Editing the PPP Path Configuration File (ppp.conf)
The PPP path configuration file (/etc/opt/SUNWconn/ppp/ppp.conf) describes the synchronous and asynchronous (or dialup) paths used for IP over Solstice PPP. It includes the ifconfig(1M) commands that establish the logical IP interfaces for Solstice PPP.
Defining IP Interfaces using ifconfig
The ifconfig(1M) commands that are contained in the PPP configuration file establish the point-to-point (ipdptpn) and point-to-multipoint (ipdn) IP interfaces for Solstice PPP. These commands are executed when Solstice PPP is started, to assign a network address to each interface and to configure the network parameters.
Synopsis
The ifconfig commands used to establish the IP interfaces for Solstice PPP have the general form:
ifconfig interface plumb source [dest] netmask mask mtu mtu up |
Arguments
interface
The name and type of the IP interface. The IP interfaces for Solstice PPP are ipdptpn (point-to-point) and ipdn (point-to-multipoint), where n is a number. By convention, IP interfaces are numbered sequentially from zero.
For example, ipdptp0, ipdptp1, ipdptp2, or ipd0, ipd1, ipd2
plumb
Opens the device associated with the interface name, and sets up the STREAMS that enable TCP/IP to use the device.
source
An IP address (dot notation) or hostname that represents the source address, or point of attachment, for point-to-point and point-to-multipoint IP interfaces.
dest
Point-to-point interfaces only. An IP address (dot notation) or hostname that represents the destination address for a point-to-point IP interface.
netmask mask
Specifies how much of the IP address to reserve for dividing networks into subnetworks. The mask can be entered in dot notation, or in hexadecimal when preceded by 0x.
mtu mtu
Sets the maximum transmission unit (MTU) for the interface. The MTU must be in the range 60 to 8232 bytes, and is usually set to 1500, which is the optimum value for Ethernet networks.
up
Marks the interface up--that is, active. You can disable an interface temporarily by marking it down. The IP interfaces associated with synchronous PPP links are usually marked up by default. If the IP interface associated with an asynchronous PPP link is marked up, the link manager will attempt to establish the link automatically when the IP layer passes an IP datagram to the interface.
Examples
To establish a point-to-multipoint IP interface for Solstice PPP, include an ifconfig command of the form:
ifconfig ipd0 plumb papyrus netmask 255.255.255.0 mtu 1500 up |
To establish a point-to-point IP interface for Solstice PPP, include an ifconfig command of the form:
ifconfig ipdptp0 plumb ifconfig ipdptp0 papyrus epic netmask 255.255.255.0 mtu 1500 up |
Note that the interface can be fully defined by concatenating multiple ifconfig commands, as shown in the previous example.
Defining a Pool of IP Interfaces for Dynamic IP Address Allocation
To configure a server to support dynamic IP address allocation, you must define a pool of point-to-point IP interfaces that will be assigned to the clients as required. These interfaces are always marked down by default.
For example, to create a pool of n point-to-point IP interfaces for dynamic IP address allocation:
ifconfig ipdptp0 plumb ifconfig ipdptp0 local rem1 netmask 255.255.255.0 mtu 1500 down ifconfig ipdptp1 plumb ifconfig ipdptp1 local rem2 netmask 255.255.255.0 mtu 1500 down ifconfig ipdptp2 plumb ifconfig ipdptp2 local rem3 netmask 255.255.255.0 mtu 1500 down . . ifconfig ipdptpn plumb ifconfig ipdptpn local remn netmask 255.255.255.0 mtu 1500 down |
The number of interfaces in the pool should equal the number of asynchronous devices (modems) attached to the server, and the maximum number of interfaces in the pool is 512. The total number of clients supported by the server may be much greater.
If you have a small number of clients, or the same number of clients and modems, you can assign the interfaces statically. In this case, when a client requests an IP address, it is always assigned the same one from the pool.
If you have a large number of clients, or many more clients than modems, you can assign the interfaces dynamically. In this case, when a client requests an IP address, it is assigned one from the pool, but there is no guarantee that it will always receive the same one.
See "Defining Asynchronous Paths (dialup_path)" for instructions on how to assign static and dynamic IP interfaces.
Defining Synchronous Paths (sync_path)
Synchronous paths are identified in the file ppp.conf by the keyword sync_path, which starts each definition. They are always associated with point-to-point IP interfaces.
