cancel
Showing results for 
Search instead for 
Did you mean: 

Linux config requirements ?

SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Linux config requirements ?

Would anyone with a working Linux (PPPoE) config like to share their setup - or share what didn't work ? I could work it out from scratch, but it's likely to be easier with some points as to what does and doesn't work to start from.
9 REPLIES 9
mxs
Grafter
Posts: 70
Registered: ‎08-12-2010

Re: Linux config requirements ?

Basic setup from memory for ubuntu based distro (should be useful for others but paths, etc may vary)
if you are running gnome then disable networking in it - unless things have changed with gnome3 it does not fully support ipv6 yet (mainly the dialer) so its easier just to configure it manually.  Don't know what the deal is with other window managers.
Install packages for pppoe, pppoe conf and wide dhcpv6 client (or another if you prefer - config here in wide dhcpv6 client format though).
Config wide dhcpv6 client....
/etc/default/wide-dhcpv6-client:
INTERFACES="ppp0"
/etc/wide-dhcpv6/dhcp6c.conf (this config provided by dave and worked for me):
  interface ppp0 {
      request domain-name-servers;
      request domain-name;
      send rapid-commit;
      send ia-pd 0;
      script "/etc/wide-dhcpv6/dhcp6c-script";
  };
  id-assoc pd {
          prefix-interface lo {
                  sla-id 3;   #interface id to form prefix
                  sla-len 8;  #shift from allocated prefix, ie /56 + 8 = /64, so netmask for lo0 is /64
                             
           };
  };
Now for the pppoe/dialer setup - you can do it manually but using pppoeconf sets up everything you need ok and is much faster.
First in /etc/ppp/options add the line:
+ipv6
Shut down the networking service (pppoeconf seems to fail if networking is up) then run pppoeconf - follow the prompts and enter details/accept defaults and that should give you a basic working setup.
Bear in mind you need to set up an ipv6 firewall in addition to an ipv4 one (would recommended doing both asap if its connected to your network or has anything on there that matters - my box was getting hit with all kinds of stuff shortly after it went live). 😛
Hopefully that helps a little - my ipv6 box is not live at the moment (dodgy PSU I think) but will hopefully get a bit of time to bring it back to life over the holidays.
SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Re: Linux config requirements ?

Am I right in thinking that's a single desktop you're configuring there ?
I'm wondering how you get from configuring the PPP interface with DHCP to configuring routing and downstream clients. Presumably that needs something in the DHCP client script ?
FYI - my router is a Debian on a headless machine in a cupboard.
mxs
Grafter
Posts: 70
Registered: ‎08-12-2010

Re: Linux config requirements ?

Have setup a desktop orientated box (with gnome) and a pure server/gateway - this is just the ppp setup as you say - I found it easier to get that side of things working properly first before worrying about client machines.    For the other half of the solution for server there are a few different options for dhcpv6 servers or relays depending how you want to assign internal addresses. 
If you have specific routing requirements you can set them up using route6 in the same way as you would for ipv4 (or just use a default interface/gateway).  You will also probably need to enable ipv6 forwarding using sysctl
If I can get my test server back up I will try and get any additional configs posted that may be of use.
SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Re: Linux config requirements ?

I already have a working IPv6 setup using a Hurricane Electric tunnel.
Are people manually configuring their internal setup (I assume the assignments from PlusNet are static ?), or are people integrating the DHCP6 client with their routing and downstream address assignments ?
SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Re: Linux config requirements ?

OK, had a bit more time to experiment today.
I have a new PPP config up and running with a test ID - Check
Gets a static IPv4 address - check
IPv4 networking works - check
Have a link local IPv6 address on ppp0 - check
Installed wide-dhcp6-client
Configured as per the suggestion, and running it with verbose debugging I can see it gets an address prefix but then I'm kind of lost.
interface ppp0 {
  send rapid-commit;
  send ia-pd 0;
  script "/etc/wide-dhcpv6/dhcp6c-script";
};
id-assoc pd {
  prefix-interface lo {
    sla-id 3;  #interface id to form prefix
    sla-len 8;  #shift from allocated prefix, ie /56 + 8 = /64, so netmask for lo0 is /64 
  };
};


