Consider creating one or more IP addresses for all incoming calls instead of assigning a unique IP address to each remote user. Dedicated IP addresses are particularly important if the number of potential callers exceeds the number of serial ports and modems on the dial-in server. You can implement a number of different scenarios, depending on your site's needs. Moreover, the scenarios are not mutually exclusive.
Dynamic addressing involves the assignment to each caller of the IP address that is defined in /etc/ppp/options.ttyname. Dynamic addressing occurs on a per-serial port basis. When a call arrives over a serial line, the caller receives the IP address in the /etc/ppp/options.ttyname file for the call's serial interface.
For example, suppose a dial-in server has four serial interfaces that provide dial-up service to incoming calls:
For serial port term/a, create the file /etc/ppp/options.term.a with the following entry:
For serial port term/b, create the file /etc/ppp/options.term.b with the following entry:
For serial port term/c, create the file /etc/ppp/options.term.c with the following entry:
For serial port term/d, create the file /etc/ppp/options.term.d with the following entry:
With the previous addressing scheme, an incoming call on serial interface /dev/term/c is given the IP address 10.1.1.3 for the duration of the call. After the first caller hangs up, a later call that comes in over serial interface /dev/term/c is also given the IP address 10.1.1.3.
The advantages of dynamic addressing include the following:
You can track PPP network usage down to the serial port.
You can assign a minimum number of IP addresses for PPP use.
You can administer IP filtering in a more simplified fashion.
If your site implements PPP authentication, you can assign specific, static IP addresses to individual callers. In this scenario, every time a dial-out machine calls the dial-in server, the caller receives the same IP address.
You implement static addresses in either the pap-secrets or chap-secrets database. Here is a example of an /etc/ppp/pap-secrets file that defines static IP addresses.
joe myserver joepasswd 10.10.111.240 sally myserver sallypasswd 10.10.111.241 sue myserver suepasswd 10.10.111.242
joe, sally, and sue are the names of the authorized callers.
myserver indicates the name of the server.
joepasswd, sallypasswd, and suepasswd indicate the passwords for each caller.
10.10.111.240 and 10.10.111.241 and 10.10.111.242 are the IP addresses assigned to each caller.
Here is a example of an /etc/ppp/chap-secrets file that defines static IP addresses.
account1 myserver secret5748 10.10.111.244 account2 myserver secret91011 10.10.111.245
account1 and account2 indicate the names of the callers.
myserver indicates the name of the server for each caller.
secret5748 and secret91011 indicates the CHAP secret for each caller.
10.10.111.244 and 10.10.111.245 are the IP addresses for each caller.
If you are using either PAP or CHAP authentication, you can assign IP addresses to callers by the sppp unit number. The following shows an example of this usage.
myclient ISP-server mypassword 10.10.111.240/28+
The plus sign (+) indicates that the unit number is added to the IP address. Note the following:
Addresses 10.10.111.240 through 10.10.111.255 are assigned to remote users.
sppp0 gets IP address 10.10.111.240.
sppp1 gets IP address 10.10.111.241 and so on.