Getting started
with the latest PPP software from Sun Microsystems

Written by Martha Starkey, from information compiled by Ken "The Dr." Corum.

Last updated March 8, 2010.


Get the PPP 4.0 Documentation from Sun (PDF; look under Part V, "Serial Networking Topics")

Table of Contents

How to obtain PPP 4.0: [Top of page]

PPP 4.0 was introduced with the July, 2001 release (a.k.a. "update 5") of the Solaris 8 operating system. Solaris 8 releases prior to July, 2001 still contain the aspppd software. PPPoE (PPP over Ethernet) capability was added in the Solaris 8 October, 2001 release (a.k.a. "update 6").

The /etc/release file will state which version of the Solaris 8 release is installed. Don't waste your time attempting to load and configure the PPP 4.0 packages on a release of Solaris prior to 07/01. There is no kernel support for them in the earlier versions and and it won't work. You can compile and run the non-Sun versions of pppd on any release of Solaris, but Sun only supports their own PPP versions.

What are the PPP 4.0 Packages? [Top of page]

On disk 2 of the Solaris install cds:

  • SUNWpppd - Solaris PPP device drivers
  • SUNWpppdu - Solaris PPP daemon and utilities
  • SUNWpppg - GNU utilities for PPP
  • SUNWpppdr - configuration files
  • SUNWpppgS - ANU source code
  • SUNWpppdt - PPPoE modules (starting with the Solaris 8 10/01 version as noted above; adding this package to a Solaris 8 07/01 won't do you any good, you MUST have the 10/01 release of Solaris 8 installed if you want to do PPPoE)

Can PPP 4.0 be installed on the same machine along with older versions of Sun PPP? [Top of page]

Under most circumstances, only one type of any PPP software is all that is needed. If more than one version/type of Sun's PPP software is needed, use the guidelines below:

  • PPP 4.0 (/usr/bin/pppd) and Solstice PPP 3.0.1 (/usr/sbin/pppd) can reside on the same machine, but cannot be run simultaneously.
  • aspppd and PPP 4.0 can reside on the same machine, but cannot be run simultaneously.
  • aspppd and Solstice PPP 3.0.1 should not be loaded on the same machine, since they both contain a package called SUNWpppk which causes conflicts and errors upon use. Sun Support recommends the complete removal of the aspppd software prior to the installation of the Solstice PPP software and vice versa. Some documents, (which may not be free to access at Sun's discretion), that may be helpful regarding this situation are:

Are there any PPP 4.0 specific patches? [Top of page]

PPP 4.0 specific patches, as of March 2010:

Solaris 8 Patch: 128624-12
Solaris 9 Patch: 113327-03
Solaris 10 Patch: 120011-14

For info on patch availability,see http://sunsolve.sun.com/show.do?target=patches/patch-access

How to setup PPP logging: [Top of page]

Unlike aspppd and Solstice PPP 3.0.1, which have their own logging facilities, PPP 4.0 utilizes the syslog daemon via the LOG_DAEMON facility.

To generate logging to a file:

  1. Create /var/log/ppp (ppp logging) and /var/log/local2 (chat script logging), if they don't already exist.
  2. Add the following lines to /etc/syslog.conf (no spaces in this file, only tabs):
    daemon.debug                                    /var/log/ppp
    local2.debug                                    /var/log/local2
    
  3. Restart syslogd.

CLIENT CONFIGURATION

Dial up Client [Top of page]

Here's a recipe for connecting to a regional ISP that does no chat sequence and requires PAP. The options and options.ttya files are not used (all entries there are commented):

# more /etc/ppp/netway-chat
""      AT&F1   #initialize the modem. AT&F can also be used. consult modem documentation.
ABORT   BUSY
ABORT   'NO CARRIER'
REPORT  CONNECT
TIMEOUT 10
""      "AT"
SAY     "Calling Netway.com\n"
TIMEOUT 60
OK      "ATDT5555551212"
CONNECT \r     #if \r, which sends a carriage return, confuses the peer, use \c
#ogin: "pppusername"      #if peer uses a traditional type of login/password, put keywords here
#word: "pppuserpassword"  #and comment out pap-secrets file unless it is also required by peer

# more /etc/ppp/peers/netway
user pppuser
connect "/usr/bin/chat -v -f /etc/ppp/netway-chat"
noipdefault
defaultroute
updetach #can be removed after successful debugging of connection along with "debug"
lock
modem
crtscts
ttya  #the dialout device cua/a can also be used if the ttya device is problematic. see the man pages for se and zs.
debug #can be removed after successful debugging of connection along with "updetach"
38400
noccp
#
#for increased speed, remove "updetach" and "debug"

more /etc/ppp/pap-secrets
pppusername         *        "password"           *
(note: "pppusername" and "password" used for example. Use the appropriate username and password.)


