1.\" $OpenBSD: pppoe.4,v 1.35 2021/03/16 13:53:39 millert Exp $ 2.\" $NetBSD: pppoe.4,v 1.26 2003/10/02 07:06:36 wiz Exp $ 3.\" 4.\" Copyright (c) 2002 The NetBSD Foundation, Inc. 5.\" All rights reserved. 6.\" 7.\" This code is derived from software contributed to The NetBSD Foundation 8.\" by Martin Husemann <martin@NetBSD.org>. 9.\" 10.\" Redistribution and use in source and binary forms, with or without 11.\" modification, are permitted provided that the following conditions 12.\" are met: 13.\" 1. Redistributions of source code must retain the above copyright 14.\" notice, this list of conditions and the following disclaimer. 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in the 17.\" documentation and/or other materials provided with the distribution. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29.\" POSSIBILITY OF SUCH DAMAGE. 30.\" 31.Dd $Mdocdate: March 16 2021 $ 32.Dt PPPOE 4 33.Os 34.Sh NAME 35.Nm pppoe 36.Nd PPP Over Ethernet protocol network interface 37.Sh SYNOPSIS 38.Cd "pseudo-device pppoe" 39.Sh DESCRIPTION 40The 41.Nm 42interface encapsulates 43.Em Point-to-Point Protocol (PPP) 44packets inside Ethernet frames as defined by RFC 2516. 45.Pp 46This is often used to connect a router via a DSL modem to 47an access concentrator. 48The 49.Nm 50interface does not by itself transmit or receive frames, 51but needs an Ethernet interface to do so. 52This Ethernet interface is connected to the 53.Nm 54interface via 55.Xr ifconfig 8 . 56The Ethernet interface needs to be marked UP, but does not need to have an 57IP address. 58.Pp 59There are two basic modes of operation, controlled via the 60.Em link1 61switch. 62The default mode, 63.Em link1 64not being set, tries to keep the configured session open all the 65time. 66If the session is disconnected, a new connection attempt is started 67immediately. 68The 69.Dq dial on demand 70mode, selected by setting 71.Em link1 , 72only establishes a connection when data is being sent to the interface. 73.Pp 74Before a 75.Nm 76interface is usable, it needs to be configured. 77The following steps are necessary: 78.Bl -bullet 79.It 80Create the interface. 81.It 82Connect an Ethernet interface. 83This interface is used for the physical communication. 84As noted above it must be marked UP, but need not have an IP address. 85.It 86Configure authentication. 87The PPP session needs to identify the client to the peer. 88For more details on the available options see 89.Xr ifconfig 8 . 90.It 91If using IPv6, configure a link-local address. 92.El 93.Pp 94This all is typically accomplished using an 95.Pa /etc/hostname.pppoe0 96file. 97A typical file looks like this: 98.Bd -literal -offset indent 99inet 0.0.0.0 255.255.255.255 NONE \e 100 pppoedev em0 authproto pap \e 101 authname 'testcaller' authkey 'donttell' up 102dest 0.0.0.1 103inet6 eui64 104!/sbin/route add default -ifp pppoe0 0.0.0.1 105!/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 106.Ed 107.Pp 108The physical interface must also be marked 109.Ql up : 110.Bd -literal -offset indent 111# echo "up" > /etc/hostname.em0 112.Ed 113.Pp 114Since this is a PPP interface, the addresses assigned to the interface 115may change during PPP negotiation. 116In the above example, 0.0.0.0 and 0.0.0.1 serve as placeholders for 117dynamic address configuration. 118.Pp 119If the local address is set to wildcard address 0.0.0.0, it will 120be changed to an address suggested by the peer. 121.Pp 122If the destination address is set to a wildcard address in the range 123from 0.0.0.1 to 0.0.0.255, it will be changed to an address suggested 124by the peer, and if a default route which uses this interface exists 125the gateway will be changed to the suggested address as well. 126.Pp 127Otherwise, PPP negotiation will only agree to exactly the IPv4 addresses 128which are configured on the interface. 129.Sh KERNEL OPTIONS 130.Nm 131does not interfere with other PPPoE implementations 132running on the same machine. 133However under some circumstances 134(such as after a crash or power failure) 135the peer device might initially refuse to 136reestablish a new PPPoE connection 137because there is already an open session. 