Re: Unstable PPPoE
Timothy Wilson wrote: /etc/hostname.pppoe: inet 0.0.0.0 255.255.255.255 NONE pppoedev url0 authproto auto authname 'user' authkey 'pass' up dest 0.0.0.1 !/sbin/route/ add default -ifp pppoe0 0.0.0.1 echo up /etc/hostname.url0 Please feel free to give suggetions to my pf.conf etc! Hi Timothy, I'm recently setting up my box to do pppoe as well, and I found your hostname.pppoe not working at all, unless I changed authproto to pap. auto isn't even supposed to work. Here's what man ifconfig says: authproto proto Set the PPP authentication protocol on the specified interface acting as a client. The protocol name can be either `chap', `pap', or `none'. In the latter case, authentication will be turned off. I'm wondering why your box goes online at all? Regards, Dorian
Unstable PPPoE
Hello ladies and gentlemen! I'm having a frustrating problem. My internet is highly unstable when using bit torrent. I don't think there's anything special about my configuration: my gateway is a craptop with inbuilt Intel ethernet and a url0 USB ethernet for the modem. The connection is bridged, using pf (obviously) for routing / firewall and kernel PPPoE for dialing via my bridged netcomm nb5+. Basically, when I try to use bit torrent the connection dies after about 20mins. The kernel PPPoE daemon doesn't bring it back up. In fact, even doing #sh /etc/netstart doesn't bring it back up. The only way to bring it back up is via a reboot :( Very frustrating. It also takes about 10-15mins to reconnect; surely that's a bit too long, even for PPPoE? I know this isn't a problem with my ISP as I've always been able to download bt stably when I was using the modem in router mode. I thought it might have been an MTU problem, but I'm using the mss fix in /etc/pf.conf, so I don't think it's that. I played around with a few values just to be sure, but I'm open to suggestions. I'll post my dmesg, /etc/pf.conf and /etc/hostname.pppoe. If there's anything else I should send, please let me know! /etc/pf.conf: # Timothy's PF.conf, running on failtop # My fun as ports! # # Bit torrent shitbox_bt = 6881 craptop_bt = 6882 failtop_bt = { 6883, 6884, 6885, 6886 } # SSH shitbox_ssh = 22 craptop_ssh = 24 failtop_ssh = 25 # VoIP johnbox_voip= { 3478, 5060, 8000, 8001 } # Macro fun!!! #tcp_services = { www, ssh, domain, auth } udp_services= { domain, ntp, 3478, 5060, 8000, 8001 } #look at adding NTP for clients allow_out = { 1863, 6969, www, ftp-data, ftp, ssh, domain, pop3, smtp, auth, http, https, 446, 8080 } icmp_types = { echoreq, unreach } bt_pass = { 6881,6880,6882,6883, 6884, 6885, 6886 } # Fun fun interfaces ext_if = pppoe0 int_if = fxp0 local = $int_if:network outside = $ext_if:network #ftpProxy = 127.0.0.1 # IP Map (lots of fun) shitbox_ip = 192.168.1.10 craptop_ip = 192.168.1.3 failtop_ip = 192.168.1.55 johnbox_ip = 192.168.1.8 martians= { 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \ 10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \ 0.0.0.0/8, 240.0.0.0/4 } # Normalisation fun! scrub in #all scrub out on pppoe0 max-mss 1440 # Fun fun rules! # # NAT section nat on $ext_if from $local to any - ($ext_if) nat-anchor ftp-proxy/* rdr-anchor ftp-proxy/* rdr on $int_if proto tcp from any to any port 21 - 127.0.0.1 port 8021 # Services # #Squid rdr on $ext_if proto tcp from $ext_if:network to any port www - $failtop_ip port 3128 # Outside users! # Redirect Bit Torrent rdr on $ext_if proto {udp,tcp} from any to $ext_if port $shitbox_bt - $shitbox_ip rdr on $ext_if proto tcp from any to $ext_if port $craptop_bt - $craptop_ip rdr on $ext_if proto {udp,tcp} from any to $ext_if port $failtop_bt - $failtop_ip # Redirect SSH rdr on $ext_if proto tcp from any to $ext_if port $shitbox_ssh - $shitbox_ip rdr on $ext_if proto tcp from any to $ext_if port $craptop_ssh - $craptop_ip rdr on $ext_if proto tcp from any to $ext_if port $failtop_ssh - $failtop_ip # Redirect VoIP rdr on $ext_if proto {tcp, udp} from any to $ext_if port $johnbox_voip - $johnbox_ip # Local users! # Redirect SSH rdr on $int_if proto tcp from $local to $ext_if port $shitbox_ssh - $shitbox_ip rdr on $int_if proto tcp from $local to $ext_if port $craptop_ssh - $craptop_ip rdr on $int_if proto tcp from $local to $ext_if port $failtop_ssh - $failtop_ip # Fun fun filtering section antispoof for $ext_if antispoof for $int_if block drop in quick on $ext_if from $martians to any block drop out quick on $ext_if from any to $martians block return pass from { lo0, $local } to any keep state # Fun FTP allow fun anchor ftp-proxy/* pass out proto tcp from 127.0.0.1 to any port 21 # Fun services for everyone to be passed out # Allow outgoing dns, needed by pfctl to resolve names. pass out proto tcp to any port $allow_out pass proto udp to any port domain # Allow BitTorrent pass inet proto { tcp, udp } to $shitbox_ip port $bt_pass flags S/SA keep state (max-src-conn 500) pass inet proto { tcp, udp } to $failtop_ip port $bt_pass flags S/SA keep state (max-src-conn 500) #pass proto tcp from $local to any port $allow_out pass quick inet proto { tcp, udp } to any port $udp_services keep state # Let ICMP traffic from local as well as outside pass inet proto icmp all icmp-type $icmp_types keep state # Traceroute pass out on $ext_if inet proto udp from any to any port 33433 33626 keep state # Pass our BT and SSH fun fun packets pass proto tcp from any to $shitbox_ip port $shitbox_bt pass proto tcp from any to $shitbox_ip port $shitbox_ssh pass proto tcp from any to $craptop_ip port $craptop_bt pass proto tcp from any to $craptop_ip port $craptop_ssh pass proto tcp from any to $failtop_ip port $failtop_bt pass proto tcp from
