PPP Connections - Configuring Your Network

Changing /etc/passwd as the Superuser

Chapter 5: Configuring Your Network

5.8 PPP Connections

So far, you hav e seen Internet connections based on a local area network (LAN) and a default gateway on that network. However, if you have a modem and telephone line to connect to the Internet, you cannot use the same host-to-network layer interfaces described in prev ious sections because your connection does not run ov er the Ethernet physical medium.

The most popular standard for single-machine Internet connectivity with a modem is PPP (Point-to-Point Protocol). Although PPP is a very flexible protocol, its main use is to connect one machine without a direct IP connection to second machine (a PPP server) that has one, with the second machine possibly asking the first for a username and password along the way.

When you dial up and register with a PPP server, the server gives you your own IP address and tells you about its IP address. After the connection initiates, the PPP software on your machine knows how to reach the server's IP address, and the server knows how to reach your machine's IP address. To reach the rest of the Internet, you set the default gateway to the serv er's IP address and let the serv er do the rest. Figure 5-2 shows the link between your local IP address and the server's IP address. As with the routers in LANs, you do not need to worry about the server's uplink IP address.

Figure 5-2: A typical PPP link.

Although it's nice to know how this process works, you are probably more interested in actually getting a connection to work. Specifically, you want to know the answers to these questions:

How do I get my modem to dial the server's number?

Where do I put my username and password?

How do I start and stop a network interface like ppp0?

The key to the whole mess is a pppd, a system daemon that acts as an intermediary between a serial port on your machine and a PPP network interface such as ppp0. To set up everything, you need to do four things:

Verify that your serial port, modem, and login (username and password) work.

Create an options file in /etc/ppp/peers containing configuration options.

Create a chat script to make your modem dial out (and possibly log in).

Set up Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) user authentication if necessary.

These four steps are explained in the following sections. If your distribution's dial-up configuration tool works for you, it may not be worth your while to read through these sections. However, if you don't read through them, at least run ifconfig when you're connected to see what the PPP interface name is, because you may need it later in the chapter for Network Address Translation (NAT) or firewalling.

5.8.1 Testing Your Serial Port and Modem

Before you start with the full pppd setup, you should use minicom to make sure that your modem works

How Linux Works: What Every Super-User Should Know

by Brian Ward ISBN:1593270356

This guide describes the inner workings of a Linux system beginning with the file system and boot process and covering advanced topics such as networking, firewalls, development tools, device management, shell scripts, and sharing printers with Samba.

Table of Contents

How Linux Works—What Every Super-User Should Know Chapter 1 - The Basics

Chapter 2 - Devices, Disks, Filesystems, and the Kernel Chapter 3 - How Linux Boots

Chapter 4 - Essential System Files, Servers, and Utilities Chapter 5 - Configuring Your Network

Chapter 6 - Network Services

Chapter 7 - Introduction to Shell Scripts Chapter 8 - Development Tools

Chapter 9 - Compiling Software From Source Code Chapter 10- Maintaining the Kernel

Chapter 11- Configuring and Manipulating Peripheral Devices Chapter 12- Printing

Chapter 13- Backups

Chapter 14- Sharing Files with Samba Chapter 15- Network File Transfer Chapter 16- User Environments Chapter 17- Buying Hardware for Linux Chapter 18- Further Directions Appendix A- Command Classification Bibliography

Index List of Figures List of Tables List of Sidebars

and that you can initiate a PPP connection. Modems talk to your computer through serial port devices, so the first thing you need to do is determine the serial port that your modem is connected to.

Note Don't try to use a Winmodem with Linux. See Section 17.2.4.

As mentioned in Section 2.3.2, Linux serial port dev ices are at /dev/ttyS*. If you're having problems, it's best to check your boot messages as described in Section 4.1 to see if the modem setup looks right and to verify that you're using the correct serial port device. In addition, you can run cat

/proc/ioports for more port statistics. Most modern hardware and kernels actually recognize the hardware configuration correctly, but if you have extra serial ports on different hardware interrupt numbers (IRQs), you may need to run setserial to specify the hardware parameters that the serial port uses. For example:

setserial /dev/ttyS3 irq 5

See the setserial(8) manual page for more options and a good ov erall explanation of serial ports.