138This would be indicated by the client sending a high number of PADI packets 139before successfully connecting. 140The 141.Nm 142driver can be told to kill all unknown PPPoE sessions 143by sending a PADT packet to explicitly terminate the old session. 144Add the following to the kernel config file: 145.Pp 146.Dl option PPPOE_TERM_UNKNOWN_SESSIONS 147.Sh MTU/MSS ISSUES 148Problems can arise on machines with private IPs connecting to the Internet 149via a machine running both 150Network Address Translation (NAT) 151and 152.Nm . 153Standard Ethernet uses a 154maximum transmission unit (MTU) 155of 1500 bytes, 156whereas PPPoE mechanisms need a further 8 bytes of overhead. 157This leaves a maximum MTU of 1492. 158.Nm 159sets the MTU on its interface to 1492 as a matter of course. 160However, 161machines connecting on a private LAN will still have their MTUs set to 1500, 162causing conflict. 163Using a packet filter, 164the 165maximum segment size (MSS) 166can be set (clamped) to the required value. 167The following rule in 168.Xr pf.conf 5 169would set the MSS to 1440: 170.Pp 171.Dl match on pppoe0 scrub (max-mss 1440) 172.Pp 173Although in theory the maximum MSS over a PPPoE interface 174is 1452 bytes, 1751440 appears to be a safer bet. 176Note that setting the MSS this way can have undesirable effects, 177such as interfering with the OS detection features of 178.Xr pf 4 . 179.Pp 180Alternatively in cases where the remote equipment supports RFC 4638 181and the physical interface is configured to support jumbo frames, 182the MTU of the 183.Nm 184interface can be raised and it will attempt to negotiate an increased MTU. 185For example, in 186.Pa /etc/hostname.pppoe0 : 187.Bd -literal -offset indent 188inet 0.0.0.0 255.255.255.255 NONE mtu 1500 \e 189 pppoedev em0 authproto pap \e 190 authname 'testcaller' authkey 'donttell' up 191dest 0.0.0.1 192!/sbin/route add default -ifp pppoe0 0.0.0.1 193.Ed 194.Pp 195The physical interface must also be configured like so: 196.Bd -literal -offset indent 197# echo "up mtu 1508" > /etc/hostname.em0 198.Ed 199.Pp 200With this, the previously mentioned MSS clamping rules in 201.Xr pf.conf 5 202are no longer necessary. 203.Pp 204If the MTU is set to a value larger than 1492 and the remote endpoint does 205.Em not 206support RFC 4638, 207.Nm 208will write 209.Dq \&No valid PPP-Max-Payload tag received in PADO 210to the kernel message buffer and the MTU will remain at the default value. 211However, RFC 4638 negotiation only takes into account the MTU configured 212on the endpoints, not the maximum MTU supported on the path between them. 213If the path cannot pass the larger Ethernet frames, negotiation will succeed 214but the larger frames will be dropped. 215For this reason it is important to test the connection with large packets 216when enabling a higher MTU. 217.Pp 218See 219.Xr pf.conf 5 220for more information on MTU, MSS, and NAT. 221.Sh SEE ALSO 222.Xr sppp 4 , 223.Xr hostname.if 5 , 224.Xr pf.conf 5 , 225.Xr ifconfig 8 226.Sh STANDARDS 227.Rs 228.%A L. Mamakos 229.%A K. Lidl 230.%A J. Evarts 231.%A D. Carrel 232.%A D. Simone 233.%A R. Wheeler 234.%D February 1999 235.%R RFC 2516 236.%T A Method for Transmitting PPP Over Ethernet (PPPoE) 237.Re 238.Pp 239.Rs 240.%A P. Arberg 241.%A D. Kourkouzelis 242.%A M. Duckett 243.%A T. Anschutz 244.%A J. Moisand 245.%D September 2006 246.%R RFC 4638 247.%T Accommodating a Maximum Transit Unit/Maximum Receive Unit (MTU/MRU) Greater Than 1492 in the Point-to-Point Protocol over Ethernet (PPPoE) 248.Re 249.Sh HISTORY 250The 251.Nm 252device first appeared in 253.Ox 3.7 . 254.Sh BUGS 255This implementation is client side only. 256.Pp 257It is important to specify 258.Dq Li netmask 255.255.255.255 259to 260.Xr ifconfig 8 . 261If the netmask is unspecified, it will be set to 8 when 0.0.0.0 is 262configured to the interface, and it will persist after negotiation. 263.Pp 264The presence of a 265.Xr mygate 5 266file will interfere with the routing table. 267Make sure this file is either empty or does not exist. 268.Pp 269Two 270.Nm 271interfaces configured with the same wildcard destination address 272cannot share a routing table. 273