How to create a PPPoE Server on Ubuntu?
For one reason or another, I needed to setup a PPPoE Server on my Ubuntu machine. Unfortunately almost all the guides found were talking about setting a PPPoE client connected to a PPPoE Server. So I spend a few days testing and trying out different configurations, until I finally found how to set it up from scratch. The below instructions will look similar to the guide I referenced, but there are some extra steps to ensure that your connection will be able to access Internet properly.
Step #1: Topology Setup
First of all, the topology needs to be setup as followed:
PC --- PPPoE Server (Ubuntu) --- Internet
You can add your typical cable modem and/or router into the mix. The main issue here is to ensure that your PPPoE Server can access the Internet without any problems. To verify this, just do a quick ping test to google.com or yahoo.com.
> ping www.google.com
PING www.l.google.com (74.125.155.103) 56*84) bytes of data. 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=1 ttl=52 time=36.9 ms 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=2 ttl=52 time=37.5 ms 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=3 ttl=52 time=34.3 ms 64 bytes from px-in-f103.1e100.net (74.125.155.103): icmp_req=4 ttl=52 time=37.6 ms -- www.l.google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss
If you cannot access this, check your interface. Most likely something is misconfigured there. There are several guides on how to enable your interface properly:
– Network Configuration
Step #2: Install PPP and RP-PPPoE
You will need to install these components to get the PPPoE Server working. The first one is simple: just grab the ppp package from Ubuntu:
> sudo apt-get install ppp
The second package (rp-pppoe) requires you to build it on your own. Start by grabbing the package from this website (Roaring Penguin)
> wget http://www.roaringpenguin.com/files/download/rp-pppoe-3.10.tar.gz
> tar -zxf rp-pppoe-3.10.tar.gz
> cd rp-pppoe-3.10/src
> ./configure
> make
> sudo make install
Step #3: Setup PPPoE Settings
Several files need to be created before we can start PPPoE Server. First, modify the /etc/ppp/pppoe-server-options and change it to the following:
/etc/ppp/pppoe-server-options:
# PPP options for the PPPoE Server # LOC: GPL #require-pap require-chap login lcp-echo-interval 10 lcp-echo-failure 2 ms-dns 4.2.2.1 ms-dns 4.2.2.3 netmask 255.255.255.0 defaultroute noipdefault usepeerdns
Next, add a username into the correct secrets file. Since we’re using require-chap, we will add it into /etc/ppp/chap-secrets. The syntax is simple: follow the example below to add a user (alice) with a simple password (1234).
/etc/ppp/chap-secrets:
# Secrets for authentication using CHAP # client server secret IP addresses "alice" * "1234" 172.32.50.2
One note: make sure that the file has the correct permissions. Sometimes the PPPoE Server won’t start if the file isn’t restricted enough. A simple chmod command will do here:
> sudo chmod 600 /etc/ppp/chap-secrets
Last of all, setup the IP addresses to lease for the PPPoE Server. We’re giving IP addresses 172.32.50.2 to 172.32.50.30:
/etc/ppp/ipaddress_pool:
172.32.50.2-30
Step #4: Set PPPoE Scripts
We are ready to start PPPoE Server. Several things to worry about: the firewall needs to be set properly so that the PPPoE Server will be able to transfer traffic from one interface to the other, and IP forwarding needs to be enabled. Since these options will have to set every time Ubuntu reboots, they’re part of the start PPPoE script. It’s placed under /etc/ppp/start_pppoe.
/etc/ppp/pppoe_start:
#!/bin/bash ############################## # Simple script that starts PPPoE Server ############################## # Enable IP Forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Start PPPoE Server pppoe-server -C isp -L 172.32.50.1 -p /etc/ppp/ipaddress_pool -I eth1 -m 1412 # Set Firewall rules iptables -t nat -F POSTROUTING iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
The -m option for pppoe-server is needed so that the packets don’t go beyond MTU size after the PPPoE header is attached.
For complete purposes, below is a stop script to nicely tear down the PPPoE Server and revert any changes.
/etc/ppp/pppoe_stop:
#!/bin/bash ############################## # Simple script that stops PPPoE Server ############################## # Disable IP Forwarding echo 0 > /proc/sys/net/ipv4/ip_forward # Kill PPPoE Server killall pppoe-server killall pppd # Flush the IPtable rules. iptables -t nat -F POSTROUTING
Step #5: Automatically start/stop PPPoE Server
All we have to do is add them into the /etc/network/interfaces so that once the computer boots and detects the interface is connected, it’ll boot up the PPPoE Server. The PPPoE Server resides in eth1 in this example below:
/etc/network/interfaces:
... auto eth1 iface eth1 inet manual post-up /etc/ppp/pppoe_start post-down /etc/ppp/pppoe_stop ...
