[RP-PPPoE] Beginner's questions (Shaping, Errors and Tips)
Kaszás Gergely
cheese at caesar.elte.hu
Mon Feb 24 03:57:52 EST 2014
Hello!
I've got a few questions that I can't seem to get a straight answer on
the "webs".
I'm sure that these are quite common questions, so please be patient
while reading and replying to this message even if the answer is pretty
obvious.
1.
I wish to "shape" my traffic, but can't seem to wrap my head around
using tc for each connection.
I only want to limit my ppp users upload and download speeds, but
reading lartc just confused me even more.
Has anyone succeeded in shaping traffic per connection and if you have
how did you achieve this?
2.
I often seem to get a CHAP authentication failure error, yet my server's
pppoe-server-options file has the "refuse-chap" line.
Has anyone ran into this problem? Am I doing something horribly wrong?
3.
Currently I use mschapv2 to authenticate users, but the upcoming eol of
windows xp made me think that I should move on
towards EAP-MSCHAPv2 or any EAP based auth method.
Could you point me toward a place where I could look up how to implement
this?
Here is a crude representation of my network:
(remote location) -----------------> (Router/Firewall/PPPoE server)
xxx.xxx.119.150 eth0: xxx.xxx.119.149
eth1: NC
eth2:
xxx.xxx.103.254 (/22) -------------------------->Other servers
(Including the radius server)
eth3: PPPoE
server------+
+----------------------> About 400 pppoe users (I've something that you
could say a "dumb" network. Most of my switches are "dumb". (haven't got
the basic option of vlans or any sort of features))
(Since these are valid internet addreses I hid the first two octets.)
/etc/ppp/options:
asyncmap 0
noauth
crtscts
lock
hide-password
modem
lcp-echo-interval 30
lcp-echo-failure 4
noipx
mppe-stateful
noccp
/etc/ppp/pppoe-server-options:
kdebug 7
debug
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
netmask 255.255.252.0
ms-dns xxx.xxx.100.1
ms-dns xxx.xxx.100.7
plugin radius.so
plugin radattr.so
lcp-echo-interval 20
lcp-echo-failure 3
proxyarp
defaultroute
noipdefault
noccp
nobsdcomp
novj
And the command:
/usr/sbin/pppoe-server -I eth3 -N 10000 -T 300 -L xxx.xxx.103.254 -k -x 1
More information about the RP-PPPoE
mailing list