|
Last
revision of this document: |
This document describes the installation of a pptp-Client for a xDSL-connection using an USB-modem.
With
the separation of Telecom-Access-Provider (having a monopoly over the
cables in a certain area) and Internet-Service-Provider (ISP,
offering connection to the internet, providing mailboxes and
webspace), the Telecom-Access-Provider needs an instrument to
identify to which ISP the TCP/IP-packets should be forwarded and to
wrap the throughpassing packets in a way that they retain their
information.
To achieve these goals, the TCP/IP-packets are
transported using the pptp (Point to Point Tunneling Protocol).
Alternatively to xDSL-Ethernet-modems, Telecom-Access-Providers offer USB-modems. Those are often included in 'self-install' packages and are delivered with a much lower subscription fee than Ethernet-modems - or even for free.
The
setup is specific for ADSL of Telekom Austria - but might work with
other Telekoms using pptp.
It was tested with an
Alcatel-SpeedTouch-USB modem of the first generation - the 'green
flounder'.
I did not test the successing models (now sold by
Thomson) – but there is a Web-site dealing with numerous models
of the modem. The reference to this Web-site is further down when
this document deals with the installation of the USB-modem..
Credits:The
anonymous authors of The
Linux Kernel Speedtouch Driver for Fedora Core 3 and
related topics.
Additional hints I derived from Heimo Schöns
HOWTO (http://howto.htlw16.ac.at/at-highspeed-howto.html
- in german) particularly the hint of
Martin Großhauser how to start / restart the connection using
crontab.
Preface:To
find guidance in the internet was a pretty painful task. There were a
lot of descriptions from early adoptors (starting with early Linux
2.4.2 kernels) - and all of them had broken links to requiered
drivers.
After
hours of effortless trials, I decided to upgrade the router to a
Linux
with Fedora Core 3.
By
the way, this kernel runs pretty well on a machine with a 200 MHz
Pentium I and 64 MB RAM.
It has already built-in-support for
USB-hardware and 'USB-hotplug'.
'USB-hotplug' detects the
connection or disconnection of an USB-device and tries to load the
fitting driver (called 'firmware').
The operating-system has also
built-in support for 'ppp over ATM' (point-to-point-protocol over
Asynchronous-Transfer-Mode connections - temini technici a
telecom-engineer can explain in a little bit less than a month).
So
Linux
Fedora Core 3 takes
a lot of work away from you and and leave over the installation of
the correct firmware and the editing of the configuration-file
specific to your Telecom- and ISP-providers.
Operating-system
installed ;-).
The operating-system must be a Linux
Fedora Core 3
Firewall
including IP-forwarding and Native-Address-Translation installed
(see Linux**
- Firewall and Masquerading).
This
is a prerequisite only if installing the pptp-Client on a router.
Logged on as user root.
Intermediate
test:To check, if the modem is recognized by the 'USB hotplug', unplug it from the USB-connector and replug it.
At
least the USB-light should be green and on the terminal you should
see - amongst others - a message similar like this:
usb
1-2: no stage 1 firmware found
If GNOME is already started, you will see the messages in the log-file; it can be displayed by entering dmesg | tail on the command line of a Terminal-window.
Installation-instruction:Guidelines
for downloading and extracting the firmware can be found on The
Linux Kernel Speedtouch Driver for Fedora Core 3
For
my early revision SpeedTouch modem, I found a misleading description
(Juli 2006) on the above site;
the correct procedure was described
on Extracting
the Firmware.
There
is an excellent description how to identify your modem, download the
necessary files and install it.
My description would not be better
for this complex topic.
|
Correction
(October 2006): I
decided to search for a binary version and found out, that for my
RedHat Fedore there is a rpm-package available. |
After
extracting the firmware for my 'green flounder', I got the following
confirmation output on the console:
**
Boot block from mgmt.o:
CRC:
0xd80bf9f7
Length: 991 **
Firmware block from mgmt.o:
CRC:
0x94a45435
Length: 526187
Next,
move the two extracted files to the directory where Fedora keeps the
firmware for attached devices: mv
speedtch-1.bin /lib/firmwaremv
speedtch-2.bin /lib/firmware
Intermediate
test:To check, if the modem is loading the firmware, unplug the modem from the USB-connector and replug it.