Wide DHCP client only seems to call it's script to process options (ie the DNS Server option I didn't ask for (removed the request from the config)). The rest seems to be done internally to Wide DHCP, and the documentation for Wide DHCP seems to be "thin" to say the least. I can now see that the last bit (id-assoc pd) is computing a prefix and configuring an address on lo.
There's nothing I can find that gives any clues how to get this to trigger other stuff - I need to configure radvd and/or dhcp6 server and [re]start them etc. I also need to do stuff when bringing down the interface.
Alternatively, can someone at Plusnet state that the IPv6 address assignments will be static ? If that's the case, then I might as well just configure everything by hand which would save a heck of a lot of hassle  - assuming their systems will work without my endpoint having used DHCP to get the information.
SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Re: Linux config requirements ?

OK, I've now done a bit more, and have a working but manually setup config.
First a little more about my setup. I have a home server, hosting as a Xen guest a small Linux machine running as a dedicated router. This is running Debian Squeeze (2.6.32 kernel), PPPoE via a Netgear DM111P modem for internet connection, Shorewall (IPv4 firewall), Shorewall6 (IPv6 firewall), radvd for basic IPv6 client setup, and a tunnel via Hurricane Electric (HE) for IPv6 connectivity.
I have manual IPv6 address assignments for my key boxes (including this router), and in internal DNS server/resolver. So I can connect to "eddie.<mydomain>.co.uk and my internal clients will use IPv4 or IPv6 to access it depending on whether the client has an IPv6 address (not everything supports IPv6), and what it's config says.
Anyway, this is where I've got to :

First step was to add an additional peer to my PPP config.
In [tt]/etc/ppp/peers[/tt] - copy existing peer config (plusnet) to new file (plusnet-ipv6
To this file, add the option +ipv6
Add the login & password to[tt] /etc/ppp/chap-secrets[/tt]
If you are using the default setup done with the PPP config scripts, then you will be using a config called dsl-provider.
Bring down my IPv6 tunnel with Hurricane Electric (HE)
ifdown he-ipv6

Bring down my normal connection with plusnet
ifdown plusnet

Remove HE IPv6 addresses
ip addr del xxxx:xxxx:xxxx::1/64 dev eth0

Stop radvd so clients will stop using their existing IPv6 addresses.
/etc/init.d/radvd stop

And clear my current Shorewall6 config to avoid it getting in the way and confusing things
shorewall6 clear


Add an entry to /etc/network/interfaces
  iface plusnet-ipv6 inet ppp
  provider plusnet-ipv6

I've deliberately not made this "auto" as I don't want it bringing up except while I'm doing things manually.
We should now be able to bring up the new connection
ifup plusnet-ipv6

and check that it's come up
ifconfig ppp0
ppp0      Link encap:Point-to-Point Protocol 
          inet addr:81.174.xxx.xxx  P-t-P:195.166.128.123  Mask:255.255.255.255
          inet6 addr: fe80::xxxx:xxxx:xxxx:xxxx/10 Scope:Link
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:770 errors:0 dropped:0 overruns:0 frame:0
          TX packets:919 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:315291 (307.9 KiB)  TX bytes:153018 (149.4 KiB)

The key things at this point are :
1) Our IPv4 has come up correctly and all our IPv4 stuff should be working
2) We have a LInk Local IPv6 address (fe80::…)
We now need a DHCP client for IPv6. I'm used to using the ISC DHCP software, but this does not work on PPP interfaces without patching. So I installed Wide DHCP :
apt-get install wide-dhcpv6-client

Configure the DHCP client to ask for information (see http://community.plus.net/forum/index.php/topic,96320.msg812216.html#msg812216)
interface ppp0 {
#  request domain-name-servers;
#  request domain-name;
  send rapid-commit;
  send ia-pd 0;
  script "/etc/wide-dhcpv6/dhcp6c-script";
};
id-assoc pd {
  prefix-interface lo {
    sla-id 3;  #interface id to form prefix
    sla-len 8;  #shift from allocated prefix, ie /56 + 8 = /64, so netmask for lo0 is /64
  };
};


And test it :
dhcp6c -d -D -f ppp0

You should now get pages and pages of debug information !