# more /etc/resolv.conf
domain          netway.com
nameserver      216.xxx.xxx.254
nameserver      216.xxx.xxx.253
(note: "x" characters used for example. Use real DNS server IP addresses appropriate to the
domain or ISP)

# more /etc/nsswitch.conf
(purposely truncated)
hosts:      files dns

To connect: pppd call netway.com

To disconnect: pkill pppd

If PAP and/or CHAP are not needed:
The pap-secrets or chap-secrets file is not used and the "ogin:" and "ssword:" keywords and values would be placed in the chat script (the netway-chat file in the previous example).

Populating /etc/resolv.conf with the usepeerdns option:
If the ISP/peer does dynamic ip addressing and provides DNS information during the ppp negotiation, add a keyword and a required softlinked file to capture that information. This is handy when the specific DNS server IP addresses that the /etc/resolv.conf file utilizes are not known:

# rm -f /etc/resolv.conf
# ln -s /etc/ppp/resolv.conf /etc/resolv.conf
# ls -la res*
lrwxrwxrwx   1 root     other         20 Aug 13 06:10 resolv.conf -> /etc/ppp/resolv.conf

Note: To preserve /etc/resolv.conf, do "mv /etc/resolv.conf /etc/resolv.conf.old" instead of "rm -f". The /etc/ppp/resolv.conf file has to already exist prior to the ln command, but /etc/resolv.conf does not.

Cable modem/DSL router alternative to running PPPoE on Unix [Top of page]

If you are reading this because you want to connect your Solaris system to the Internet via Verizon DSL and other high speed providers, you should consider the following.

For well under $100 (usually), you can purchase a "cable modem/DSL router" to very effectively and efficiently do the PPPoE for you. This approach has many advantages:

  1. Inexpensive (for what it does)
  2. Basic (or advanced, depending on the make/model) firewall and VPN capabilities. Threats like viruses and worms are definately something to worry about when connecting systems to the Internet. VPN capabilities are required for most corporate "work from home" situations to be able to safely access a private network via the Internet.
  3. Ease of setup and configuration. Usually all you need to set them up is a web browser. Some of these devices MAY require initial configuration via a PC, so check specs and docs before you buy. Generally, it's easier to set up a cable modem/DSL router than it is to get PPPoE running properly under Unix. Your experiences may, of course, vary.
    Note that cable and DSL providers generally don't support Unix or Linux. That means if your service is brand new, you will have to use a PC to initialize your account. You can find out more about that here.
  4. Multiple network ports. The "mini hub" device will allow you to connect as many computers to the Internet as the device has ports. This assumes the computers you want to connect have appropriate interfaces.
  5. Most of these devices support firmware upgrades to fix problems and add new protocols and functions.
  6. Readily available at office supply and computer/electronics stores. Popular brands are LinkSys, DLink and NetGear.

    Once a router is installed and configured, the fastest and easiest way to get the Solaris machine on the Internet is to configure the network interface for DHCP. Sun has you use the sys-unconfig command to do this. You can also configure a Solaris DHCP client by creating an empty /etc/hostname.(interface) and /etc/dhcp.(interface) and rebooting. The main problem created by configuring the system for DHCP is that you will receive the hostname "unknown" from a Linksys or equivalent device. This is because those devices don't use a network client table, and/or can't reply to the Solaris client's "dhcpinfo" request.

    You can work around this and set your hostname locally by editing a few files:

    1. For Solaris 2.6 and Solaris 7 Systems.
    
    Edit the file /etc/init.d/rootusr and change the line that reads
    
     hostname=`/sbin/dhcpinfo Hostname`
    
    to
    
    # hostname=`/sbin/dhcpinfo Hostname`
    hostname=`shcat /etc/nodename`
    uname -S $hostname
    
    Save the file and reboot the system. The system's hostname will be the 
    entry in the file /etc/nodename.
    
    2. For Solaris 8 and 9 systems.
    
    Edit the file /etc/init.d/network  and change the line that reads
    
    "dhcp") hostname=`/sbin/dhcpinfo Hostname` ;;
    
    to
    
    # "dhcp") hostname=`/sbin/dhcpinfo Hostname` ;;
    "dhcp") hostname=`shcat /etc/nodename` ;;
    
    Then, edit the file /etc/init.d/inetsvc and change the line that reads
    
     hostname=`/sbin/dhcpinfo Hostname`
    
    to
    
    # hostname=`/sbin/dhcpinfo Hostname`
    hostname=`/usr/bin/cat /etc/nodename`
    
    Save the files and reboot the system. The system's hostname will be the
    entry in the file /etc/nodename.
    
