This chapter contains procedures and information for configuring PPP. The example used in the text is for the configuration with both types of PPP links-- remote hosts and their multipoint dial-in server. Chapter 11, Tailoring Your PPP Link, contains information for setting up other PPP configuration types.
You have completed the preinstallation activities noted in Chapter 8, Preparing Your PPP Configuration. Now you can begin PPP configuration.
PPP requires that you:
Install the PPP software, if it isn't already installed.
Edit the /etc/inet/hosts files on all machines involved.
Edit the UUCP database files for all dial-out machines.
Edit the /etc/passwd and /etc/shadow files for the dial-in machine.
Edit the /etc/asppp.cf file on each machine on the link.
Start the link manager aspppd on each machine on a link.
Verify that PPP is running successfully.
Although you don't have to perform Tasks 1-4 in order, you must complete them before you can edit the PPP-configuration file.
The sections in this chapter explain the procedures for configuring PPP.
The PPP software is automatically included when you run the Solaris installation program and select the entire distribution. If you did not select the entire distribution, you need to install PPP as a separate package.
Before proceeding further, you must check that the Solaris version of PPP is installed on all machines to be involved in the PPP link. On each endpoint involved in the link, type:
# pkginfo | grep ppp |
If PPP is installed, the following package names are displayed:
SUNWpppk # Contains kernel modules SUNWapppu # Contains the link manager and login service SUNWappp # Contains configuration files |
If PPP is not installed on an endpoint system, install it using either the pkgadd program or admintool software manager.
When using pkgadd to install PPP, you must install the packages in the order listed in the preceding screen box.
Refer to System Administration Guide for more information about pkgadd and admintool software manager.
This and the following sections show you how to edit the appropriate files to support the most common PPP configuration: remote hosts and their dial-in server. Figure 9-1 illustrates the configuration used as the example for this chapter. It depicts three remote machines (nomada, nomadb, nomadc) and their dial-in server nubian, which compose the network 192.41.43. This is a separate network from the local area network 192.41.40, to which dial-in server nubian is directly attached. Network 192.41.40 runs NIS as its name service.
The IP number shown for each remote host is the address of its PPP network interface. However, the dial-in server has a specially created IP address for the PPP interface, 192.41.43.10, in addition to the IP address for its primary network interface, 192.41.40.45.
After ensuring that PPP is installed on every machine involved in your configuration, your next task is to edit the /etc/inet/hosts files on each machine. You must add host information to the hosts database for every machine on the other end of the PPP link that the local machine needs to communicate with.
You must update /etc/inet/hosts regardless of the name service in use on the physical network. This is necessary because PPP starts before the name service daemons during the booting process.
Become superuser and prepare to edit the /etc/inet/hosts file.
Add an entry with the IP address and host name of the PPP network interface for the dial-in server on the other end of the link.
In Figure 9-1, nomada must have in its /etc/inet/hosts file an entry with the IP address for dial-in server nubian's PPP network interface. This is true also for the /etc/inet/hosts files for nomadb and nomadc.
Add entries with the IP addresses of any machines on the dial-in server`s physical network that the remote host can remotely log in to.
The /etc/inet/hosts file on nomadc would look like:
# Internet host table # 127.0.0.1 localhost loghost 192.41.43.3 nomadc 192.41.43.10 nubian-ppp 192.41.40.20 nismaster |
Update the databases on the name server (if the network has one) with the host names and IP addresses of the remote hosts.
Multipoint dial-in servers must have a unique IP address for the PPP interface, besides the local IP address for the primary network interface. When configuring the hosts database for the dial-in server, you need to perform the following procedure.
Add an entry with the IP address for the PPP interface to the /etc/inet/hosts file for the dial-in server.
For example, the /etc/hosts file on dial-in server nubian in Figure 9-1 would have the following entries.
# Internet host table # 127.0.0.1 localhost loghost 192.41.43.10 nubian-ppp 192.41.40.45 nubian |
For configurations where the server's physical network does not use a name service:
Add a new network number to the dial-in server's /etc/inet/networks file for the network that consists of the server and its remote hosts.
Refer to "Assigning a Network Number to the PPP Link" for more information.
