Home arrow Configure arrow MPD PPPoE
MPD PPPoE PDF
Monday, 19 February 2007

This section describe howto build a PPPoE server with MPD. Also on our website you can find an article about building PPPoE Server with PPPoEd .

MPD is netgraph multi-link PPP daemon. Can be used with great success as a reliable PPPoE server. It can be also use as a PPPoE client.

This page is work in progress. We will create a mpd tutorial shortly. Until then, here are our notices,  things to be remebered.

MPD Tuning
-----------------

As you might know FreeBSD default installation policy is to have a reliable server. FreeBSD core team prefer to choose that over performance. So FreeBSD default installation is good for most of systems but if you build a server that must support many users, a lot of traffic, some tunings must be done, because as I said, FreeBSD default instalation is optimized for stability not performance. You may ask yourself, ok, if that is default, and default is very stable, then why shoud we tune FreeBSD? The answer is: because if you don't, it won't work, for a large number of users.`

To understand you better, let's say default FreeBSD installation (5.x or 6.x) will not permit more than 130 conected users to your MPD PPPoE Server.

To solve this problem add the following line to your /boot/loader.conf

kern.ipc.nmbclusters=16384
kern.ipc.maxsockets=16384
net.graph.maxalloc=2048
net.graph.maxdgram=128000
net.graph.recvspace=128000
kern.maxusers=512

# this rule help you to support more than 800 ng devices, when mpd starts
kern.ipc.maxpipekva=32000000


Killing a ng
------------
To kill a ng interface (for example ng0):

ngctl shutdown ng0:



A good practice is to compile options you will need in FreeBSD kernel. (Or you can use kernel modules, loded with kldload. I prefer to compile into kernel).

Options you will need to add into kernel:

# options needed if you have ipfw firewall
options IPDIVERT
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
options DUMMYNET

# netgraph options
options HZ=1000
options NETGRAPH
options NETGRAPH_PPPOE
options NETGRAPH_SOCKET

options NETGRAPH_CISCO
options NETGRAPH_ECHO
options NETGRAPH_FRAME_RELAY
options NETGRAPH_HOLE
options NETGRAPH_KSOCKET
options NETGRAPH_LMI
options NETGRAPH_RFC1490
options NETGRAPH_TTY

options NETGRAPH_ASYNC
options NETGRAPH_BPF
options NETGRAPH_ETHER
options NETGRAPH_IFACE
options NETGRAPH_KSOCKET
options NETGRAPH_L2TP
options NETGRAPH_MPPC_ENCRYPTION
options NETGRAPH_PPP
options NETGRAPH_PPTPGRE
options NETGRAPH_TEE
options NETGRAPH_UI
options NETGRAPH_VJC

# bridge support, device polling support, other security features
options BRIDGE
options DEVICE_POLLING
options IPSTEALTH

# support for ALTQ traffic shaping
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_PRIQ
# options ALTQ_NOPCC

# support for pf firewall
device mem
device pf
device pflog
device pfsync

# -------------------------- End of kernel config file ------------------

Patch MPD4 sources from ports with support MPD4 (and 3.18 too) must be patched if you want to use  PPPoE on Windows 2000  stations (Windows 2000 have a bug in MRU negotiation on PPPoE connections).

Patch can be downloaded here: lcp.c.win2K.patch

Apply the patch to /usr/ports/net/mpd4 sources, then do:

# make deinstall
# make reinstall

restart mpd service and your PPPoE server will work ok with Win2K clients. (For tests we've used RASPPPoE client wit Win2K, since Win2K does not have integrated support for PPPoE, which is present in Win XP).


Last Updated ( Tuesday, 06 March 2007 )
 

Other BSD Systems

OpenBSD

Misc

Solaris

Polls

Best BSD firewall?