    3. For Solaris 10 systems.
    
    See http://forums.sun.com/thread.jspa?messageID=10932393#10932393
    

PPPoE client (minimum) [Top of page]

  1. Configure the /etc/ppp/peers/my-isp-file:
    sppptun
    plugin pppoe.so
    connect "/usr/lib/inet/pppoec hme0 internet"
    (where "hme0" matches the ethernet interface on the client and "internet" matches the server's configuration. More info in the PPPoE server section below)
  2. Plumb the interface:
    #sppptun plumb pppoed hme0
    #sppptun plumb pppoe hme0
  3. Establish the connection:
    #pppd call my-isp-file

Basic PPPoE client troubleshooting options: [Top of page]

  1. Add the following to the options file, where n would be: 0 = no debugging; 1 = general messages; 2 = received packets; 4 = transmitted packets (see the kdebug keyword in the pppd man page for more information)
    #kdebug n
  2. Add "debug" to the /etc/ppp/peer/my-isp-file (for the PPPoE server, add "debug" to the /etc/ppp/options file. Can also run debug from the command line, e.g.)

      # pppd debug updetach call my-isp-file
  3. Add the -v (verbose option) to the connect statement "/usr/lib/inet/pppoec -v hme0 internet"
  4. Add "updetach" to the /etc/ppp/peer/my-isp-file to output messages to the screen when pppd starts
  5. Make sure that the client can see the server: This will ouput the mac address, service and name of available servers.
     # /usr/lib/inet/pppoec -i hme0

SERVER CONFIGURATION

Dial in server [Top of page]

  1. If desired, logging can be setup on the server in the same manner as on the client. On the server, logging isn't as helpful for troubleshooting as it is on the client side. If logging is desired, only the ppp log (daemon.debug) will be of any use, however chat logging can be setup.
  2. Create a login account that uses the shell /usr/bin/pppd. The login account MUST use that shell as it will start the required services.
  3. Start up a login service on the desired serial port. A "modem - bidirectional" service configured via admintool will do.
  4. Configure /etc/ppp/options
    lock
    nodefaultroute
    noauth
    server_ip_or_hostname:client_ip_or_hostname  #see note below
    proxyarp
    debug
    
    NOTE: ip addresses can also be put into /etc/ppp/pap-(or chap-)secrets or /etc/ppp/options.. Here they appear in /etc/ppp/options to reduce the amount of configuration files needed, but be aware that options that appear in /etc/ppp/options affect ALL ppp operations.

The required ppp processes will be started when a user logs in with the /usr/bin/pppd shell.

To do a quick test of the ppp server, use any terminal program (tip, cu, Hyperterminal, Tera Term, etc.) to dial the server's phone number, login with the ppp user account name and password at the "login:" prompt and watch for ppp packets. The packets will show up on the screen as a flurry of bracket and brace characters. This demonstrates that the ppp mechanism is setup and operating properly on the server.

A note about proxyarp: To use proxyarp, all of the IP addresses must be on the same network. This includes the ethernet interface AND the sppp interface on the server as well as the IP address that the client will use.

PPPoE server [Top of page]

This sample PPPoE server configuration sets up the following scenario: hme0 interface; Sun clients only; internet service only; connect to server "roscoe" only; plumb interface at boot time. Both examples have been tested and work fine:

  1. Example #1. Set up the /etc/ppp/pppoe.hme0 file:
    server roscoe
    client 8:0:20:*.*.*
    service internet
    
    
    Example #2: Set up the /etc/ppp/pppoe file with the device option:
    server roscoe
    client 8:0:20:*.*.*
    device hme0
    service internet
    
  2. Set up the options file:
    lock
    nodefaultroute
    noauth
    (server ip ppp addr):(client ip ppp addr)
    
  3. Set up the /etc/ppp/pppoe.if file:
    sppptun plumb pppoed hme0 #used in the discovery stage
    sppptun plumb pppoec hme0 #used in the session stage
    
  4. Start the pppoed:
    # /usr/lib/inet/pppoed
    

Basic PPPoE server troubleshooting options: [Top of page]

  1. Add the following to the options file, where n would be: 0 = no debugging; 1 = general messages; 2 = received packets; 4 = transmitted packets (see the kdebug keyword in the pppd man page for more information)
    #kdebug n
  2. Add "debug" to the /etc/ppp/options file
  3. Check the /tmp/pppoed.pid file for dumped pppoed state information
  4. Check the plumbed interfaces:
    # sppptun query
  5. Check for server response: check for the server's name in the output.
    # /usr/lib/inet/pppoec -i hme0