Synopsis
Synchronous path definitions have the following general form:
sync_path ip_interface ipdptpn unix_device device_name . . . |
Keywords
sync_path
Mandatory parameter for synchronous paths. Indicates the start of a synchronous path definition.
Mandatory parameter for synchronous paths. Associates the synchronous path with one of the point-to-point IP interfaces defined in the ifconfig section of the file. Load-sharing is enabled if two or more synchronous paths share the same IP interface.
Mandatory parameter for synchronous paths. Associates the synchronous path with one of the synchronous devices defined in the file link.conf. The value device must correspond to a synchronous serial interface installed in your machine.
For example, the device names of the form zshn associate the path with one of the on-board serial interfaces. The device names of the form hihn, associate the path with a high-speed serial interface (HSI).
Optional parameter for synchronous paths. Adds the route to the routing table as the default destination. The route is removed when the IP interface is marked down.
Optional parameter for synchronous paths. Accepts the IP addresses provided by the remote host, even if they differ from the IP addresses assigned to the interface locally.
The value state can be on (enabled) or off (disabled). The default value is off.
Optional parameter for synchronous paths. Indicates the current state of the link monitor. When enabled, the link monitor sends periodic echo requests to the remote host. If the remote host fails to respond after a specified number of requests, the link monitor assumes that the link has failed for some reason. It marks the IP interface associated with the synchronous path down to stop the transmission of more IP datagrams across the failed link.
The value state can be on (enabled) or off (disabled). The default value is off.
Optional parameter for synchronous paths. Specifies the number of seconds which elapse between consecutive echo requests generated by the link monitor.
The value seconds can be any integer greater than zero. The default value is 5 seconds.
link_monitor_retries max_retries
Optional parameter for synchronous paths. Specifies the number of unanswered echo requests generated by the link monitor before the remote host is considered unreachable and the IP interface is disabled.
The value max_retries can be any integer greater than zero. The default value is 12.
Optional parameter for synchronous and asynchronous paths. Assigns a name that is used by ppptrace and pppstat to identify the link. The value name can be any character string.
Optional parameter for synchronous and asynchronous paths. Indicates the current state of the header compression facility, which uses Van Jacobsen compression to improve performance over slow links.
The value state can be vj (enabled) or off (disabled). The default value is vj.
Optional parameter for synchronous and asynchronous paths. Specifies the maximum receive unit (MRU) for the local machine. This parameter is carried in the LCP Configure-request frame, and sets the maximum transmission unit (MTU) for the remote host. See Appendix A, PPP Link Operation for more information.
By default, the value mru is set to 1500 bytes for Ethernet networks.
Optional parameter for synchronous and asynchronous paths. Specifies the number of seconds which elapse between consecutive LCP Configure-request frames. Increasing the LCP restart timer may be necessary when connecting over long delay networks, such as satellite connections. See Appendix A, PPP Link Operation for more information.
The value seconds can be any integer greater than zero. The default value is 3 seconds.
Optional parameter for synchronous and asynchronous paths. Specifies the number of unanswered LCP Configure-request frames generated before the endpoint is considered unreachable and the IP interface is marked as down. See Appendix A, PPP Link Operation for more information.
The value max_restart can be any integer in the range 1 to 255. The default value is 10. If the value max_restart is set to 255, LCP Configure-request frames are generated periodically until the remote host finally responds.
Optional parameter for synchronous and asynchronous paths. Indicates that the local host will request authentication from remote hosts, and the authentication protocol to be used. If authentication is enabled, remote hosts must authenticate themselves successfully, or the connection is closed.
The value mode can be off (no authentication), pap (authentication using PAP), chap (authentication using CHAP), or pap|chap (authentication using both PAP and CHAP). The default value is off.
If both PAP and CHAP are enabled, CHAP authentication is performed first. If the remote host does not support CHAP authentication, it is allowed to participate in PAP authentication only.
Mandatory parameter, if the local host requests PAP authentication. Specifies the PAP identifier expected from a remote host. The value pap_id can be any string between 0 and 255 characters in length. A zero length value is represented by: expect_pap_id ""
Mandatory parameter, if the local host requests PAP authentication. Specifies the PAP password expected from a remote host. The value pap_passwd can be any string, between 0 and 255 characters in length. A zero length value is represented by: expect_pap_passwd ""
Mandatory parameter, if the local host requests CHAP authentication. Specifies the CHAP name expected from a remote host. The value chap_name can be any string, between 1 and 255 characters in length.