Before a machine can dial out over the PPP link, you must edit these files in its UUCP database:
/etc/uucp/Devices
/etc/uucp/Dialers
/etc/uucp/Systems
You must edit these files for remote hosts serving as PPP dial-out machines. Additionally, you must edit these files on the dial-in server if it is to dial out to the remote hosts (a requirement for multipoint dial-in servers). Chapter 12, UUCP Databases and Programs, describes these files in detail.
The /etc/uucp/Devices file must contain entries for every communications device that a particular host uses or must know about. For example, if a machine uses a US Robotics V.32bis modem as part of the PPP link, you should ensure that /etc/uucp/Devices has an entry similar to the following:
# Use these if you have a USrobotics V.32bis modem on Port B. ACUEC cua/b - 9600 usrv32bis-ec ACUEC cua/b - 19200 usrv32bis-ec ACUEC cua/b - 38400 usrv32bis-ec |
Be sure that the Devices file on each PPP endpoint machine has an entry describing its modem. For more information about /etc/uucp/Devices, refer to "/etc/uucp/Devices File".
The /etc/uucp/Dialers file must have an entry describing the conversation with the modem attached to your PPP endpoint machine. Here is a sample entry for a US Robotics V.32bis modem that is part of a PPP link:
usrv32bis-ec =,-, "" \dA\pT&FE1V1X1Q0S2=255S12=255&A1&H1&M5&B2\r\c OK\r \EATDT\T\r\c CONNECT\s14400/ARQ STTY=crtscts |
The first parameter in the entry, usrv32bis, corresponds to the last parameter in the /etc/uucp/Devices file, linking them together. The remainder of the entry describes the characters that the modem sends, those that it expects to receive, and so on. Table 12-6 defines the control codes used in the Dialers file.
Be sure that an entry is in the Dialers file for the modem attached to each dial-out endpoint on your link. If you are unsure of the correct conversation for a particular modem, refer to the System Administration Guide and the operating manual for the modem.
The /etc/uucp/Systems file contains entries for every machine to which the local host can dial out. Information in an entry might include the remote host's phone number, the line speed, and so on. Here is an example that host nomadb in Figure 9-1 might have for its dial-in server:.
nubian-ppp Any ACUEC 38400 5551212 "" P_ZERO "" \r\n\c login:-\r\n\c-login:-\r\n\c-login:- EOT-login: bnomad password: Secret-Password |
The first field gives the server's host name, nubian-ppp, a value used by the asppp.cf file keyword peer_system_name. ACUEC and 38400 refer to the device and speed, and are used to select an entry from the /etc/uucp/Devices file. The remaining information includes the phone number of the machine that nomadb wants to dial in to, the login name that nomadb is using to log in, and so on. "/etc/uucp/Systems File" fully defines the parameters you need to supply to the Systems file.
On each remote host in your configuration, you must add an entry for its dial-in server. You can have additional entries in the /etc/uucp/Systems file for other machines to which the host can dial out for UUCP communications and for other PPP dial-in servers.
If the dial-in server also directly dials out to remote hosts, you must add entries to its Systems file describing each of these remote hosts.
To configure a dial-in server, you must also edit the /etc/passwd and /etc/shadow files.
You must add entries to the /etc/passwd file on the dial-in server for each user on a remote host authorized to log in to the server. When a remote host calls the dial-in server, it reads its UUCP databases and passes the server a user name or user ID for the host initiating the call. The server then verifies this user information in its /etc/passwd file.
If the user's password is authenticated, the server then logs the user in to a special shell for PPP hosts, /usr/sbin/aspppls. The server gets this information from the login shell entry in its /etc/passwd file. Using the example in Figure 9-1, dial-in server nubian might have the following entries in its /etc/passwd file:
bin:x:2:2::/bin: sys:x:3:3::/bin: uucp:x:5:5::/usr/lib/uucp: nuucp:x:9:9::/var/spool/uucppublic:/usr/lib/uucp/uucico news:x:6:6::/var/spool/news:/bin/csh sundiag:x:0:1:System Diagnostic:/usr/diag/sundiag:/usr/diag/sundiag/sundiag lily:x:20:99:Dial-in Operator:/home/nubian/lily:/bin/csh nomada:x:21:99:R. Burton:/:/usr/sbin/aspppls nomadb:x:22:99:T. Sherpa:/:/usr/sbin/aspppls nomadc:x:23:99:S. Scarlett:/:/usr/sbin/aspppls |
Refer to System Administration Guide for information about the /etc/passwd file.
