 |
Index for
Section 7 |
|
 |
Alphabetical
listing for P |
|
 |
Bottom of
page |
|
ppp_manual_setup(7)
NAME
ppp_manual_setup - Describes how to manually set up Point-to-Point Protocol
(PPP) connections
DESCRIPTION
The Point-to-Point Protocol (PPP) provides a standard way to transmit IP
datagrams over a serial link and a standard way for the systems (peers) at
either end of the link to negotiate various optional characteristics of the
link. Using PPP, a serial link can be used to transmit Internet Protocol
(IP) datagrams, allowing TCP/IP connections between the peers.
Note that although you do not use a network interface with PPP, you must
have a network interface configured on your system for the network daemons
(such as nfsd and rwhod) to run properly. The network interface must be
configured with a new IPv4 address. For example, if you have a personal
computer that you use at home and in the office, do not use the same IPv4
address for the network interface at home as you use in the office.
MANAGING ROUTING
You can use the gated daemon to manage IPv4 routing and the ip6rtrd daemon
to manage IPv6 routing, if you are not using the PPP connection solely to
communicate between the two systems making the connection.
If you plan to use a system as an IP router, it must be configured to allow
the forwarding of IP packets. For more information on setting a system up
as an IP router, see the Network Administration: Connections manual and
iprsetup(8).
PPP PHYSICAL CONNECTIONS
You can connect systems either directly to each other (using a null modem),
if they are in close proximity, or over telephone lines using modems, if
they are not.
If you connect the systems directly, use a null modem cable, such as
BC22D-xx (where xx varies depending on the length of the cable) to connect
the serial ports on the two hosts. The maximum length of this type of
connection is defined by the RS-232 standard.
If the systems are not in close proximity to each other, you can connect
them using telephone line and modems. To use this kind of connection,
attach a modem to a serial port on both hosts so that the two hosts can
establish a serial connection between them. You can use an RS-232 cable
connected to the serial port on the host. This cable must be a straight-
through cable such as BC22E-xx or BC22F-xx and the modems must be set to 8
bit, no parity.
MODEMS
PPP works best when hardware flow control is used. High speed modems often
fall-back to a lower data rate when line degradation occurs. To support
hardware flow control you must use cables with a sufficient number of wires
for full modem control. DECconnect cables do not provide a sufficient
number of wires. Therefore, do not use them. See modem(7) for a list of
modem cables to use and modem guidelines.
Note
Do not use XON/XOFF flow control. It will corrupt the data stream
causing the TCP layer over IP to issue retransmit requests for over-
runs.
AUTHENTICATION
PPP provides three protocols for authenticating hosts and for
authenticating your host system to others:
· Password Authentication Protocol (PAP)
· Challenge Handshake Authentication Protocol (CHAP)
· Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
All protocols exchange secrets in order to complete the authentication
process. PAP secrets are contained in the /etc/ppp/pap-secrets file; CHAP
secrets are contained in the /etc/ppp/chap-secrets file. Only root should
be able to read these files.
The pap-secrets and chap-secrets files should have the following format:
client server secret ip_address...
client
Name of the machine being authenticated.
server
Name of the machine requiring authentication.
secret
Password or CHAP secret known by both client and server.
ip_address ...
Zero or more IPv4 addresses that the client may use (this field is used
only on the server).
The MS-CHAP protocol exchange secrets are located in the /etc/ppp/chap-
secrets file. The format for this protocol is as follows:
username server secret
username
Name of the user to be authenticated.
server
Name of the machine requiring authentication.
secret
Password or CHAP secret known by both client and server.
Note
The /etc/ppp directory contains files of secrets used for
authentication, and should not be in a partition that is exported
using NFS and accessible to other hosts.
If authentication is required, the /etc/ppp/options file must contain
the auth and usehostname options.
VERIFYING PPP SUPPORT IN THE KERNEL
Verify that PPP is supported in the kernel by entering the following
command:
# sysconfig -s | grep ppp
If it is not loaded and configured, do the following:
1. Log in as root.
2. Rebuild the kernel by running the doconfig program and selecting the
Point-to-Point (PPP) option.
3. Make a backup copy of the current /vmunix file.
4. Copy the newly-created /sys/HOSTNAME/vmunix kernel file to the /vmunix
file.
5. Reboot the system
PPP CONNECTIONS
A PPP connection between two systems involves setting up a serial link and
running the PPP daemon, pppd, on both ends of the link. Guidelines for
running pppd are as follows:
· If you want to run IPv6 over PPP, set the Maximum Receive Unit (mru)
parameter to 1280 or higher. See pppd(8) for more information.