Now you can get down to the business of checking the connection to the dial-up server with these steps:

Configure the baud rate, serial port, and other minicom settings with this command:

minicom -s 1.

After choosing your settings, exit the configuration menu. minicom then attempts to connect to the serial port.

Upon success, you should be able to enter AT commands. Test it by typing AT and then pressing ENTER. You should get OK as a response. If you're having trouble, skip to step 7 and then back to step 1.

Reset your modem (that is, clear its v olatile data) and dial your ISP's number by typing these two modem commands:

atz

atdtnumber 4.

Your modem should connect with a CONNECT message. W ait fiv e or ten seconds after you see the CONNECT message. You're looking for "garbage" like this:

~ÿ}#À!}!}!} }.}%}&} }

If you get this junk immediately after you see the CONNECT message, you'v e got a PPP connection, and furthermore, you probably need to use the PAP or CHAP authentication system when dialing up. Make a note of this and skip to the last step.

If you get something like Username: instead, type in your username (and password, if necessary).

After logging in, keep going (you might need to type ppp or something similar) until you get the

"garbage" mentioned in the previous step. In this case, you probably do not need to use PAP or CHAP.

Exit minicom by pressing CONTROL-A, then x. If minicom hangs when you're trying to exit, you can wait a little while to see if it times out, or you can be impatient, open another window, and use kill -KILL on the minicom process.

When interacting with the modem and remote server, take careful notes of all the settings you used, what you had to type, and the responses you got back. You'll need this information to write a chat script.

5.8.2 Starting pppd with Options Files

Now that you know how to log in to your ISP's serv er manually, you can create a configuration file containing the same connection settings you used with minicom -s. This allows you to make pppd dial the telephone number automatically.

How Linux Works: What Every Super-User Should Know

by Brian Ward ISBN:1593270356

Table of Contents

How Linux Works—What Every Super-User Should Know Chapter 1 - The Basics

Chapter 2 - Devices, Disks, Filesystems, and the Kernel Chapter 3 - How Linux Boots

Chapter 4 - Essential System Files, Servers, and Utilities Chapter 5 - Configuring Your Network

Chapter 6 - Network Services

Chapter 7 - Introduction to Shell Scripts Chapter 8 - Development Tools

Chapter 9 - Compiling Software From Source Code Chapter 10- Maintaining the Kernel

Chapter 11- Configuring and Manipulating Peripheral Devices Chapter 12- Printing

Chapter 13- Backups

Index List of Figures List of Tables List of Sidebars

Pick a name for the ISP and create an options file called /etc/ppp/peers/name, with the following lines:

ttyS1 115200 crtscts

connect '/usr/sbin/chat -v -f /etc/ppp/chat-name' noauth

defaultroute mru 1500

The first line specifies the modem dev ice, the CPU-to-modem speed, and the hardware flow control. You will read about these options in Section 5.8.5. Don't bother to tweak anything yet; for now, just make sure that your pppd can start properly.

Now make a chat file named /etc/ppp/chat-name. This chat file determines the connection

commands sent through the serial line and the responses that you expect from your ISP. For now, just fill it with the following lines, where number is your ISP's telephone number:

ABORT "NO CARRIER"

ABORT BUSY

"" ATZ OK

ATDTnumber CONNECT

Try to establish a connection by starting pppd with this command:

pppd call name

Monitor the progress by looking at your system log. The pppd syslog facility name is daemon, so the log information is probably in /var/log/daemon.log or something similar. Howev er, the chat program used for initializing the modem connection may use a different facility, such as local2.

You should get messages like this in your log file:

Jul 29 18:40:46 mikado pppd[634]: pppd 2.4.1 started by root, uid 0 Jul 29 18:40:47 mikado chat[635]: [chat messages]

Jul 29 18:40:47 mikado pppd[634]: Connect script failed Jul 29 18:40:48 mikado pppd[634]: Exit.

Take a careful look at the chat messages. They should tell you if the modem is dialing up, and if it gets an answer and connection from the remote serv er.