Mandatory parameter, if the local host requests CHAP authentication. Specifies the CHAP secret that is used with the challenge value to generate the response expected from the remote host. The value chap_secret can be any string, between 1 and 255 characters in length.
Optional parameter. Indicates whether the local host will participate in authentication negotiation requested by remote hosts, and the authentication protocol used.
The value mode can be off (no authentication), pap (authentication using PAP), chap (authentication using CHAP), or pap|chap (authentication using both PAP and CHAP). The default value is off.
Mandatory parameter, if the remote host requests PAP authentication. Specifies the PAP identifier sent to a remote host when it requests authentication. The value pap_id can be any string, between 0 and 255 characters in length. A zero length value is represented by: expect_pap_id ""
Mandatory parameter, if the remote host requests PAP authentication. Specifies the PAP password sent to a remote host when it requests authentication. The value pap_passwd can be any string, between 0 and 255 characters in length. A zero length value is represented by: expect_pap_passwd ""
Mandatory parameter, if the remote host requests CHAP authentication. Specifies the CHAP name sent to a remote host when it requests authentication. The value chap_name can be any string, between 1 and 255 characters in length.
Mandatory parameter, if the remote host requests CHAP authentication. Specifies the CHAP secret that is used with the challenge value to generate the response sent to the remote host. The value chap_secret can be any string, between 1 and 255 characters in length.
Examples
The following synchronous path definition shows that the local host will request both PAP and CHAP authentication from remote hosts, but will only participate in PAP negotiation when authentication is requested by a remote host:
sync_path
ip_interface ipdptp0
unix_device zsh0
expect_authentication pap|chap
expect_pap_id epic_id
expect_pap_passwd epic_passwd
expect_chap_name epic_name
chap_peer_secret epic_secret
send_authentication pap
send_pap_id papyrus_id
send_pap_passwd papyrus_passwd
|
The following synchronous path definitions show load-sharing enabled between two synchronous paths that use the same IP interface:
sync_path
ip_interface ipdptp2
unix_device hih0
sync_path
ip_interface ipdptp2
unix_device hih1
|
Defining Asynchronous Paths (dialup_path)
Asynchronous paths are identified in the file ppp.conf by the keyword dialup_path, which starts each definition. They can be associated with point-to-point and point-to-multipoint IP interfaces. Dynamic IP address allocation is supported over asynchronous paths only.
Synopsis
Asynchronous path definitions have the following general forms:
# Dialup path using static point-to-point IP interface dialup_path ip_interface ipdptpn expect_login_id user_name . . # Dialup path using dynamic point-to-point IP interface dialup_path ip_interface ipdptp* expect_login_id user_name . . # Dialup path using point-to-multipoint IP interface dialup_path ip_interface ipdn expect_login_id user_name remote_ip_addr ip_addr . . |
Keywords
Mandatory parameter for asynchronous paths. Indicates the start of an asynchronous (or dialup) path definition.
Mandatory parameter for asynchronous paths. Associates the asynchronous path with one of the point-to-point (ipdptpn) or point-to-multipoint (ipdn) IP interfaces defined in the ifconfig section of the file.
Point-to-point IP interfaces may be static or dynamic. Static point-to-point IP interfaces are identified by a number (ipdptp0, ipdptp1, ..., ipdptpn), and associate the dialup path with exactly one pair of source and destination IP addresses. For example:
dialup_path
ip_interface ipdptp0
|
Dynamic IP interfaces are used for dynamic IP address allocation on the server side, and are identified by an asterisk (ipdptp*). An interface is assigned on demand, for as long as there are interfaces available in the pool. For example:
dialup_path
ip_interface ipdptp*
|
Mandatory parameter for asynchronous paths used to initiate calls. Associates the asynchronous path with the name of one of the remote hosts defined in the file link.conf. The value name can be any character string.
Mandatory parameter for point-to-multipoint connections. Not required for point-to-point connections. Specifies the IP address of the remote host associated with the asynchronous path. The value ip_addr can be an IP address (expressed using dot notation) or a hostname that appears in the file /etc/hosts.
Mandatory parameter for asynchronous paths used to accept incoming calls. Specifies the login id expected from the remote host. This parameter is used to associate an incoming call with a specific asynchronous path; therefore each remote host must have a unique login id.
The value login can be any lowercase string, between 1 and 8 characters in length. It must correspond to the login id which appears in the relevant connect script on the remote host.
You must also create a user account with this login id, using admintool(1M). See "Adding User Accounts for Incoming Connections" for detailed instructions.