· If you want the interface ID for IPv6 over PPP to differ from the
address for the local host's Ethernet or other broadcast interface,
put the desired address on the pppd command line with a colon appended
as follows:
ip6cp-interface-id interface-id:
· If you want the local address of the PPP link to differ from the IPv4
address for the local host's Ethernet or other broadcast interface,
put the desired address on the pppd command line with a colon appended
as follows:
local_addr:
· Do not use ifconfig to configure the addresses of the PPP interface.
The pppd daemon assigns addresses and identifies the interface as
active.
· Whether you run pppd manually on the remote machine or use a script
file on the local machine to run pppd on the remote machine, do not
provide a device name to pppd; it uses the controlling tty by default.
For information on pppd options, see pppd(8) and Network Administration:
Connections.
ESTABLISHING A PPP DIAL-OUT CONNECTION
To a PPP dial-out connection, do the following:
1. Verify that you can communicate with the modem. Do the following:
a. Edit the /etc/remote file and copy the kdebug entry.
b. Modify the new entry, providing a system name for the entry, the
correct Tru64 UNIX device (tty00 or tty01 depending on your
system), the correct baud rate, and correct parity. See
remote(4) for more information.
c. Check the /usr/spool/locks directory for LCK..ttynn lock files.
If any exist for the terminal device you are configuring for PPP,
remove them.
When you establish a connection over a terminal device, the
system generates a lock file to prevent the connection from being
disrupted by another application. If the connection terminates
abnormally, the lock file might persist, preventing you from
establishing new connections.
d. Use the tip command to access the modem as follows:
% tip system_name
system_name is the system name from the /etc/remote file.
Note
Be sure you do not have a getty process running on the port to
which the modem is connected.
For more information on the tip command, see tip(1) and the
Command and Shell User's Guide.
e. If your modem is using the AT command language, enter the
following command:
AT <Return>
If the modem is not in quiet mode, it responds with an OK
message.
2. Contact the remote system administrator or your Internet Service
Provider (ISP) and obtain the following information:
· Your remote IPv4 address and netmask, unless the remote system
assigns the IPv4 address dynamically (IPv4 over PPP only)
· Characters that might need to be escaped
· Instructions on how to log in and use the remote service
This information is used to create a chat script, which automates the
dial-out process.
3. Create a file for commands that the chat program uses to direct the
modem what number to dial and what to send the remote system in order
to start pppd. This file is called a chat script. Each entry in a
chat script has the following format:
string_chat_expects string_chat_sends
See chat(8) for more information onchat and chat scripts.
4. Copy the PPP options file template from the /etc/ppp.common directory
to the /etc/ppp directory, as follows:
# cp /etc/ppp.common/options /etc/ppp
This file must exist and must be readable by pppd; otherwise, the
daemon will not run. Set the file permissions so that only root has
write access:
# ls -l /etc/ppp/options
-rw-r--r-- 1 root bin 3348 Feb 26 22:32 options
5. Edit the /etc/ppp/options file and include the pppd options as
required by the remote system or ISP. See pppd(8) for a complete list
of pppd options. See Network Administration: Connections for a sample
/etc/ppp/options file for dial-out access.
6. Edit the /etc/syslog.conf file and do the following to enable logging
for PPP:
a. Add the local2 facility (used by pppd and chat) to the line that
specifies /dev/console as the message destination as follows:
kern.debug;local2.notice /dev/console
In this example, the notice level is specified.
b. Add the following entry to the file to create a ppp-log file:
local2.debug /etc/ppp/ppp-log
c. Save the edits and close the file.
See syslogd(8) for more information.
7. Create the ppp-log file by issuing the following command:
# touch /etc/ppp/ppp-log
This file must be created before the next step to ensure that PPP
event logging is started.
8. Stop and start syslogd by entering the following commands:
# /sbin/init.d/syslog stop
# /sbin/init.d/syslog start
9. Invoke pppd on the local system to connect to the remote system. For
example, the following command starts a link on tty01 and specifies
the connect option to run the chat program using the specified chat
script file.
