服务器配置

tag-icon tag-icon linux networking ubuntu router pppoe
服务器配置

我正在尝试设置一个pppoe 服务器/集中器为了测试我的 pppoe 客户端。

我按照这里的指南操作https://poundcomment.wordpress.com/2011/03/30/pppoe-server-on-ubuntu/乍一看一切都很好。

但是当我尝试从正在设置的 Ubuntu 机器进行连接时,sudo ppoeconf我得到plog -n 30以下命令:

client pppd[4618]: Plugin rp-pppoe.so loaded
client pppd[4618]: pppd 2.4.7 started by root, uid 0
client pppd[4618]: Connected to 00:0c:29... via interface ens33
client pppd[4618]: Using interface ppp0
client pppd[4618]: Connect: ppp0 <--> ens33
client pppd[4618]: CHAP authentication succeeded
client pppd[4618]: CHAP authentication succeeded
client pppd[4618]: peer from calling number 00:0C:29.... authorized
client pppd[4618]: LCP terminated by peer (Authentication failed)
client pppd[4618]: Modem hangup
client pppd[4618]: Connection terminated.
client pppd[4618]: Failed to disconnect PPPoE socket: 114 Operation already in progress

看起来客户端看到服务器启动了并且 CHAP 认证进行得很顺利,而连接却挂在 LCP 部分。

为什么会这样?我该如何解决?

附注:

  • 服务器有 2 个接口,分别名为 ens33(充当 wan)和 ens34(充当 lan)
  • 客户端机器有 ens33,用于连接服务器机器上的 ens34

脚本张贴后下是指南中列出的,但大多数服务器上都加载了以下行:

pppoe-server -C isp -L 192.168.50.1 -p /etc/ppp/ipaddress_pool -I ens34 -m 1412

服务器配置

我从一开始使用的完整流程:

1)在将成为 pppoe 服务器/集中器的机器上安装 debian9 基础

2)安装build-essential,,ppp下载并安装咆哮的企鹅pppoe

apt-get --assume-yes install build-essential
apt-get --assume-yes install ppp
wget https://www.roaringpenguin.com/files/download/rp-pppoe-3.12.tar.gz
tar -zxvf  rp-pppoe-3.12.tar.gz
cd rp-pppoe-3.12/src/
./configure
make && make install

3)编辑一些配置文件:

文件/etc/ppp/pppoe-server-options

# PPP options for the PPPoE server
# LIC: GPL
#require-pap
require-chap
login
lcp-echo-interval 10
lcp-echo-failure 2
ms-dns 208.67.222.222
ms-dns 208.67.220.220
netmask 255.255.255.0
defaultroute
noipdefault
usepeerdns

文件/etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client              server   secret                 IP addresses
"alice"               *        "1234"                 172.32.50.2

(因为我现在不关心密码,这是一台测试机器)

文件/etc/ppp/ipaddress_pool

192.168.50.2-30

文件/etc/ppp/pppoe_start

#!/bin/bash
##############################
# Simple script that starts PPPoE Server
##############################

# Enable IP Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# Start PPPoE Server
pppoe-server -C isp -L 192.168.50.1 -p /etc/ppp/ipaddress_pool -I ens34 -m 1412

# Set Firewall rules
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o ens33 -j MASQUERADE

文件/etc/ppp/pppoe_stop

#!/bin/bash
##############################
# Simple script that stops PPPoE Server
##############################

# Disable IP Forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

# Kill PPPoE Server
killall pppoe-server
killall pppd

# Flush the IPtable rules.
iptables -t nat -F POSTROUTING

文件/etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens33
iface ens33 inet dhcp

auto ens34
iface ens34 inet manual
        address 192.168.50.1
        netmask 255.255.255.0
        up ifconfig $IFACE 0.0.0.0 up
        post-up /etc/ppp/pppoe_start
        post-down /etc/ppp/pppoe_stop
        down ifconfig $IFACE down

客户端配置

对于客户端,我使用了全新安装的 ubuntu 14.04 vm,并通过终端使用 sudo pppoeconf 进行配置

配置似乎有效,但错误是列出的错误

客户端上的配置是:

文件/etc/ppp/peers/dsl-provider

# Minimalistic default options file for DSL/PPPoE connections

noipdefault
replacedefaultroute
hide-password
#lcp-echo-interval 30
#lcp-echo-failure 4
noauth
persist
mtu 1412
#maxfail 0
#holdoff 20
plugin rp-pppoe.so
nic-ens33
user "alice"
usepeerdns

文件/etc/ppp/peers/provider

# example configuration for a dialup connection authenticated with                                PAP or CHAP
#
# This is the default configuration used by pon(1) and poff(1).
# See the manual page pppd(8) for information on all the options.

# MUST CHANGE: replace myusername@realm with the PPP login name gi                               ven to
# your by your provider.
# There should be a matching entry with the password in /etc/ppp/p                               ap-secrets
# and/or /etc/ppp/chap-secrets.
user "myusername@realm"

# MUST CHANGE: replace ******** with the phone number of your prov                               ider.
# The /etc/chatscripts/pap chat script may be modified to change t                               he
# modem initialization string.
connect "/usr/sbin/chat -v -f /etc/chatscripts/pap -T ********"

# Serial device to which the modem is connected.
/dev/modem

# Speed of the serial line.
115200

# Assumes that your IP address is allocated dynamically by the ISP                               .
noipdefault
# Try to get the name server addresses from the ISP.
usepeerdns
# Use this connection as the default route.
defaultroute

# Makes pppd "dial again" when the connection is lost.
persist

# Do not ask the remote to authenticate.
noauth

LCP 信息

关于 LCP 读取,它似乎执行以下操作。

  • 检查链接设备的身份并接受或拒绝对等设备
  • 确定可接受的传输数据包大小
  • 搜索配置中的错误
  • 如果要求超出参数,可以终止链接

因此我很难理解问题可能是什么。

答案1

您没有使用有效的 B 类私有地址空间。

有效的 B 类私有范围是 172.16.0.0 /16 至 172.31.255.255 /16

当它是公共地址时,路由器会将流量发送到互联网进行解析。这可以看作是一个偶发性问题,甚至完全没有连接。

网络范围:172.32.0.0 - 172.63.255.255 分配给 T-Mobile USA, Inc

希望这可以帮助

答案2

在 Raspbian 上也遇到过类似的问题。检查echo 1 > /proc/sys/net/ipv4/ip_forward命令是否在您的 PPPoE 服务器上成功运行。

如果没有手动更改/etc/sysctl.conf,则该行应如下所示:

net.ipv4.ip_forward=1

相关内容