PPPoE setup


#1

I am unsure if this is the proper spot but here goes.

I know plenty are from the original vyatta and just know this but I have scoured the Internet and these forums for a simple command on how to set pppoe up on my eth1
I have found references to vyatta but I have not attempted.

I see all these what look like scripts I have no idea (I am first time user just learned about this long running project days ago) where would I put these scripts

I just would like a simple set command and commit so I can get it up and running so I can research some more of this wonderful project.

I am taking my router down each day and playing a little bit with this in hopes of eventually getting pppoe running and the basic functionality to browse the web do dhcp squid limit some ports and maybe later get another Internet connection going then balance my voip connection then maybe this vybuddy web interface will be mature enough so its easier to enter things or maybe some stats who knows.


#2

Hello notut,

The following link is PPPoE setup example for VyOS. (I’m not author)
http://sideceres.blogspot.jp/2014/06/vyos-1041.html
This is written in Japanese but maybe you can read set command.

eth0 PPPoE interface connect to Internet
eth2 LAN Interface.

set int eth eth0 pppoe 0
set int eth eth0 pppoe 0 user-id XXXX@AAAA.YY.ZZ
set int eth eth0 pppoe 0 password PASSWORDS
run show int
disconnect: disconnect int pppoe0
connect: connect int pppoe0

3.2.5 MSS config setting

This config apply on LAN interface. I’m not sure this config require or not outside of Japan.

set policy route PPPOE-IN rule 10 protocol tcp
set policy route PPPOE-IN rule 10 set tcp-mss 1414
set policy route PPPOE-IN rule 10 tcp flags SYN
set int eth eth2 policy route PPPOE-IN


Hiroyuki Sato.


#3

Ok , like I said be easy on me first time doing this.

I have entered ports in ranges and I have guessed settings . I love how tab gives you possible commands or that its valid or not.
Looks like I can connect now (thank you Hiroyuki Sato.) I am unsure about the set policy route PPPOE-IN rule 10 set tcp-mss 1414
or what a ontario canada dsl connection would be for tcp-mss.

I can not browse any websites. I am guessing I need to add a route and/or firewall setting. what do I need?

you can see i played with getting my voip sip connection going through no luck there

route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.0.0.254 0.0.0.0 UG 0 0 0 eth0 10.0.0.0 * 255.255.255.0 U 0 0 0 eth0 root@hostnaeme:/home/xxxx# ping google.ca PING google.ca (173.194.43.127) 56(84) bytes of data. ^C --- google.ca ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 3999ms

[code]vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description


eth0 - u/u OUTSIDE
eth1 10.0.0.254/24 u/u INSIDE
lo 127.0.0.1/8 u/u
::1/128
pppoe0 2xx.2xx.1xx.1xx u/u
vyos@vyos:~$ show configuration
firewall {
all-ping enable
broadcast-ping disable
config-trap disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name OUTSIDE-IN {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action accept
destination {
address 10.0.0.110
port 5060
}
protocol tcp_udp
state {
new enable
}
}
rule 21 {
action accept
destination {
address 10.0.0.110
port 10001-19001
}
protocol udp
state {
new enable
}
}
}
name OUTSIDE-LOCAL {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action accept
icmp {
type-name echo-request
}
protocol icmp
state {
new enable
}
}
rule 30 {
action drop
destination {
port 22
}
protocol tcp
recent {
count 4
time 60
}
state {
new enable
}
}
rule 31 {
action accept
destination {
port 22
}
protocol tcp
state {
new enable
}
}
rule 32 {
action accept
destination {
port 2238
}
protocol tcp
state {
new enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
twa-hazards-protection disable
}
interfaces {
ethernet eth0 {
description OUTSIDE
duplex auto
firewall {
in {
name OUTSIDE-IN
}
local {
name OUTSIDE-LOCAL
}
}
hw-id 08:00:27:f3:c5:20
pppoe 0 {
default-route auto
mtu 1492
name-server auto
password ****************
user-id username@isp.com
}
smp_affinity auto
speed auto
}
ethernet eth1 {
address 10.0.0.254/24
description INSIDE
duplex auto
hw-id 08:00:27:55:6e:b2
policy {
route PPPOE-IN
}
smp_affinity auto
speed auto
}
loopback lo {
}
}
nat {
destination {
rule 10 {
description “Port Forward: SIP to 10.0.0.110”
destination {
port 5060
}
inbound-interface eth0
protocol tcp_udp
translation {
address 10.0.0.110
}
}
rule 11 {
description “Port Forward: SIP RTP to 10.0.0.110”
destination {
port 10001-19001
}
inbound-interface eth0
protocol udp
translation {
address 10.0.0.110
}
}
}
source {
rule 110 {
description “NAT Reflection: INSIDE”
destination {
address 10.0.0.0/24
}
outbound-interface eth1
source {
address 10.0.0.0/24
}
translation {
address masquerade
}
}
}
}
policy {
route PPPOE-IN {
rule 10 {
protocol tcp
set {
tcp-mss 1414
}
tcp {
flags SYN
}
}
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN {
authoritative disable
subnet 10.0.0.0/24 {
default-router 10.0.0.254
dns-server 10.0.0.254
domain-name internal-network
lease 86400
start 10.0.0.200 {
stop 10.0.0.253
}
}
}
}
dns {
forwarding {
cache-size 2000
listen-on eth1
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 20
}
console {
device ttyS0 {
speed 9600
}
}
host-name vyos
login {
user vyos {
authentication {
encrypted-password ****************
}
level admin
}
}
ntp {
server 0.pool.ntp.org {
}
server 1.pool.ntp.org {
}
server 2.pool.ntp.org {
}
}
package {
auto-sync 1
repository community {
components main
distribution helium
password ****************
url http://packages.vyos.net/vyos
username “”
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}[/code]


#4

Hi,

It looks like the NAT source rule is wrong.

Probably you want to NAT when destination is not like your internal network, and when the traffic is leaving your network.

Destination could be like 0.0.0.0/0 and outgoing interface eth0.

Regards
Arne


#5

oh my

Ok I will read though that and study what i can on it and try again. if I make it work i will surly give back and let folks know

thank you for your analysis and guidance


#6

Anyone know why every 4-5 days my interfaces go admin down / down. I always need to reboot the vm to recover