A PPPoE link is defined by a ppp
top-level object. To create or edit PPPoE links in the web user interface, select the "Interface" category icon -
- under the section headed "PPPoE settings" you will see the list of existing ppp
objects (if any), and an "Add" link.
For most situations, configuring a PPPoE link only requires that you specify the port
group name (see Section 6.2)
that the router/modem is connected to and the login credentials i.e.
username and password. The port group is specified via
the port
attribute on the ppp
object,
and credentials are specified via the username
and
password
attributes.
If you are connecting multiple routers/modems via a VLAN capable switch to a single FB2500 port, you will also need to specify the VLAN used for the
FB2500 to router/modem layer 2 connection - this is done by setting the value of the vlan
attribute too.
As an example, if you you were to connect a single modem/router
directly to port 1 on your FB2500 (i.e. not using VLANs), and you had
decided to name the port group PPP_PORT
then the
configuration needed, shown as an XML fragment, would be :-
<port name="PPP_PORT" ports="1"/> ... <ppp port="PPP_PORT" eth="1" username="..." password="..."/>
eth
setting to that port as well. This causes the Ethernet port to be powered down briefly when the PPPoE link closes for any reason, and for the re-try (PADI) sending to start quickly when the link comes up. The port reset can work around a known bug in many bridging broadband modems when used with fixed IP services.You may also want to give the PPPoE link a name, by setting the name
attribute - you can then reference the link in, for example, a profile (see Section 9.2.2.1).
There are a number of additional options (see below), but for most configurations this is all you need. It causes the FB2500 to connect and set a default route for internet access via the PPP link.
If your ISP negotiates IPv6 on the link, then a default route is set for IPv6 traffic down the line. If the ISP handles ICMPv6 prefix delegation then an IPv6 block will automatically be assigned to you LAN. If not, then you could manually configure the IPv6 prefix the ISP is providing. There are options to control which interfaces get automatic prefix delegations in this way.
Normally PPPoE operates with a maximum packet size of 1492 bytes - this is due to the 8 byte PPPoE header
that is used, and the normal 1500 byte payload limit of an Ethernet packet. The FB2500 includes an option to set the PPPoE MTU, so that when used with equipment capable of jumbo frames
(such as BT FTTC and FTTP services, and with appropriate ADSL bridging modems) this allows use of slightly larger frames to provide a 1500 byte MTU. To achieve this, simply set the mtu
attribute
to a value of 1500. By default the tcp-mss-fix
attribute is also set, which means when working with a smaller MTU such as 1492, any connections that try and establish 1500 byte links are adjusted
on the fly to be the lower MTU. This avoids problems with a lot of corporate and bank web sites that do not handle MTU and ICMP correctly. Typically your ISP will be doing this TCP fix for you as well.
Testing has been done which confirms setting mtu="1500" works correctly on BT FTTC and FTTP lines, as well as BT 21CN and TalkTalk lines via a suitable bridging modem (Dlink 320B).
Testing using a Zyxel P660R in bridge mode confirms that BT 21CN ADSL lines will negotiate 1500 byte MTU, but it seems the Zyxel will not bridge more than 1496 bytes of PPP payload. If you select more than 1492 MTU and have problems it could be that some device connecting you to the access concentrator cannot handle the larger packets (such as a bridge or a switch). For this reason the default MTU is 1492.
The PPPoE protocol allows multiple services to be offered, and the service setting can be used to select which is available. This is rarely needed and should be ignored unless you know what you are doing. If specified, even as an empty string, then only matching services will be selected.
The name specified via the ac-name
attribute is the name of the PPPoE endpoint (access controller). In some cases there may be a choice of endpoints and setting this causes one to be selected by name.
Again, this is rarely needed, and if specified will only match the name you specify. On some other carrier PPPoE lines, for example, you could select a specific LAC by name if you wanted to.
The PPP connection status, and PPP negotiation can be logged by setting the log
attribute to a valid log target.
The log-debug
will log the whole PPP negotiation which is particularly useful when debugging connection problems.
As discussed in Chapter 10, graphs allow you to visualise connections, in terms of their state, traffic rates and patterns etc.
By setting the graph
attribute, you can cause the state of the line, data transferred each way, and current packet loss and latency to be recorded on a graph.
Once you are graphing the PPPoE connection, you can set traffic shaping to control speed (see Section 10.1.2). Alternatively,
a PPPoE connection is something you can set a speed limit on directly - setting the speed
attribute will control the speed of traffic sent to
the Internet - this is mainly used when bonding PPP links.
As uplink/egress speed can be very important to manage bonded lines, a further setting of auto-percent
can be set to a percentage, e.g. 95. If set then the Firebrick looks for a connection info string in the final CHAPS connect message for a string in the format of digits/digits and assumes the second sequence of digits is an uplink speed in bits/second. The percentage is then applied and the tx speed set. If the speed
is also set, this acts as a cap not allowing speeds to be set higher by auto-percent
. A silly low value for speed in the message will be ignored.