ISP PPPoE Network Setup
A reasonably comprehensive discussion on Ubuntu forums Setup Ubuntu Server as a router using a PPPoE connection, MTU and TCP MSS when using PPPoE. Also from Ubuntu forums How to Optimize your Internet Connection using MTU and RWIN. Ubuntu documentation ADSLPPPoE. PPPD manual page.
Another reference is Confirm Blog Using PPPoE on Linux.
Some other references:
Install Software
Install the DNS, DHCP, and PPPoE software: sudo apt install bind9 isc-dhcp-server pppoeconf
Disable and stop the DNS [bind9] and DHCP [isc-dhcp-server, isc-dhcp-server6] software for the moment and configure later.
sudo systemctl disable bind9
sudo systemctl stop bind9
sudo systemctl status bind9
sudo systemctl disable isc-dhcp-server
sudo systemctl stop isc-dhcp-server
sudo systemctl status isc-dhcp-server
Set up PPPoE
“chap-secrets” configuration
Edit the chap-secrets file, sudo vim /etc/ppp/chap-secrets
:
# Secrets for authentication using CHAP # client server secret IP addresses "yourusername" * "yourpassword" *
The PPPoE software uses this information for authentication with the ISP. Some documentation states the username and password must be within quotation marks as shown above, however on my trials it seems to also work without. Use a * for server name and unless your ISP assigns an IP address, leave this blank.
Next a peer fille needs to be created for the connection. These files are located in “/etc/ppp/peers” directory. There is an example / template file in this directory, called “provider”. My provider is mynetfone, I edited the following file: sudo vim /etc/ppp/peers/mynetfone
For a good reference of these parameters man pppd
.
# Minimalistic default options file for DSL/PPPoE connections # man:pppd(8) man:pppoeconf(8) # See the manual page pppd(8) for information on all the options. #debug : information to /etc/syslog, use less +G /etc/syslog to see end of logfile #debug #noipdefault : Assumes that your IP address is allocated dynamically by the ISP. noipdefault # Use this connection as the default route. defaultroute replacedefaultroute #password is not placed in log file - default hide-password # Do not ask the remote to authenticate. noauth # Makes pppd "dial again" when the connection is lost. persist # maxfail number of retries before exiting, default 10, 0 means no limit maxfail 0 # Load rp-ppoe.so for kernel mode interface naming compatibility # (ie, ppp0, ppp1) plugin rp-pppoe.so eno1 #Bind this connection specifically to ppp1 unit 1 #Ensure a PID entry with specified linkname is made pppoe linkname pppoe # MUST CHANGE: replace myusername@realm with the PPP login name # given to you by your provider. # There should be a matching entry with the password in # /etc/ppp/pap-secrets and/or /etc/ppp/chap-secrets. user yourusername (change to suit, I do not want my one public) #Ask the peer for 2 DNS server addresses usepeerdns
These configuration files should allow a PPPoE connection to the ISP, using the command “pon mynetfone”. If successful there should be a new network interface ppp1
Some useful links: Ubuntu help ADSLPPPoE, Using PPPoE on Linux, discusses systemd setup for PPPoE, and Samba.org man pppd - Point-to-Point Protocol Daemon.
PPPoE Startup
Systemd service to create interface and start ppoe service, below: sudo vim /etc/systemd/system/pppoe.service
:
[Unit]
Description=PPPoE connection
Documentation=man:pon(1) man:pppd(8) man:pppoeconf(8) man:interfaces(5)
BindsTo=sys-subsystem-net-devices-eno1.device
After=sys-subsystem-net-devices-eno1.device
[Service]
ExecStart=/usr/sbin/pppd call provider
Type=forking
SuccessExitStatus=5
PIDFile=/run/ppp-pppoe.pid
[Install]
WantedBy=sys-subsystem-net-devices-eno1.device
Use sudo systemctl daemon-reload
to update systemd for new service. Then sudo systemd disable pppoe
to disable this service from activating at system startup. We will enable later, once configuration is more complete.
To check log files use: sudo systemctl status pppoe
or journalctl -u pppoe -b 0 -xe
; -b 0
sees last boot, -xe
sees end of file, -f
to list the end of the file. Also remember to turn on / off the debug option in sudo vim /etc/ppp/peers/mynetfone
. The debug information helped me debug problems with my ISP.
There were some concerns about pppd not being fully compatible with Netplan. Hence the attempt to manually set up wan/eno1 interface with an ip link set
instruction in the pppoe.service script. The ip
command is compatible with Netplan.
I played with the following options in the pppoe.service script:
ExecStartPre=/sbin/ip link set up dev eno1
ExecStartPre=/sbin/ip link add link eno1 name eno1.7 type vlan id 7
ExecStartPre=/sbin/ip link set up dev eno1.7
ExecStartPre=/sbin/ip addr add 192.168.5.2/24 broadcast 192.168.5.255 dev eno1
ExecStartPre=/sbin/ip route add 192.168.5.0/24 via 192.168.5.1 dev eno1
A reference to this problem and proposed solution can be see at How do I use Netplan to configure PPPoE? Actually, I believe the premiss that pppd is not compatible with netplan is incorrect as I managed to use so.
System Forwarding Enable
To allow the router to forward packet the Linux kernal must be setup to allow this. This is not necessarily a standard option.
To check IPv4 forwarding is turned on: sysctl net.ipv4.ip_forward
. If equal 1 it is on otherwise if equal zero it is off.
To change to on: sysctl -w net.ipv4.ip_forward=1
To see all system variables concerning network: sysctl -a | grep net