我正在尝试设置一个pppoe 服务器/集中器为了测试我的 pppoe 客户端。
我按照这里的指南操作https://poundcomment.wordpress.com/2011/03/30/pppoe-server-on-ubuntu/乍一看一切都很好。
但是当我尝试从正在设置的 Ubuntu 机器进行连接时,sudo ppoeconf
我得到plog -n 30
以下命令:
client pppd[4618]: Plugin rp-pppoe.so loaded
client pppd[4618]: pppd 2.4.7 started by root, uid 0
client pppd[4618]: Connected to 00:0c:29... via interface ens33
client pppd[4618]: Using interface ppp0
client pppd[4618]: Connect: ppp0 <--> ens33
client pppd[4618]: CHAP authentication succeeded
client pppd[4618]: CHAP authentication succeeded
client pppd[4618]: peer from calling number 00:0C:29.... authorized
client pppd[4618]: LCP terminated by peer (Authentication failed)
client pppd[4618]: Modem hangup
client pppd[4618]: Connection terminated.
client pppd[4618]: Failed to disconnect PPPoE socket: 114 Operation already in progress
看起来客户端看到服务器启动了并且 CHAP 认证进行得很顺利,而连接却挂在 LCP 部分。
为什么会这样?我该如何解决?
附注:
- 服务器有 2 个接口,分别名为 ens33(充当 wan)和 ens34(充当 lan)
- 客户端机器有 ens33,用于连接服务器机器上的 ens34
脚本张贴和后下是指南中列出的,但大多数服务器上都加载了以下行:
pppoe-server -C isp -L 192.168.50.1 -p /etc/ppp/ipaddress_pool -I ens34 -m 1412
服务器配置
我从一开始使用的完整流程:
1)在将成为 pppoe 服务器/集中器的机器上安装 debian9 基础
2)安装build-essential
,,ppp
下载并安装咆哮的企鹅pppoe
apt-get --assume-yes install build-essential
apt-get --assume-yes install ppp
wget https://www.roaringpenguin.com/files/download/rp-pppoe-3.12.tar.gz
tar -zxvf rp-pppoe-3.12.tar.gz
cd rp-pppoe-3.12/src/
./configure
make && make install
3)编辑一些配置文件:
文件/etc/ppp/pppoe-server-options
:
# PPP options for the PPPoE server
# LIC: GPL
#require-pap
require-chap
login
lcp-echo-interval 10
lcp-echo-failure 2
ms-dns 208.67.222.222
ms-dns 208.67.220.220
netmask 255.255.255.0
defaultroute
noipdefault
usepeerdns
文件/etc/ppp/chap-secrets
:
# Secrets for authentication using CHAP
# client server secret IP addresses
"alice" * "1234" 172.32.50.2
(因为我现在不关心密码,这是一台测试机器)
文件/etc/ppp/ipaddress_pool
:
192.168.50.2-30
文件/etc/ppp/pppoe_start
:
#!/bin/bash
##############################
# Simple script that starts PPPoE Server
##############################
# Enable IP Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# Start PPPoE Server
pppoe-server -C isp -L 192.168.50.1 -p /etc/ppp/ipaddress_pool -I ens34 -m 1412
# Set Firewall rules
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o ens33 -j MASQUERADE
文件/etc/ppp/pppoe_stop
:
#!/bin/bash
##############################
# Simple script that stops PPPoE Server
##############################
# Disable IP Forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward
# Kill PPPoE Server
killall pppoe-server
killall pppd
# Flush the IPtable rules.
iptables -t nat -F POSTROUTING
文件/etc/network/interfaces
:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug ens33
iface ens33 inet dhcp
auto ens34
iface ens34 inet manual
address 192.168.50.1
netmask 255.255.255.0
up ifconfig $IFACE 0.0.0.0 up
post-up /etc/ppp/pppoe_start
post-down /etc/ppp/pppoe_stop
down ifconfig $IFACE down
客户端配置
对于客户端,我使用了全新安装的 ubuntu 14.04 vm,并通过终端使用 sudo pppoeconf 进行配置
配置似乎有效,但错误是列出的错误
客户端上的配置是:
文件/etc/ppp/peers/dsl-provider
:
# Minimalistic default options file for DSL/PPPoE connections
noipdefault
replacedefaultroute
hide-password
#lcp-echo-interval 30
#lcp-echo-failure 4
noauth
persist
mtu 1412
#maxfail 0
#holdoff 20
plugin rp-pppoe.so
nic-ens33
user "alice"
usepeerdns
文件/etc/ppp/peers/provider
:
# example configuration for a dialup connection authenticated with PAP or CHAP
#
# This is the default configuration used by pon(1) and poff(1).
# See the manual page pppd(8) for information on all the options.
# MUST CHANGE: replace myusername@realm with the PPP login name gi ven to
# your by your provider.
# There should be a matching entry with the password in /etc/ppp/p ap-secrets
# and/or /etc/ppp/chap-secrets.
user "myusername@realm"
# MUST CHANGE: replace ******** with the phone number of your prov ider.
# The /etc/chatscripts/pap chat script may be modified to change t he
# modem initialization string.
connect "/usr/sbin/chat -v -f /etc/chatscripts/pap -T ********"
# Serial device to which the modem is connected.
/dev/modem
# Speed of the serial line.
115200
# Assumes that your IP address is allocated dynamically by the ISP .
noipdefault
# Try to get the name server addresses from the ISP.
usepeerdns
# Use this connection as the default route.
defaultroute
# Makes pppd "dial again" when the connection is lost.
persist
# Do not ask the remote to authenticate.
noauth
LCP 信息
关于 LCP 读取,它似乎执行以下操作。
- 检查链接设备的身份并接受或拒绝对等设备
- 确定可接受的传输数据包大小
- 搜索配置中的错误
- 如果要求超出参数,可以终止链接
因此我很难理解问题可能是什么。
答案1
您没有使用有效的 B 类私有地址空间。
有效的 B 类私有范围是 172.16.0.0 /16 至 172.31.255.255 /16
当它是公共地址时,路由器会将流量发送到互联网进行解析。这可以看作是一个偶发性问题,甚至完全没有连接。
网络范围:172.32.0.0 - 172.63.255.255 分配给 T-Mobile USA, Inc
希望这可以帮助
答案2
在 Raspbian 上也遇到过类似的问题。检查echo 1 > /proc/sys/net/ipv4/ip_forward
命令是否在您的 PPPoE 服务器上成功运行。
如果没有手动更改/etc/sysctl.conf
,则该行应如下所示:
net.ipv4.ip_forward=1