% pppd /dev/tty01 38400 connect \
'chat -v -f /etc/ppp/chat-script'
10. Issue the following command to monitor the ppp-log file and determine
whether the PPP connection is active:
% tail -f /etc/ppp/ppp-log
After you have established a connection, you can use the pppstats and
netstat commands to obtain current statistics for the PPP interface. For
example:
% pppstats
IN PACK VJCOMP VJUNC VJERR | OUT PACK VJCOMP VJUNC NON-VJ
9425 311 5 2 0 | 9574 308 1 3 304
% netstat -I ppp0
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
ppp0 1500 <Link> Link#6 305 0 302 0 0
ppp0 1500 10 10.1.2.2 305 0 302 0 0
For more information about the pppstats and netstat commands, see
pppstats(8) and netstat(1).
If any problems occur while using PPP, see the Network Administration:
Connections manual.
ESTABLISHING A DIAL-IN CONNECTION
To configure a PPP dial-in system, complete the following steps:
1. Set up your modem for dial-in accss. See modem(7) for more
information.
2. Edit the /etc/passwd file and create a dedicated entry for a PPP user.
For the login shell field, specify /usr/sbin/startppp; for example:
ppp1:password:10:20:Remote PPP User:/usr/users/guest:/usr/sbin/startppp
3. Edit the /etc/inittab file and create an entry for each terminal
device that is to run PPP. For example:
modem:3:respawn:/usr/sbin/getty /dev/tty00 M38400 vt100
See inittab(4) for more information.
4. Issue the init q command to start the getty process immediately.
5. If the dial-in system is going to be a gateway for the dial-out system
to reach other systems on the LAN, the dial-in system must be
configured as an IP router and must also run one of the following
daemons:
· For IPv4 routing, run the gated daemon. Edit the /etc/gated.conf
file and delete the nobroadcast option (if specified) in the rip
statement. See the Network Administration: Connections manual
for basic network setup information and gated.conf(4) for gated
options.
· For IPv6 routing, run the ip6rtrd daemon. You must include the
ppp interface in the ip6rtrd.conf file. See ip6_setup(8) for
more information. In addition, set the ipv6forwarding and
ip6gateway kernel configuration attributes to 1.
6. Copy the PPP options file template from the /etc/ppp.common directory
to the /etc/ppp directory, as follows:
# cp /etc/ppp.common/options /etc/ppp
This file must exist and must be readable by pppd; otherwise, the
daemon will not run. Set the file permissions so that only root has
write access:
# ls -l /etc/ppp/options
-rw-r--r-- 1 root bin 3348 Feb 26 22:32 options
7. Edit the /etc/ppp/options file and include the pppd options required
to support dial-in access for all remote users. See Network
Administration: Connections for a sample /etc/ppp/options file for
dial-in access.
If you want to specify options for each individual serial port, create
a /etc/ppp/options.ttyxx file and include the remote IP address and
any other options that apply to that specific serial port. See
pppd(8) for a complete list ofpppd options.
8. After an incoming call is received and a connection established,
startppp runs in the background. The process ID is logged in the
/etc/ppp/pppxx.pid file.
If any problems occur while using PPP, see the Network Administration:
Connections manual.
TERMINATING PPP CONNECTIONS
To terminate the PPP link, send a TERM or INTR signal to one of the pppd
daemons by issuing the following command:
# kill `cat /etc/ppp/pppxx.pid`
In this command, pppxx specifies the pppd used for the PPP connection. The
pppd specified in the command also instructs other pppd daemons to
terminate.
If pppd is attached to a hardware serial port that is connected to a modem,
the daemon should get a HUP signal when the modem hangs up, which will
cause it to clean up and exit. This action depends on the driver and its
current settings.
Do not use a SIGKILL (kill -9) to terminate the process. It might not
allow the pppd daemon to terminate properly, which could corrupt the tty
files.
SEE ALSO
Files: gated.conf(4), inittab(4), ip6rtrd.conf(4), remote(4)
Daemons: ip6rtrd(8), nd6hostd(8), pppd(8), syslogd(8)
Commands: tip(1), chat(8), iprsetup(8), netstat(1), pppd(8), pppstats(8),
syslogd(8)
Networks: modem(7)
Network Administration: Connections
RFC 1332, The PPP Internet Protocol Control Protocol (IPCP), G. McGregor
RFC 1334, PPP Authentication Protocols, B. Lloyd, W. Simpson
RFC 1661, The Point-to-Point Protocol (PPP), W. Simpson
RFC 1662, PPP in HDLC-like Framing, W. Simpson
RFC 2461, Neighbor Discovery for IP Version 6 (IPv6), T. Narten, E.
Nordmark, and W. A. Simpson
RFC 2472, IP Version 6 over PPP
|
Index for
Section 7 |
|
|
Alphabetical
listing for P |
|
 |
Top of
page |
|