PPP Over Ethernet for 2.2 kernels

31.03.2003 20:37

Preface

I recently got a DSL connection and I wanted to use my existing router/firewall (Am486/120, 16 MB RAM). Unfortunately, the user space implementation (Roaring penguin pppoe) of the pppoe protocol is very CPU expensive and can only handle about 300 kB/s in async mode. Sync mode was unusable in my case (large number of frame errors). rp-pppoe only supports kernel mode driver in 2.4 kernel, which requires at least 32 MB of RAM.

Kernel mode pppoe encapsulation for 2.2 kernels is available as a kernel patch and pppoed daemon by Jamal Hadi Salim. I believe this code is no longer maintained (last entry in the change log is July 30 2002). I found out that this pppoe implementation uses works very well and uses little CPU time (under 20% at 8 Mbits/s). I only had problems with the user space code which was too complicated and had a lot of bugs.

References:

About the patch

This is a patch for pppoed from Jamal Hadi Salim. I've cleaned the code, removed a lot of stuff for server mode (which wasn't functional anyway), pppd spawning, etc. I've also fixed some of the bugs and fixed error reporting, which was very confusing in the original.

With this patch pppoed no longer runs as a daemon. It is now started from a ordinary pppd as a connection script. It sets up the pppoe connection on a /dev/pppox? device (initializes kernel layer, performs Active Discovery) and then exits. pppd then handles the connection alone. This approach greatly simplifies pppoed code and installation procedure (no system scripts that start a ppp connection need to be modified). This kind of functionality could also be achieved with the original daemon by using the undocumented switch -G.

This kind of connection handling does not fully comply with RFC 2516. In the paragraph 5.5 it is mentioned that either the host or the access concentrator MAY attempt to terminate the ppp link by sending a PADT packet. Since pppoed is no longer running when the connection is established it can't intercept PADT and break the link. This part of RFC also wasn't implemented in the original. As far as I know this causes no problems since under all normal circumstances ppp link is terminated using an LCP packet, which is recognized by pppd.

Patch will apply to the last released version of pppoed (0.49), which can be downloaded from the original site http://www.furryterror.org/~afong/pppoe/ or from the link bellow.

How to apply the patch:

$ tar -xzf pppoed-0.49.tgz
$ cat patch_pppoed_0.50 | patch -p0

How to use the patched pppoed

Patch the kernel using the patch in the distribution. It says it is for 2.2.17 kernel, but it will also work with newer kernels. Build the kernel and don't forget about the mssclampfw module. User space pppoed is built using usual methods:

$ ./configure
$ make

Don't do make install or use the automated installer. I haven't tested them and you may get unexpected results. Just copy the binary by hand.

Here is a sample /etc/ppp/peers/dsl-provider file:

/dev/pppox0

# connect "/usr/local/bin/pppoed -I eth1 -d 7"

connect "/usr/local/bin/pppoed -I eth1"

# pppd insists on this

38400

lock
local
nocrtscts
noauth

# be careful with mtu/mru if you are masquerading. 
# look at Kal Lin's page at http://www.cs.toronto.edu/~kal/hse/resource.html

mru 1490
mtu 1490

# please make sure you have noaccomp for now

noaccomp

name "your-user-name-here"

# you might want to change defaultroute if you have more
# than one pppoe session

defaultroute
hide-password
sync

#it might be a good idea to uncoment the debug below 
#debug
#kdebug 7

#if you use the -R option to make it persistent
#then uncomment the next two lines below

lcp-echo-interval 30
lcp-echo-failure 3
persist

#nodetach

Don't forget to add your password in the pap-secrets or chap-secrets. I recommend you also add a script to the /etc/ppp/ip-up.d directory which will load mssclampfw module when the link is established.

All other documentation (man pages, README, etc.) is hopelessly outdated. I haven't made any attempt to bring it up to date with this patch.

Files