PPPoE Recommendations

Bruce McDonald brucemcdonal at mindspring.com
Sun Jun 20 02:46:29 UTC 2004 

Hello Chris

On 17-Jun-04, you wrote:

> I am preparing to setup a pppoe connection on either a RH 9.0 or Fedora 
> c1 computer.  This computer will have two nics and will act as a gateway 
> to the world for a internal LAN.    I don't have a lot of experience 
> with pppoe, so I am looking for recommendations.

I use Roaring Penguin PPPOE and it works just fine.  I believe that it is
bundled in RH9, but I was using it before I upgraded so I am a bit hazy on
what was installed by RH9.  I believe that whatever was bundled with RH9
should work well.

> Due to the nature of the connection, I anticipate that I will loose 
> connectivity on the pppoe link on occasion.  I am looking for a way to 
> monitor the connection and reconnect when it is lost and also restart my 
> firewall which will need the newly assigned IP after the reconnect.  I 
> have already configured the firewall to parse the necessary files to get 
> the new addresses.

Connection loss is a given, especially when the ISP is working on their
systems.
RP PPPOE does monitor the connection and periodically tries to bring it back
up when it is down and you did not shut it down.  I would wager that they
all do that.

The correct place to restart the firewall when you are reconnected is in
/ect/ppp/ip-up.local

The system will always execute the /ect/ppp/ip-up script when the link comes
up or gets a new IP address.  Ip-up then call the /ect/ppp/ip-up.local
script which is where you may add things to be done when the link comes up
or a new address is assigned.

To start the firewall all you have to do is add a line to execute the
firewall with the full path.

Mine looks like:
# Check if the firewall script exists
if [ -e /etc/firewall.sh ]
then
# If it does. Start it.
   /etc/firewall.sh
  echo "Firewalling started." > /dev/console
else
# If it doesn't exist, warn.
  echo "firewall.sh not  found... No firewall runninng." > /dev/console
fi

I redirect the echo to the console so that I can see the messages even if I
am logged out.

> I have planed to use the adsl-* scripts for the link.  Looking at the 
> adsl-connect script which is called by adsl-start it looks like it will 
> monitor the connection and restart if necessary.  It also says it will 
> execute the file adsl-lost if it exists when it tries to reconnect.  I 
> thought I could reinitiate the firewall (iptables) there, but am unsure 
> if it executes that before or after it establishes a new connection.

It should restart it.
See above to start the firewall.

> I also thought I might be able to use the ipwatch script and modify it 
> for my needs.

> Maybe an expect script of some kind?

> Any thoughts?


Regards,
Bruce McDonald

More information about the Redhat-install-list mailing list