Optional parameter for point-to-point IP interfaces. When the IP interface is marked up, the route is added to the routing table automatically as the default destination. It is removed from the routing table when the IP interface is marked down. This parameter is most commonly used in client configurations--that is, links configured for outgoing calls only. It should never be used in conjunction with a routing daemon running on the machine, because this generates unnecessary network traffic.
Optional parameter for asynchronous paths. Specifies the number of seconds of inactivity that elapse before an asynchronous connection is closed automatically.
The value seconds can be any integer. The default value is 120 seconds (2 minutes). If the value seconds is set to zero, the connection remains open until closed explicitly.
Optional parameter for asynchronous paths. Enables dynamic IP address allocation at the client side only. When the value state is set to on, the client requests an IP address from a pool of interfaces assigned at the server side.
The value state can be on (enabled) or off (disabled). The default value is off.
Optional parameter for asynchronous paths. Hides the specified IP interface from the interface pool defined for dynamic IP address allocation on the server side. Can be used to reserve point-to-point IP interfaces so they can be used for synchronous connections.
Optional parameter for asynchronous paths. Accepts the IP addresses provided by the remote host, even if they differ from the IP addresses assigned to the interface locally.
The value state can be on (enabled) or off (disabled). The default value is off.
Optional parameter for asynchronous paths. Specifies the LCP asynchronous map used by the remote host. The LCP asynchronous map is a negotiated parameter that defines which control characters are transposed for transmission in PPP frames.
Control characters in the range 0x00 to 0x1f, such as CTRL-S and CTRL-Q, are used by some devices to implement software flow control. These devices may interpret the control characters transmitted in PPP frames, and close the link as a result. To avoid problems interoperating with these devices, all 32 control characters are automatically transposed for transmission, so that they appear outside of the significant range. Encoding and decoding the control characters incurs a processing overhead at both ends of the link.
The LCP asynchronous map defines which of the control characters is transposed by the remote host. A bit set to 1 in the value mask tells the remote host to transpose the corresponding control character; a bit set to zero tells the remote host to leave the control character unchanged. Provided you can predict how each device in the link will respond to the control characters it receives in PPP frames, you can tell the remote host to transpose a subset of the control characters, by specifying a different mask value. For example, a mask value of 0x0000ffff tells the remote host to transpose the first 16 control characters only.
By default, the value mask is set to 0xffffffff, which tells the remote host to transpose all 32 control characters. A value of 0x0 leaves all control characters unchanged.
Optional parameter for asynchronous paths. Indicates whether the Address and Protocol fields in the PPP frame are compressed. See Appendix A, PPP Link Operation for more information.
The value state can be on (enabled) or off (disabled). The default value is on.
Optional parameter for synchronous and asynchronous paths. Specifies the maximum receive unit (MRU) for the local machine. This parameter is carried in the LCP Configure-request frame, and sets the maximum transmission unit (MTU) for the remote host. See Appendix A, PPP Link Operation for more information.
By default, the value mru is set to 1500 bytes for Ethernet networks.
Optional parameter for synchronous and asynchronous paths. Specifies the number of seconds which elapse between consecutive LCP Configure-Request frames. Increasing the LCP restart timer may be necessary when connecting over long delay networks, such as satellite connections. See Appendix A, PPP Link Operation for more information.
The value seconds can be any integer greater than zero. The default value is 3 seconds.
Optional parameter for synchronous and asynchronous paths. Specifies the number of unanswered LCP Configure-Request frames generated before the endpoint is considered unreachable and the IP interface is marked as down. See Appendix A, PPP Link Operation for more information.
The value max_restart can be any integer in the range 1 to 255. The default value is 10. If the value max_restart is set to 255, LCP Configure-Request frames are generated periodically until the remote host finally responds.
Optional parameter for synchronous and asynchronous paths. Assigns a name to the link, which is used by ppptrace and pppstat. The value name can be any character string.
Optional parameter for synchronous and asynchronous paths. Indicates the current state of the header compression facility, which uses Van Jacobsen compression to improve performance over slow links. See Appendix A, PPP Link Operation for more information.
The value state can be vj (enabled) or off (disabled). The default value is vj.
expect_authentication mode
Optional parameter for synchronous and asynchronous paths. Indicates that the local host will request authentication from remote hosts, and the authentication protocol to be used. If authentication is enabled, remote hosts must authenticate themselves successfully, or the connection is closed.