After
about 10 seconds, the ADSL-light should start blinking green with
spurious red flashes and on the terminal you should see - amongst
others - the message:
ADSL
line is synchronising
If
GNOME is already started, you will see the messages in the log-file;
it can be displayed by entering dmesg
| tail on the command line of a Terminal-window.
Store the user-id and
password for the connection to the ISP:The
Internet-Service-Provider usually provides an user-id and a password
to identify individual clients.
During the dial-in-procedure the
ISP performs an identification and requests user-id and password.
There
are 2 different authentification-protocols (PAP and CHAP); if you are
not sure what protocol the ISP uses it is recommended to store
user-id and password for both protocols.
For
the PAP-authentification edit the file /etc/ppp/pap-secrets
and add the bold printed
line.
Instead of the values printed in italics, enter user-id and
password provided by the ISP:
# Secrets for
authentication using PAP
# client server secret IP
adresses
user-id * password
For
the CHAP-authentification edit the file /etc/ppp/chap-secrets
and add the bold printed
line. Instead
of the values printed in italics, enter user-id and password provided
by the ISP:
# Secrets for
authentication using PAP
# client server secret IP
adresses
user-id * password
To
protect the files, change the access-rights:
chmod
400 /etc/ppp/pap-secretschmod
400 /etc/ppp/chap-secrets
Edit the configuration
file for the pppd (Point-to-Point-Protocol-daemon):The
pppd-daemon can is configureded by a parameter-file. As an
improvement over the description for the ppp-dialer
(where the configuration-file is
/etc/ppp/options),
the newer versions can be controlled by any file. In our case the
configuration-file is
/etc/ppp/peers/speedtch
#
# Debug-option;
recommended for the trial-phase.
# Can be commented out if the
connection is proven as stable
debug#
#
The computer at the Internet-Service-Provider (ISP) must provide a
temporary TCP/IP-address
noipdefault
#
This connection is the default-router from the internal network to
the ISP.
defaultroute#
#
The computer at the Internet-Service-Provider (ISP) does not have to
identify itself
# against the computer dialing-in
noauth#
#
User, for whom the password is read out of the file 'pap-secrets' or
'chap-secrets'
user 'user-id'#
#
Some parameters with special function for a ppp over ATM connection
lcp-echo-interval 30
lcp-echo-failure
3
noaccomp
nopcomp
noccp
novj
holdoff
4
persist
maxfail 25
updetach
usepeerdns
plugin
pppoatm.so #
VPI and VCI numbers. These are unique to the ISP
(Internet-Service-Providers)
# This pair must be in the line under
'plugin pppoatm.so'
8.48
#
#
End of file
Intermediate
test:To
check if a connection to the Internet-Service-Provider can be
established, the following command is issued (in a Terminal-window):
pppd
call speedtch
This
should result in an output on the console which looks similar to
this:
Plugin
pppoatm.so loaded
PPPoATM plugin_init
PPPoATM
setdevname_PPPoatm – SUCCESS:8:48
Using interface
ppp0
Connect: ppp0 <--> 8.48
CHAP authentication
succeeded
local IP address 88.117.84.212
remote IP
address 88.117.84.1
primary
DNS address 195.3.96.67
secondary
DNS address 195.3.96.68
Additionally,
you can check if the interface 'ppp0' is established by issuing the
command:
ifconfig
If
the interface 'ppp0' is established the contact to the internet can
be tested _ e.g by pinging a DNS-server:
ping
195.3.96.67
If
you do not get a response, the 'Default Gateway' may be set to a
machine within the local network.
