Example setting up PPPoE

Owned by Scott Leishman
Last updated: Aug 09, 2021 by Derek Fawcus
2 min read

Overview

PPPoE is a network protocol for encapsulating PPP frames inside Ethernet frames. It appeared in 1999, in the context of the boom of DSL as the solution for tunneling packets over the DSL connection to the ISPs IP network, and from there to the rest of the Internet. 

Instructions

  • Create a “chap-secrets” entry in “resources” with user and secret. Please replace userid and password yourself.

vyatta@R1# set resources chap-secrets user userid secret password

  • Set underlying interface to create pppoe tunnel.

vyatta@R1# set interfaces pppoe pppoe0 interface dp0p1s1

  • Set a user for the created pppoe tunnel.

vyatta@R1# set interfaces pppoe pppoe0 chap-user userid

  • Set default route.

vyatta@R1# set interfaces pppoe pppoe0 default-route

  • Set name server.

vyatta@R1# set interfaces pppoe pppoe0 name-server

  • Set mtu according to your needs.

vyatta@R1# set interfaces pppoe pppoe0 mtu 1492

Verification and Troubleshooting

  • Verification

vyatta@R1$ show interfaces detail

vyatta@R1$ ping www.google.com

vyatta@R1$ show log

Enable TCP MSS Clamping

It is often useful to enable TCP MSS clamping on PPPoE interfaces.

When needed, this will usually present as TCP conections being established, but ‘freezing’ before much data has been transfered. That is because the MTU of a PPPoE link is 8 bytes shorter than that of the underlying ethernet size of 1500 bytes, and path MTU discovery often does not work between various hosts; in large part due to the path between the hosts dropping the ICMP messages used for classic PMTUd - usually at NATs, firewalls or ACLs. Also many hosts do not support the newer PLMTUD mechanism, and not all protocols define how to use it (TCP does).

This can be enabled with the following command, usually in the ‘mtu’ variant:

vyatta@vyatta# set interfaces pppoe pppoe0 ip tcp-mss Possible Completions: <Enter> Execute the current command limit Clamp the TCP MSS to the configured value mtu Clamp the TCP MSS based on interface MTU mtu-minus Clamp the TCP MSS based on interface MTU less the configured value

i.e. as below (showing both the IPv4 and IPv6 versions)

vyatta@vyatta# set interfaces pppoe pppoe0 ip tcp-mss mtu vyatta@vyatta# set interfaces pppoe pppoe0 ipv6 tcp-mss mtu

It may also be possible to force the use of baby jumbo-grams for PPPoE (i.e. using a 1508 payload packet) by setting the PPPoE interface MTU to 1500. However support for this between various vendors is not universal, nor is ISP support, and so it used one should experiment to ensure it is operating properly. If that scheme works, then there is no need to enable MSS clamping.