down the PPPoE Server and revert any changes.
/etc/ppp/pppoe_stop:
#!/bin/bash ############################## # Simple script that stops PPPoE Server ############################## # Disable IP Forwarding echo 0 > /proc/sys/net/ipv4/ip_forward # Kill PPPoE Server killall pppoe-server killall pppd # Flush the IPtable rules. iptables -t nat -F POSTROUTING
Step #5: Automatically start/stop PPPoE Server
All we have to do is add them into the /etc/network/interfaces so that once the computer boots and detects the interface is connected, it’ll boot up the PPPoE Server. The PPPoE Server resides in eth1 in this example below:
/etc/network/interfaces:
... auto eth1 iface eth1 inet manual post-up /etc/ppp/pppoe_start post-down /etc/ppp/pppoe_stop ...
That’s it! Once that’s completed, then the PPPoE Server will boot up automatically and start handling traffic.
Troubleshooting
Usually, there’s always some sort of issue getting the PPPoE Server working. I found that using wireshark makes it easier to debug the situation. However, usually the interface (eth1) isn’t up for wireshark to sniff. Make the modifications below to bring up the interface without assigning an IP address to it:
/etc/network/interfaces:
... auto eth1 iface eth1 inet manual up ifconfig $IFACE 0.0.0.0 up post-up /etc/ppp/pppoe_start post-down /etc/ppp/pppoe_stop down ifconfig $IFACE down ...
That should make it easier to debug.