Date: Tue, 3 Apr 2001 13:54:01 +0200 From: "Michael Nottebrock" <michaelnottebrock@gmx.net> To: "Michael Radzewitz" <Michael.Radzewitz@freenet-ag.de>, <freebsd-newbies@freebsd.org> Subject: Re: help for ADSL connection Message-ID: <019b01c0bc36$0bbc0060$0508a8c0@lofi.dyndns.org> References: <E07E5FD109B8D411842200508BD3C5E6C2BD92@staff.freenet-ag.de>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message -----
From: "Michael Radzewitz" <Michael.Radzewitz@freenet-ag.de>
Subject: RE: help for ADSL connection
[...]
you can't use an ADSL connection with the normal ppp deamon. So you have
to
built or use
the PPPoE-Software instead.
> [...]
> 1) Should I use PPP or PPPoE?
> 2) For home networking, should I use IPFW & NATD or ppp's NAT
> facility?
This answer is only halfway correct. The pppd does not support pppoe
yet, but the userland ppp, which is also part of the freebsd base
system, does. The userland ppp also has a built-in nat feature, which
(of course) can be used with dsl-connections. So, in theory, 'ppp -nat'
should be all you need (apart from a kernel recompilation, where you
need to add the lines
options NETGRAPH
options NETGRAPH_SOCKET
options NETGRAPH_PPPOE
options NETGRAPH_ETHER # actually only necessary for old 4.0
# and 3.x systems, but
cannot hurt anyway.
)
There is a technical issue with PPPoE-ADSL connections, though. The
maximum transfer unit via the PPPoE connection often is only 1492 bytes,
but the universal standard of common tcp/ip stacks is 1500 bytes. And,
instead of sending a message back telling the client to fragment the
packets, often the ISP's routers just discard the packet, with the
result that, for example certain webpages, simply won't load.
This problem does not necessarily affect you. Maybe, your ISP has it's
routers configured properly and the problem won't surface. Also, if you
are using FreeBSD 4.2-STABLE, downloaded at a later date than Dec. 18th,
2000 or FreeBSD-CURRENT, downloaded at a later date than Nov. 28th,
2000, the userland ppp is reported to already deal with this issue
gracefully. For almost every other version of freebsd, a backport from
the -current sources is available at http://www.awfulhak.org/ppp.html
However, if you _want_ to do firewalling via ipfw, you will need to go
for the natd / ipfw combination, and if the problem described above
surfaces, you will also need tcpmssd (which is in the ports collection)
to adjust the packets that leave your machine. Beware though: The port
is broken in releases _before_ 4.2, so if you're using 4.1.1 or earlier,
you will have to update your ports collection first and build tcpmssd
from there. Also, using natd and and tcpmssd requiere a kernel
recompilation with the following lines added:
options IPFIREWALL
options IPDIVERT
While this may all sound very very complicated and troublesome, I did
manage to get it right in the end, having had only Linux experiences
before. So,
Good Luck, greetings
Michael Nottebock
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?019b01c0bc36$0bbc0060$0508a8c0>