Re: Unstable PPPoE
On 7/27/07, Timothy Wilson [EMAIL PROTECTED] wrote: I'm having a frustrating problem. My internet is highly unstable when using bit torrent. I don't think there's anything special about my configuration: my gateway is a craptop with inbuilt Intel ethernet and a url0 USB ethernet for the modem. The connection is bridged, using pf (obviously) for routing / firewall and kernel PPPoE for dialing via my bridged netcomm nb5+. Basically, when I try to use bit torrent the connection dies after about 20mins. The kernel PPPoE daemon doesn't bring it back up. In fact, even doing #sh /etc/netstart doesn't bring it back up. The only way to bring it back up is via a reboot :( Very frustrating. It also takes about 10-15mins to reconnect; surely that's a bit too long, even for PPPoE? I know this isn't a problem with my ISP as I've always been able to download bt stably when I was using the modem in router mode. I thought it might have been an MTU problem, but I'm using the mss fix in /etc/pf.conf, so I don't think it's that. I played around with a few values just to be sure, but I'm open to suggestions. dmesg: pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO pppoe0: received unexpected PADO url0: usb error on tx: TIMEOUT pppoe0: LCP keepalive timeout Based on your dmesg, it appears this might be related to url0whether it's the hardware, driver or something associated, I don't know. You might want to try another Ethernet connection. FWIW, I've never been a fan of USB Ethernet.
Re: Unstable PPPoE
Hello ladies and gentlemen! I'm having a frustrating problem. My internet is highly unstable when using bit torrent. I don't think there's anything special about my configuration: my gateway is a craptop with inbuilt Intel ethernet and a url0 USB ethernet for the modem. The connection is bridged, using pf (obviously) for routing / firewall and kernel PPPoE for dialing via my bridged netcomm nb5+. I suspect it is a problem with your modem. Have you tried replacing it? I have seen modems lock up on bittorrent/mule traffic. Usually bridge mode prevents this, but I have no experience with your particular modem. Basically, when I try to use bit torrent the connection dies after about 20mins. The kernel PPPoE daemon doesn't bring it back up. In fact, even doing #sh /etc/netstart doesn't bring it back up. The only way to bring it back up is via a reboot :( In your case, reboot == disconnect + connect USB ethernet, it may even reset the modem if it is powered by USB. Perhaps you can just unplug/replug your USB ethernet cable and see if this removes the need to reboot? It may also be a problem with the url0 ethernet driver. Very frustrating. It also takes about 10-15mins to reconnect; surely that's a bit too long, even for PPPoE? This is expected since your ISP does not know you terminated the old session. Thus you are waiting for it to timeout before your ISP would let you establish a new one. You can compile a kernel with PPPOE_TERM_UNKNOWN_SESSIONS (see pppoe(4)) to have pppoe terminate the old session. I know this isn't a problem with my ISP as I've always been able to download bt stably when I was using the modem in router mode. I thought it might have been an MTU problem, but I'm using the mss fix in /etc/pf.conf, so I don't think it's that. I played around with a few values just to be sure, but I'm open to suggestions. What you describe is not related to MSS/MTU I'll post my dmesg, /etc/pf.conf and /etc/hostname.pppoe. If there's anything else I should send, please let me know! After you have tried the above suggestions, and if the problem is NOT in url(4) driver and/or the modem you can enable debugging on the pppoe0 interface 'ifconfig pppoe0 debug' and/or use tcpdump on the ethernet interface to examine pppoe packets. Check the archives for details. -- In theory, there is no difference between theory and practice. But, in practice, there is.
Re: Unstable PPPoE
it's the hardware, driver or something associated, I don't know. You might want to try another Ethernet connection. FWIW, I've never been a fan of USB Ethernet. url works surprisingly well, but I didn't like aue much. All luck of the draw with cheap ebay vendors though :)