In addition to the information in the /etc/passwd file, you update the /etc/shadow file with the passwords for the login names used by each endpoint machine permitted to dial in to the server. For more information, refer to System Administration Guide.
The /etc/asppp.cf configuration file provides the PPP link manager on one endpoint machine with information about the machine on the other end of the link--or the machines on the other end of a multipoint (or dynamic point-to-point) link. When the machine boots, the link manager uses this information to establish and maintain communication with a remote endpoint.
The basic asppp.cf configuration file must contain at least two main sections: an ifconfig line and at least one path section. It can also contain a defaults section, which you use when you want to set the default values for an endpoint. (Refer to Chapter 11, Tailoring Your PPP Link, for a description of keywords used in the defaults section.)
Example 9-1 shows a basic configuration file such as you would create for a remote host to establish a point-to-point link with a dial-in server.
ifconfig ipdptp0 plumb nomada nubian-ppp up path interface ipdptp0 peer_system_name nubian-ppp # The name in the /etc/uucp/Systems file inactivity_timeout 300 # Allow five minutes before timing out |
The asppp.cf file must contain an ifconfig section with this syntax:
ifconfig interface-number plumb local-machine remote-machine up
Here is a description of the fields:
ifconfig - Tells the link manager to run the ifconfig command and begin configuring the PPP interface.
interface-number - Identifies the PPP interface ipdptpn for a point-to-point link or ipdn for a multipoint link. (Replace the n with the number of the interface.)
plumb - Option of ifconfig that enables IP to recognize the interface.
local-machine - Gives the name of the local endpoint, which can be the local host name or IP address.
remote-machine - Gives the name of the remote endpoint, which can be the remote host name or IP address.
up - Option of ifconfig that marks the interface just described as "up".
The link manager first runs the ifconfig command on the local machine to configure the ipdptp0 point-to-point interface. The zero in ipdptp0 gives the device number of the interface. The plumb option performs various activities necessary for IP to recognize the ipdptp0 interface. nomada is the name of the local host. nubian-ppp is the name of the dial-in server to which nomada connects through the point-to-point link. The ifconfig option up marks the ipdptp0 interface as up.
For more information about ifconfig, see Chapter 10, Troubleshooting PPP, and the ifconfig(1M) man page.
The path section of the configuration file tells the link manager the name of the remote endpoint and the name of the interface linking the endpoint machines. At a minimum the path section should contain the following lines:
path interface interface-number peer_system_name endpoint-name |
This keyword defines the PPP interface (either ipdptpn or ipdn). In Example 9-1, the following information appears in the path section:
interface ipdptp0 peer_system_name nubian-ppp |
The interface keyword identifies ipdptp0 as the point-to-point interface that local endpoint nomada uses to communicate with the remote endpoint in the manner described in this path section. It associates the peer_system_name with the interface.
On a dial-out machine such as a remote host, the peer_system_name keyword takes the host name of the remote endpoint as its argument. This is the name of the remote endpoint given in /etc/uucp/Systems. The name need not be the same as the host name on the corresponding ifconfig line.
The argument to the peer_system_name keyword for a dial-in server has a different value. See "Configuration File for Multipoint Dial-in Server" for details.
In Example 9-1, peer_system_name identifies dial-in server nubian-ppp as the remote endpoint at the other end of this link. When the link manager reads the asppp.cf file, it then looks for the entry for nubian-ppp in the /etc/uucp/Systems file. (Recall that the Systems file contains information about how to set up communications with the remote endpoint, including that machine's telephone number. Refer to "Updating /etc/uucp/Systems for PPP".)
The inactivity_timeout keyword is optional. It tells the link manager that the link can remain inactive for the interval designated. When that interval is passed, the link manager knows to automatically disconnect the link. The default interval is two minutes; you do not have to use inactivity_timeout unless you require a different inactivity interval.
You can supply other keywords in the asppp.cf file to define how endpoint machines should communicate. Chapter 11, Tailoring Your PPP Link, has complete information about these keywords.
