PPPoE Recommendations

[Bruce McDonald]

Hello Chris

On 20-Jun-04, you wrote:

> Bruce McDonald wrote:
>> Hello Chris
>> 
>> On 17-Jun-04, you wrote:
>> 
>> 
>>> I am preparing to setup a pppoe connection on either a RH 9.0 or Fedora
>>> c1 computer. This computer will have two nics and will act as a gateway
>>> to the world for a internal LAN. I don't have a lot of experience with
>>> pppoe, so I am looking for recommendations.


>> I use Roaring Penguin PPPOE and it works just fine. I believe that it is
>> bundled in RH9, but I was using it before I upgraded so I am a bit hazy
>> on what was installed by RH9. I believe that whatever was bundled with
>> RH9 should work well.


>>> Due to the nature of the connection, I anticipate that I will loose
>>> connectivity on the pppoe link on occasion. I am looking for a way to
>>> monitor the connection and reconnect when it is lost and also restart my
>>> firewall which will need the newly assigned IP after the reconnect. I
>>> have already configured the firewall to parse the necessary files to get
>>> the new addresses.


>> Connection loss is a given, especially when the ISP is working on their
>> systems.
>> RP PPPOE does monitor the connection and periodically tries to bring it
>> back up when it is down and you did not shut it down. I would wager that
>> they all do that.

>> The correct place to restart the firewall when you are reconnected is in
>> /ect/ppp/ip-up.local

>> The system will always execute the /ect/ppp/ip-up script when the link
>> comes up or gets a new IP address. Ip-up then call the
>> /ect/ppp/ip-up.local script which is where you may add things to be done
>> when the link comes up or a new address is assigned.

>> To start the firewall all you have to do is add a line to execute the
>> firewall with the full path.

>> Mine looks like:
>> # Check if the firewall script exists
>> if [ -e /etc/firewall.sh ]
>> then
>> # If it does. Start it.
>>   /etc/firewall.sh
>>  echo "Firewalling started." > /dev/console
>> else
>> # If it doesn't exist, warn.
>>  echo "firewall.sh not  found... No firewall runninng." > /dev/console
>> fi

>> I redirect the echo to the console so that I can see the messages even if
>> I am logged out.


>>> I have planed to use the adsl-* scripts for the link.  Looking at the 
>>> adsl-connect script which is called by adsl-start it looks like it will 
>>> monitor the connection and restart if necessary.  It also says it will 
>>> execute the file adsl-lost if it exists when it tries to reconnect.  I 
>>> thought I could reinitiate the firewall (iptables) there, but am unsure 
>>> if it executes that before or after it establishes a new connection.
>> 
>> 
>> It should restart it.
>> See above to start the firewall.
>> 
>> 
>>> I also thought I might be able to use the ipwatch script and modify it 
>>> for my needs.
>> 
>> 
>>> Maybe an expect script of some kind?
>> 
>> 
>>> Any thoughts?
>> 
>> 
>> 
>> Regards,
>> Bruce McDonald
>> 

> Thanks Bruce,

> That's just what I was looking for.  I will have a very short time to 
> get this up and running, so I am trying to learn as mush as I can up 
> front.  In all my reading I missed the /etc/ppp/ip-up and ip-up.local. 
>  I think you saved me from a lot of extra work and stress.

Glad I could be of help.

And just so you are aware, the convention of this list is to bottom post so
the thought process is easier to follow.  I reformatted your reply in my
reply.

Regards,
Bruce McDonald