Building pppoe server in Linux

RP-pppoe is a solution that integrates the dial-up client and server.
: Http://www.roaringpenguin.com/products/pppoe

The pppoe server in RP-pppoe is divided into user mode and kernel mode.
In user mode, a pppoe process is created as a new connection service;
In kernel mode, you can accept client connections by creating a pppd process with the plug-in/etc/PPP/plugins/rp-pppoe.so Parameter

We recommend that you select kernel mode to run pppoe server, so that system calls do not need to be switched between kernel and user mode to increase the speed.

PS-ef
(User Mode)
Root 5093 1 0 09:36? 00:00:00/usr/sbin/pppoe-server-I eth0-l 10.0.0.1-r 10.0.0.2-N 64
Root 5101 5093 0? 00:00:00 pppd PtY/usr/sbin/pppoe-n-I eth0-E 1: 00: 1D: 60: 45: D9: d4-s ''file/etc/PPP/pppoe-server-options 10.0.0.1: 10.0.0.2 nodetach noaccomp nobsdcomp nodeflate nopcomp novj novjccomp default-asyncmap
Nobody 5103 5101 0? 00:00:00/usr/sbin/pppoe-n-I eth0-E 1: 00: 1D: 60: 45: D9: D4-S

(Kernel Mode)
Root 7541 1 0 09:46? 00:00:00/usr/sbin/pppoe-server-I eth0-l 10.0.0.1-r 10.0.0.2-N 64-K
Root 7572 7541 0? 00:00:00 pppd plugin/etc/PPP/plugins/rp-pppoe.so nic-eth0 rp_pppoe_sess 2: 00: 1D: 60: 45: D9: D4 rp_pppoe_service file/etc/PPP/pppoe-server-options 10.0.0.1: 10.0.0.3 nodetach noaccomp nobsdcomp nodeflate nopcomp novj novjccomp default-asyncmap

 

Steps for downloading, compiling, and installing:
(User Mode)
The rp-pppoe-3.10.tar.gz is under the/OPT directory.

Tar-zxvf rp-pppoe-3.10.tar.gz
CD rp-pppoe-3.10/src
./Configure
Make
Make install

(Kernel Mode)
Download pppd, pppd is a pppoe dial-up client address: ftp://ftp.samba.org/pub/ppp/
Ppp-2.4.5.tar.gz 、rp-pppoe-3.10.tar.gz in/opt directory.

Tar-zxvf ppp-2.4.5.tar.gz
CD ppp-2.4.5
./Configure
Make
Make install
CD/OPT
Tar-zxvf rp-pppoe-3.10.tar.gz
CD rp-pppoe-3.10/src
./Configure -- enable-plugin =/opt/ppp-2.4.5
Make
Make install

Modify the configuration file:
CD/etc/PPP
Vim pppoe. conf
Modify the following values. Do not change other values.
Eth = eth0
User = RP-pppoe
Linux_plugin =/etc/PPP/plugins/rp-pppoe.so

Vim pppoe-server-Options
Below is all content
Require-Chap
Login
LCP-Echo-interval 10
LCP-Echo-failure 2

Vim chap-secrets
RP-pppoe *

Vim options
Local

Run the program:
(User Mode)
/Usr/sbin/pppoe-server-I eth0-l 10.0.0.1-r 10.0.0.2-N 64

(Kernel Mode)
/Usr/sbin/pppoe-server-I eth0-l 10.0.0.1-r 10.0.0.2-N 64-K

-I: Specifies the LAN Nic.
-L IP address of the pppoe Server
-R: The starting IP address assigned to the customer
-N indicates the number of IP addresses allocated to the customer service.
-K Kernel Mode

Now we can use the pppoe client to connect to the pppoe server that we have run. the user name and password are
RP-pppoe and RP-pppoe. The authentication method is chap.
However, the client cannot access the Internet after connection, because no data packet forwarding is performed on the server.
Two NICs are added to the VM. eth0 and eth1 are static IP addresses, and eth1 is used to obtain IP addresses through DHCP.

You need to modify the configuration script.

CD/etc/sysconfig/network-Scripts
Vim ifcfg-eth0.

# Advanced Micro Devices [amd] 79c970 [pcnet32 Lance]
Device = LAN
Ipaddr = 192.168.61.120
Netmask = 255.255.255.0
Gateway = 192.168.61.1
Dns1 = 61.139.2.69
Dns2 = 192.168.61.1
Hwaddr = 00: 0C: 29: 6B: 71: D6
Onboot = Yes
Bootproto = static
Userctl = No
Ipv6init = Yes
Nm_controlled = Yes
Type = Ethernet

Vim ifcfg-eth1.

Type = "Ethernet"
Hwaddr = 00: 0C: 29: 6B: 71: E0
Bootproto = DHCP
Device = Wan
Onboot = Yes

Enable packet forwarding

Echo "1">/proc/sys/NET/IPv4/ip_forward
Iptables-T Nat-A postrouting-O eth1-J Masquerade

Now the client can access the Internet.

Below is the etherpeek packet capture, pppoe discovery stage has been omitted, but tcp3 handshake and 4 waves of packet capture.
10.0.0.10 is the IP address of the pppoe client, and 192.168.61.206 is the IP address of eth1 in Linux. Each time the LAN gateway receives data from eth0, it changes the source IP address to the IP address of eth1, And the destination IP address remains unchanged,
When the wan nic receives data from the remote server, it changes the destination IP address to the pppoe IP address of the Intranet host.

Tcp3 handshake

 

Four Waves