Even if the preceding connection settings work so far, expect the configuration to fail because you hav en't supplied a username and password. W atch the failure in the log carefully, because it tells you how to proceed. For example, if the log file says Connect script failed as in the preceding example, then you have a problem with the dial-up portion (in addition to not having supplied a username and password).

In particular, look out for these types of failures:

I/O errors happen when your serial port and modem are not set up correctly. Double-check the first line of the options file to make sure it matches the settings that you v erified earlier with minicom.

If the remote system uses PAP or CHAP, expect an authentication error. Skip to Section 5.8.4 to see how to configure PAP and CHAP.

Timeouts generally go along with incomplete chat scripts. Proceed to the next section to see how to finish your script.

Bad chat output, such as NO CARRIER and BUSY, are signs of telephone line problems. Double-check the ISP's telephone number.

To stop a PPP daemon after it finishes its chat sequence, use the following command, substituting the appropriate network interface name if yours is not ppp0:

How Linux Works: What Every Super-User Should Know

by Brian Ward ISBN:1593270356

Table of Contents

How Linux Works—What Every Super-User Should Know Chapter 1 - The Basics

Chapter 2 - Devices, Disks, Filesystems, and the Kernel Chapter 3 - How Linux Boots

Chapter 4 - Essential System Files, Servers, and Utilities Chapter 5 - Configuring Your Network

Chapter 6 - Network Services

Chapter 7 - Introduction to Shell Scripts Chapter 8 - Development Tools

Chapter 9 - Compiling Software From Source Code Chapter 10- Maintaining the Kernel

Chapter 11- Configuring and Manipulating Peripheral Devices Chapter 12- Printing

Chapter 13- Backups

Index List of Figures List of Tables List of Sidebars

kill `cat /var/run/ppp0.pid`

5.8.3 Chat Scripts

A chat script is a file containing commands that go out through the serial line and responses that you expect to receive from the serial line (the responses come from the modem or ISP, depending on the current stage of the dial-up process). Recall this chat script line from the previous section:

ATDTnumber CONNECT

This means that the chat program should dial with the ATDTnumber modem command and expect a response of CONNECT. After receiving a CONNECT response, chat moves to the next thing in the chat file.

After stepping through the entire file, and assuming that everything goes as anticipated, chat returns success and pppd proceeds with a PPP connection.

The details of your chat script depend on your ISP, and you should be armed with the information you got in Section 5.8.1 before trying to complete your script. However, here is a script that works for most serv ice providers that use Cisco equipment (where username is your username and password is your password):

ABORT "NO CARRIER"

ABORT BUSY

"" ATZ OK

ATDTnumber CONNECT

"" ername:

username ssword:

\qpassword >

ppp

The ABORT keywords and strings at the top of the script cause chat to exit with an error if it encounters one of those strings. In addition, \qstring tells chat not to send string to syslogd. In this case, it tells chat not to send password to syslogd when making a record of the connection.

Remember that if you use PAP or CHAP, your chat script likely should not contain any username or password information. Howev er, if your chat script does contain username and password details (like the preceding script), you should be mostly done after you finish the script — try to verify the connection with ifconfig -a, and try to access the Internet. If everything works, skip to Section 5.8.5 for information on how to tweak your options file.

Note For more information on chat, see the chat(8) manual page.

5.8.4 PAP and CHAP

Many dial-up ISPs require that logins use PAP (Password Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol). If your ISP has such a requirement, get started by adding the following entry for your username to the end of the /etc/ppp/peers/name options file from Section 5.8.2:

name username

Warning Don't put require-pap in your options file. This option is primarily for running a PPP gateway; it requires the remote system to authenticate with your system.

PAP

If your ISP uses a PAP server, edit /etc/ppp/pap-secrets. The lines in that file have this format:

your_hostname remote_hostname password ip_address

How Linux Works: What Every Super-User Should Know

by Brian Ward ISBN:1593270356

Table of Contents

How Linux Works—What Every Super-User Should Know

No documento Introduction to Shell ScriptsChapter 8 (páginas 95-99)