The value mode can be off (no authentication), pap (authentication using PAP), chap (authentication using CHAP), or pap|chap (authentication using both PAP and CHAP). The default value is off.
If both PAP and CHAP are enabled, CHAP authentication is performed first. If the remote host does not support CHAP authentication, it is allowed to participate in PAP authentication only.
expect_pap_id pap_id
Mandatory parameter, if the local host requests PAP authentication. Specifies the PAP identifier expected from a remote host. The value pap_id can be any string between 0 and 255 characters in length. A zero length value is represented by: expect_pap_id ""
expect_pap_passwd pap_passwd
Mandatory parameter, if the local host requests PAP authentication. Specifies the PAP password expected from a remote host. The value pap_passwd can be any string, between 0 and 255 characters in length. A zero length value is represented by: expect_pap_passwd ""
expect_chap_name chap_name
Mandatory parameter, if the local host requests CHAP authentication. Specifies the CHAP name expected from a remote host. The value chap_name can be any string, between 1 and 255 characters in length.
chap_peer_secret chap_secret
Mandatory parameter, if the local host requests CHAP authentication. Specifies the CHAP secret that is used with the challenge value to generate the response expected from the remote host. The value chap_secret can be any string, between 1 and 255 characters in length.
send_authentication mode
Optional parameter. Indicates whether the local host will participate in authentication negotiation requested by remote hosts, and the authentication protocol used.
The value mode can be off (no authentication), pap (authentication using PAP), chap (authentication using CHAP), or pap|chap (authentication using both PAP and CHAP). The default value is off.
send_pap_id pap_id
Mandatory parameter, if the remote host requests PAP authentication. Specifies the PAP identifier sent to a remote host when it requests authentication. The value pap_id can be any string, between 0 and 255 characters in length. A zero length value is represented by: expect_pap_id ""
send_pap_passwd pap_passwd
Mandatory parameter, if the remote host requests PAP authentication. Specifies the PAP password sent to a remote host when it requests authentication. The value pap_passwd can be any string, between 0 and 255 characters in length. A zero length value is represented by: expect_pap_passwd ""
send_chap_name chap_name
Mandatory parameter, if the remote host requests CHAP authentication. Specifies the CHAP name sent to a remote host when it requests authentication. The value chap_name can be any string, between 1 and 255 characters in length.
chap_own_secret chap_secret
Mandatory parameter, if the remote host requests CHAP authentication. Specifies the CHAP secret that is used with the challenge value to generate the response sent to the remote host. The value chap_secret can be any string, between 1 and 255 characters in length.
Examples
The following asynchronous path definition shows a point-to-multipoint IP interface, and that the local host will request CHAP authentication from the remote host odyssey:
dialup_path
ip_interface ipd0
expect_login_id odyssey-login
remote_host odyssey
remote_ip_addr 129.xxx.xxx.119
inactivity_timeout 120
expect_authentication chap
expect_chap_name odyssey_name
chap_peer_secret odyssey_secret
|
The following asynchronous path definition shows dynamic IP address allocation enabled at the client side:
dialup_path
ip_interface ipdptp0
remote_host odyssey
request_ip_addr on
|
The following asynchronous path definitions show dynamic IP interfaces assigned to three dialup paths:
dialup_path
ip_interface ipdptp*
expect_login_id remote1
dialup_path
ip_interface ipdptp*
expect_login_id remote2
dialup_path
ip_interface ipdptp*
expect_login_id remote3
|
Assigning Path Defaults
The keyword defaults is used to define a list of default parameters that are applied to all subsequent synchronous and asynchronous path definitions. Any optional parameter may appear in the list of defaults. Mandatory parameters such as ip_interface or unix_device, or parameters used to create associations between files, such as remote_host or expect_login_id, must not be used as defaults.
Take care when combining defaults for both synchronous and asynchronous paths. In particular, do not attempt to enable dynamic IP addressing for synchronous paths. To avoid errors, it is better to define separate defaults for each type of path.
For example, the following path definitions show defaults set independently for both synchronous and asynchronous paths:
defaults
link_monitor on
lcp_mru 4352
sync_path
ip_interface ipdptp0
unix_device hih0
sync_path
ip_interface ipdptp1
unix_device hih1
defaults
inactivity_timeout 180
request_ip_addr on
dialup_path
ip_interface ipdptp2
remote_host server0
dialup_path
ip_interface ipdptp3
remote_host server1
|
- © 2010, Oracle Corporation and/or its affiliates