That’s it! Once that’s completed, then the PPPoE Server will boot up automatically and start handling traffic.
Troubleshooting
Usually, there’s always some sort of issue getting the PPPoE Server working. I found that using wireshark makes it easier to debug the situation. However, usually the interface (eth1) isn’t up for wireshark to sniff. Make the modifications below to bring up the interface without assigning an IP address to it:
/etc/network/interfaces:
... auto eth1 iface eth1 inet manual up ifconfig $IFACE 0.0.0.0 up post-up /etc/ppp/pppoe_start post-down /etc/ppp/pppoe_stop down ifconfig $IFACE down ...
That should make it easier to debug.
#comment: code snippets 
It seems that there were a few problems with the post above after I had to duplicate another PPPoE Server for someone else. I’ve made changes and fixed them (especially when I mixed my scripts between pppoe_start, pppoe_stop and pppoe-up, pppoe-down… sorry!)
This post should be working flawlessly now. If not, post a comment below and I will investigate it.
Thanks for the post … unfortunately when I tried logging on 3 different pc’s at the same time with the same username and password it still works.
John
yes it works. just so you know, i didn’t forget to say thank you!
I think there’s a typo: /etc/ppp/pppoe-servers-options should actually be /etc/ppp/pppoe-server-options
.
Unfortunately I can’t get this to work – I always get the error PADT “RP-PPPoE: Child pppd process terminated”. Sadly google hasn’t offered any solutions 😦
Oops! That’s correct… I missed that small detail. Thanks for catching it.
Hello coder_commander,
based on your guide, I have automated the installation of a PPPoE concentrator on Ubuntu 11.10 x64 (there are some changes in since your post).
If you need them I can send them to you.. I will create, in any case, a post on my site about this… if you want, you can also add a link to my post where these scripts will be available.
How can we get in touch?
BTW, thanks a lot for the guide, it saved me a lot of testing-hours.
Lo
Post it here, and I’ll add a blurb about it.
If I remember correctly, this was created for 10.04 LTS, so I’m not completely surprised there are minor changes made for another version of Ubuntu.
Hello coder_commander,
here is the micro-article I have written based on your guide:
http://www.lo-online.net/cs/install-pppoe-concentrator-on-ubuntu-server-11-10.html
Hope it helps!
Bye and thanks again for your guide!
Lo
great work buddies, especially thanks to you Inicolodi!
erdem
I followed this description and although it needed some finetuning, I thought I’d put here my working config. Please note you need to follow the following rule:
Set your first ethernet card as WAN and the second as PPPoE.
I had eth1 as WAN and ETH3 as LAN side.
root@ubuntu:~# cat /etc/ppp/pppoe-server-options
# PPP options for the PPPoE server
# LIC: GPL
# require-pap
require-chap
login
lcp-echo-interval 10
lcp-echo-failure 2
ms-dns 8.8.8.8
ms-dns 4.4.4.4
netmask 255.255.255.0
defaultroute
noipdefault
usepeerdns
create a pppoe-up script and chmod to executable:
root@ubuntu:~# cat /etc/ppp/pppoe-up
#!/bin/bash
# —————————————————-
# Starts the PPPoE server and turns on NAT
# —————————————————-
# MAX is the maximum number of addresses your server
# is allowed to hand out.
PROV=pppoe
MAX=10
# BASE is the lowest IP address your server is allowed
# to hand out.
#BASE=192.168.1.238
#PLA=192.168.1.0/24
BASE=10.0.213.2
PLA=10.0.213.0/24
# NAT is the set of addresses which your server will
# NAT behind it. Other addresses behind your server
# WILL NOT be NATed.
#NAT=172.32.50.0/24
# MYIP is the public IP address of this server.
MYIP=10.0.213.1
##########################################
# Here is where the script actually starts executing.
##########################################
# Disable IP spoofing on the external interface.
/sbin/iptables -t nat -F POSTROUTING
# Enable NAT for the private addresses we hand out.
# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.213.0/24 -o eth1 -j MASQUERADE
# Launch the server.
/usr/sbin/pppoe-server pty -T 60 -I eth3 -L $MYIP -N $MAX -C $PROV -S $PROV -R $PLA
echo “1” > “/proc/sys/net/ipv4/ip_forward”
root@ubuntu:~#
Voilá….
Create an upstart for the script to be started upon boot and you are ready. This works.