The asppp.cf configuration file for a multipoint dial-in server contains the same basic sections as that for a point-to-point link: an ifconfig section, at least one path section, and, if desired, a defaults section.
Example 9-2 shows a configuration file for the dial-in server nubian introduced in Figure 9-1.
ifconfig ipd0 plumb nubian-ppp up path interface ipd0 peer_system_name tamerlane # The user name this remote # machine logs in with when it # dials this server peer_ip_address nomada # nomada is a remote machine that # dials in to this server # nomadb is another remote machine that dials in to nubian path interface ipd0 peer_system_name lawrence peer_ip_address nomadb # nomadc is another remote machine that dials in to nubian path interface ipd0 peer_system_name azziz peer_ip_address nomadc |
The ifconfig section for a multipoint dial-in server has a slightly different syntax than that for a point-to-point link. This syntax is:
ifconfig ipdn plumb server-name up
The major difference is that no destination end points are listed as arguments to ifconfig. Instead, the link manager picks up this information from the path section of the asppp.cf file.
In Example 9-2, the link manager first runs the ifconfig command on the dial-in server to configure multipoint interface ipd0. The zero in ipd0 gives the device number of the interface. The option plumb performs various activities necessary for IP to recognize the ipd0 interface. The ifconfig option up marks interface ipd0 as up.
You may have to supply a netmask + parameter on the ifconfig line if you use subnetting.
The path section of the asppp.cf file tells the link manager the name of the remote endpoint and the name of the interface linking the endpoint machines. However, on a multipoint dial-in server, you can include more than one path section. Additionally, some of the arguments to the keywords are used differently with multipoint links.
path interface interface-number peer_system_name endpoint-username peer_ip_address endpoint-hostname |
You need to define a path section for each nomadic endpoint with which the dial-in server can establish connections.
For a multipoint dial-in server, the interface keyword defines the PPP interface ipdn. You must specify the same PPP interface in the path section for every endpoint that communicates with the server through this interface.
The peer_system_name keyword takes a slightly different argument for a dial-in machine than a dial-out machine. For a dial-in server, this argument is the login name used by the remote host when it tries to establish communications with the server. This user name must already be present in the server's /etc/passwd file. When the login service reads this name, it verifies the user name in the /etc/passwd and /etc/shadow files enabling communications.
In this excerpt from Example 9-2:
path interface ipd0 peer_system_name scarlett peer_ip_address nomadc |
the argument to peer_system_name is scarlett, indicating that when nomadc logs in to nubian-ppp, it uses the login name scarlett.
The peer_ip_address keyword is required for multipoint links. It takes the host name or IP address of the remote endpoint as its argument. The example above uses the host name nomads as the argument to keyword peer_ip_address.
You can supply other keywords in the asppp.cf file to define how endpoint machines should communicate. Refer to Chapter 11, Tailoring Your PPP Link, for a complete list of keywords.
Separate keywords in the configuration file by white space (blanks, tabs, and new lines).
Use a # sign before all character strings meant as comments. All characters placed between a # sign and the next new line are considered comments and ignored.
There are no other format requirements for the placement of the keywords in the file.
Become superuser on one endpoint machine and change to the /etc directory.
Edit the generic asppp.cf file to add the information defining the PPP link for this machine.
Save the file, making sure the permissions are set to 600.
Change to the /etc directories on the remaining endpoints and repeat Steps 2 and 3.
After you have completed installing PPP on every machine involved in your configuration, you can add either PAP or CHAP levels of security for the PPP link by modifying the asppp.cf file. Refer to "Editing asppp.cf for PAP/CHAP Security".
You can start PPP either automatically, at boot time, or manually from the command line.
You can start PPP manually, although this is not normally required.
# ps -e | grep asppp |
The resulting output from grep should list the aspppd daemon, indicating that PPP is running.
If you do get results, verify that you can reach the remote PPP link by typing:
# ping remote-host 300 |
This version of ping sets a timeout value of 5 minutes (300 seconds). You should receive output similar to remote-host is alive. If you receive a different notice, such as remote-host unreachable, route configuration has failed.
Check for errors in the configuration process by examining the log file.
# tail /var/adm/log/asppp.log |
The asppp.log contains error messages if any errors were encountered during configuration.
See Chapter 10, Troubleshooting PPP, for information on troubleshooting and problem solving.