Chapter 15. PPPoE configuration

Revision History
Revision 0.42004-05-04ES
Update for leaf.cfg
Revision 0.32004-03-05ES
Update for Bering-uClibc
Revision 0.22002-04-14EW
corrected and edited
Revision 0.12002-03-15EW
initial revision

Table of Contents

Step 1: Declare the ppp and pppoe packages


We assume here that you want to connect your LEAF router to the Internet via an ADSL PPPoE connection. What is described here corresponds to section 3.2.3 of the DSL How-To document. Your ADSL modem is supposed to be connected to eth0, while the traffic to your internal network goes through eth1.

The PPP-Howto and the DSL-Howto are two useful references for this section.

Comments on this section should be addressed to its maintainer: Eric Spakman .

Step 1: Declare the ppp and pppoe packages

Those two packages are provided on the standard Bering-uClibc floppy disk, but are not activated by default.

Boot a Bering-uClibc floppy image. Once the LEAF menu appears get access to the linux shell by (q)uitting the menu. Edit the lrpkg.cfg (pre Bering-uClibc-2.2.0) or leaf.cfg (Bering-uClibc-2.2.0 onwards) file and REPLACE the dhcpcd entry by ppp,pppoe in the list of packages to be loaded at boot. Check the Bering-uClibc Installation Guide to learn how to do that.

Step 2: Declare the ppp and pppoe modules

In order to have a PPPoE connection working, you need to have ppp and pppoe support enabled through the appropriate kernel modules. You also need to declare the driver(s) module(s) of your network card(s). In the following example, we assume that both ethernet interfaces are provided through a standard ne 2000 PCI card.

All the modules which are necessary for a PPPoE connection are provided on the standard Bering-uClibc floppy. You just need to "declare" them since they are not loaded by default. As far as your network cards are concerned, the most popular driver modules are provided in /lib/modules but you might need to download the one corresponding to your own hardware from the Bering-uClibc modules download area. Refer to the Bering-uClibc Installation Guide to learn how to do that.

To declare your modules, go to the LEAF Packages configuration menu and choose modules. Enter 1) to edit the /etc/modules file and enter the following information:

# 8390 based ethernet cards

# Modules needed for PPP/PPPOE connection

# Masquerading 'helper' modules


The /etc/modules file provided in the Bering-uClibc distro is already setup with those entries commented out. Just remove the leading # sign to activate the corresponding module.

Backup the modules.lrp package.

Step 3: Configure ppp

In the normal situation, you won't have to do anything here, the ppp is preconfigured for the standard situation.

Connection with your ISP will be handled by PPP. The PPP Howto document will give you very detailed information about this protocol and how to set-up its numerous parameters.

Please refer to the Serial Modem configuration section of this user's guide to learn how to configure your ppp package.

The default options provided with the ppp.lrp should work and if you are not familiar with ppp leave them at first. After you get a connection you can "fine tune" your setup.

Step 4: Configure pppoe

Through the LEAF Package configuration menu choose pppoe. The following menu will appear:

                        pppoe configuration files

        1) DSL pppd options

  q) quit

Entry 1) allows you to adjust the parameter of your ppp connection through the /etc/ppp/peers/dsl-provider file. The most important argument is the user parameter which defines your login name.

Replace the field following the user statement in the /etc/ppp/peers/dsl-provider [ "" ] by the login name provided by your ISP.

# Configuration file for PPP, using PPP over Ethernet
# to connect to a DSL provider.
plugin /usr/lib/pppd/

# MUST CHANGE: Uncomment the following line, replacing the
# by the DSL user name given to your by your DSL provider.
# (There should be a matching entry in /etc/ppp/pap-secrets with the password.)
user ""


Through the LEAF packages configuration menu get access to ppp configuration. The following menu will show-up

                        ppp configuration files

        1) ISP pppd options
        2) ISP login script
        3) System wide pppd options
        4) chap secret
        5) pap secret
  q) quit

Entry 5) allows you to edit the /etc/ppp/pap-secrets. Enter in this file the login and password provided by your ISP. Your login name must EXACTLY match the one given in the previous /etc/ppp/peers/dsl-provider file. If you have special characters in secret or username, you should put them in quotes

# This is a pap-secrets file
#papname * papsecret
"" * "secretfoo"

Backup both pppoe and ppp packages.

Step 5: Configure your interfaces file

Trough the LEAF configuration menu type 1 to access to the network configuration menu and 1 again to edit your /etc/network/interfaces file. Enter the following information:

auto lo ppp0 eth1

iface lo inet loopback

iface ppp0 inet ppp
        pre-up ip link set eth0 up
        provider dsl-provider eth0

iface eth1 inet static

In this /etc/network/interfaces file the lo, ppp0 and eth1 interfaces are brought up automatically when the ifup -a statement is executed at boot time by the /etc/init.d/networking script.

The "iface ppp0 inet ppp" says:

  • Execute the "ip link set eth0 up" command BEFORE ppp0 is activated (pre-up statement)

  • Execute the /sbin/pon dsl-provider eth0 script to establish the PPPoE connection. The dsl-provider file used as input by /sbin/pon is provided in the pppoe.lrp package.

The "iface eth1 inet static" defines the internal address of the router.

Backup the etc.lrp package.

Step 6: Configure Shorewall

Through the LEAF packages configuration menu, choose shorwall and check the three following files:

A) The interfaces file (entry 3) defines your interfaces. Here connection to the net goes through ppp0. So we must set:

net     ppp0            -		routefilter
loc     eth1            detect          routestopped


Do not forget the "-" under the BROADCAST heading for the net/ppp0 entry.

B) The masq file (entry 7). With a dial-up modem setup it should look like:

#INTERFACE              SUBNET
ppp0                    eth1

C) You may also need to edit the config file (entry 12) to adjust the CLAMPMSS variable to "yes":

# Set this variable to "Yes" or "yes" if you want the TCP "Clamp MSS to PMTU"
# option. This option is most commonly required when your internet
# interface is some variant of PPP (PPTP or PPPoE). Your kernel must
# If left blank, or set to "No" or "no", the option is not enabled.

Backup the shorwall.lrp package.

Step 7: Reboot...

Your modem connection should be established automatically. Type plog to check the login sequence with your ISP. If there is no output check the various logs in /var/log/ to get a clue on potential problems.

An example: a PPPoE connection with a two PCMCIA cards setup

C. Hostelet is using an old laptop as a Bering-uClibc router. His hardware configuration consists of one HP Omnibook 3000 laptop (Pentium 233Mhz, 144MB Ram, CD-Rom drive module, no floppy, no HDD), one Xircom CEM56 Modem/ethernet PCMCIA card and one 3Com 3C589 PCMCIA card. The connection to the net is provided through the first PCMCIA card connected to an Alcatel SpeedTouch Home ethernet modem which gives him access to France Telecom "Netissimo" ADSL service. The connection to the local network is done trough the second PCMCIA card.

Here is his /etc/network/interfaces file:

auto lo

iface lo inet loopback

iface eth0 inet static
	up pon dsl-provider eth0
	up shorewall restart
	down shorewall stop
	down poff

iface eth1 inet static
	up /etc/init.d/dnscache restart
	down /etc/init.d/dnscache stop

Only lo is brought up automatically at boot time. eth0 and eth1 are brought up by the PCMCIA cardmgr program which calls the /etc/pcmcia/network script.

The connection with the Alcatel speedtouch modem is done through the eth0 interface at address

Once the eth0 interface is up the pppd daemon is called by the pon script. Shorewall must then be restarted since eth0 was not available at boot time

Once the eth1 interface is up we restart dnscache which could not start at boot time since eth1 was not available.