Do verify and correct this,
open >Application >System Settings >Network , go to
the Tab Device and click the [Edit] button.
Verify,
that the field 'Default gateway address' is empty.
Additional
hint: if the connection breaks or you want to restart it for some
other reasons, you have to 'kill' it before reestablishing the
connection:
killall
pppd
Start
/ stop / restart script for the pptp-ClientTo
start or to restart the pppd-daemon, I modified a suitable script in
Heimo Schöns HOWTO. The command are stored in the file
/etc/rc.d/adsl :
#!/bin/bash
#
#
/etc/rc.d/adsl
#
# Script to start / stop /restart the
ADSL-connection for an USB-ADSL-modem
#
# Tested with Linux
Fedora Core 3.
# April 2005
# Kurt Gstoettner
#
# This
script is based on examples published by
# Sebasian C.B. Sauer
<scbATenemyDOTorg>
# Nicolas Croiset
<ncroisetATvdldiffussionDOTcom>
# Philippe Jouguet
<pjouguetATvdldiffusionDOTcom>
#
# Permission to copy is
granted provided that credit is given to all
# documentation you
used to understand these procedures
#
# No warranty is implied.
Use at your own risk !!
#
start() {
# start the adsl-Client
on the USB-ADSL-modem
/usr/sbin/pppd call speedtch
# touch the
process to lock them
touch /var/lock/subsys/pppd
echo -n
"adsl:procedure start()."
# Wait 15 seconds to allow the
pppd-client to get the TCP/IP-address
# from the
Internet-Service-Provider.
# Start the firewall thereafter.
sleep
15s
#
Start the firewall and the ip-forwarding if this script runs on the
router.
# Otherwise comment out the next line.
firewall
return
1
}
#
stop() {
echo -n "Shutting down PPTP tunnel.
"
# Kill the processes for the ppp-protocol
(Point-to-Point-Protocol)
# and the
Point-to-Point-Tunneling-Protocol
# to free the devices for a new
start.
killall /usr/sbin/pppd
echo -n "adsl:procedure
stop()."
return 1
}
#
firewall()
{
# Run the
script to configure the
firewall
/etc/rc.d/rc.firewall-iptables
return 1
}
#
#
case "$1" in
start)
echo -n "Starting
PPTP/PPP tunnel. "
start
;;
#
stop)
stop
;;
#
restart)
# stop, wait 15 seconds to make
sure all asynchronus tasks are completet, start
stop
sleep
15s
start
;;
#
*)
echo -n "Usage: adsl
{start|stop|restart}"
exit 1
;;
esac
exit $?
Setting
the access-rights for an automated startupAs
a prerequisite for automated startup or restart the access-rights of
the script must be set as follows:
chmod
4711 /etc/rc.d/adsl
Automatic
start / restart of the ADSL-connection using crontabAs
mentioned in the credits, Martin Großhauser developed a pretty
smart method to start or restart the pptp-client.
Every 5 minutes
a ping is issued to a known TCP/IP-address on the internet. If this
ping is without an answer, the Start
/stop / restart script
is run with the parameter 'restart'.
All this is achieved by
simply adding one line to the
file /etc/crontab
.
As my connection is with
the Telekom Austria, I ping their primary nameserver.
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
#
#
run-parts01 * * * * root run-parts /etc/cron.hourly02
4 * * * root run-parts /etc/cron.daily
22
4 * * 0 root
run-parts /etc/cron.weekly
42 4
1 * * root run-parts /etc/cron.monthly# Restart the pptp-Client if no
response.0,5,10,15,20,25,30,35,40,45,50,55
* * * * root ping -c 1 195.3.96.67 || /etc/rc.d/adsl restart
The
file can only be edited with access-rights as 'root'.
When
the connection is established, the ADSL-light on the modem stays
solid green.
On
a workstation, set the 'gateway' to the machine that serves as
'Router' and ping a known address; e.g. the Domain-Name-Server of the
Internet-Service-Provider:
ping
195.3.96.67