Fairly quickly I realise that this DHCP client config does things I don't want. It changes my resolve.conf which is bad since I run my own internal resolver, and it adds an address to lo which I don't need.
So, I changed the config to just :
interface ppp0 {
  send rapid-commit;
  send ia-pd 0;
};
id-assoc pd {
};

All this does is get a PD from Plusnet's server which seems to keep things happy at their end.
Questions :
Is DHCP actually required ?
Does it (for example) setup IPv6 routing or whatever via the active link ?
Would things work reliably if I just used DCHP to find out my PD initially, and then hard-coded everything after that ?

I then manually configured interface IPs and routes :
ip addr add 2a02:16c8:xxx:xxx0::1/64 dev eth0
ip addr add 2a02:16c8:xxx:xxx7::1/64 dev ppp0
ip -6 route add default via fe80::90:1a00:3a3:8d54 dev ppp0

And tested :
ping6 ipv6.google.com
traceroute6 ipv6.google.com

The address fe80::90:1a00:3a3:8d54 here is the LL address of the remote end as reported by wide-dhcpd.

A quick test reveals that the default route can be simplified :
ip -6 route add default dev ppp0

This means that I don't need to parse the DCHP client output to get the remote endpoint address in order to add a default route.
Starting radvd allows my other machines to self-assign addresses :
/etc/init.d/radvd start

[tt]/etc/radvd.conf[/tt] :
interface eth0 {
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
prefix ::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
};

By using "prefix ::/64", radvd just gets the public IPs from those already present on the interface. Useful during testing as it is one less config file to alter when switching Pv6 upstream connections.
Now, to sort out a firewall. I'm already running Shorewall6 with my HE connection, so a couple of changes needed :
In /etc/shorewall6/interfaces, remove he-ipv6 and add ppp0 to the net zone
In /etc/shorewall6/rules, add rules to allow in and outbound DHCP6 traffic :
ACCEPT          $FW             net             udp             547
ACCEPT          net            $FW            udp            546

So that's got me a working IPv6 connection using my Linux router.
Now, what to do to automate it all ?
As I see it, I need the following :
When ppp0 comes up - start a dhcp6 client on it.
When the dhcp client gets a PD, configure my interfaces, add a default route, restart Shorewall6 and radvd.
If ppp0 goes down, then drop my public addresses and default route, restart Shorewall6 and radvd.
I don't see easy ways to automate much of that at all. Any suggestions welcome !
SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Re: Linux config requirements ?

Update :
For Shorewall6 config :
Instead of adding rules for DHCP traffic, just add "DHCP" as an option in the interfaces file.
In interfaces, leave both the HE tunnel and ppp0 enabled, and specify "optional" for both.
This should allow a config that works either with Plusnet native IPv6, or an HE tunnel.
You will however still need to change/duplicate any rules that use public IPv6 addresses.
SimonHobson
Rising Star
Posts: 190
Thanks: 41
Registered: ‎30-07-2007

Re: Linux config requirements ?

Quote from: SimonHobson
Questions :
Is DHCP actually required ?
Does it (for example) setup IPv6 routing or whatever via the active link ?
Would things work reliably if I just used DCHP to find out my PD initially, and then hard-coded everything after that ?

Answering my own questions ...
Yes, it does seem that DHCP6 is required. I have a set of commands ready to copy/paste to switch connections/configs, and if I omit firing up a DHCP6 client then I get no connectivity. When I fire up the DHCP6 client, a few seconds latter I start getting IPv6 traffic going through.
MJN
Pro
Posts: 1,314
Thanks: 161
Fixes: 5
Registered: ‎26-08-2010

Re: Linux config requirements ?

Hi Simon,
I suspect that is because at Plusnet's end they will route traffic for your PD to you, but as the PD is determined by DHCPv6 (even if it never changes) then if there was no DHCPv6 request within the expiry time of the last assignment then the route will be pulled. Besides which, if they were to ever change your PD you'd need the client running to pick up the new prefix otherwise you'd lose connectivity.
Mathew
dick:quote