Getting started
with Point-To-Point (PPP) Protocol 4.0 implementation provided with Oracle Solaris

Written by Martha Starkey, from information originally compiled by Ken "The Dr." Corum.

Last updated June, 2015.


This covers Solaris 8 and up, with differences as noted. Oracle Solaris 11 uses the pkg command to administer system packages.
Product Documentation from the vendor: Managing Serial Networks Using UUCP and PPP in Oracle® Solaris 11.2

Table of Contents

How to obtain PPP 4.0: [Top of page]

PPP 4.0 was introduced with the July, 2001 release (a.k.a. "update 5") of the Solaris 8 operating system. Solaris 8 releases prior to July, 2001 still contain the aspppd software. PPPoE (PPP over Ethernet) capability was added in the Solaris 8 October, 2001 release (a.k.a. "update 6").

The /etc/release file will state which version of the Solaris 8 release is installed. Don't waste your time attempting to load and configure the PPP 4.0 packages on a release of Solaris prior to 07/01. There is no kernel support for them in the earlier versions and and it won't work. You can compile and run the non-Oracle versions of pppd on any release of Solaris, but Oracle only supports their own PPP versions.

What are the PPP 4.0 Packages? [Top of page]

Prior to Solaris 11: On disk 2 of the Solaris install cds:

    SUNWpppd - S PPP device drivers
  • SUNWpppdu - Solaris PPP daemon and utilities
  • SUNWpppg - GNU utilities for PPP
  • SUNWpppdr - configuration files
  • SUNWpppgS - ANU source code
  • SUNWpppdt - PPPoE modules (starting with the Solaris 8 10/01 version as noted above; adding this package to a Solaris 8 07/01 won't do you any good, you MUST have the 10/01 release of Solaris 8 installed if you want to do PPPoE)

    Solaris 11.x: For the most recent packages, search for ppp at pkg.oracle.com.
    Here is a facsimile of the results of such a search done on 13-JUNE-2015, followed by the [package description from the accompanying manifest file]: 

    mail/fetchmail@6.3.22,5.11-0.175.2.0.0.42.1:20140623T015459Z 
["Fetchmail is a full-featured, robust, well-documented remote-mail
 retrieval and forwarding utility  intended to be used over on-demand
 TCP/IP links (such as SLIP or PPP connections). It supports every
 remote-mail protocol now in use on the Internet: POP2, POP3, RPOP,
 APOP, KPOP, all flavors of IMAP, ETRN, and ODMR. It can even support
 IPv6 and IPSEC."]

source/network/pppdump@0.5.11,5.11-0.175.2.0.0.42.2:20140624T184834Z 
["Optional GNU utilities for use with Solaris PPP 4.0.  The pppdump(1M)
 utility reads files produced  by the pppd(1M) record option and produces
 human-readable output.  The minconn.so plugin sets a minimum  initial
 connect time when the idle option is used.  The passprompt.so plugin
 allows PAP to be used with external prompting programs."}

system/network/ppp@0.5.11,5.11-0.175.2.0.0.42.2:20140624T190104Z
["An implementation of the Point-to-Point Protocol (PPP) (RFCs 1332, 1334,
 1661, and 1662) which provides  for communication between two endpoint systems.
 Both asynchronous and synchronous PPP links are supported."]

system/network/ppp/pppdump@0.5.11,5.11-0.175.2.0.0.42.2:20140624T190101Z 
["Optional GNU utilities for use with Solaris PPP 4.0.  The pppdump(1M)
 utility reads files produced by the  pppd(1M) record option and produces
 human-readable output.  The minconn.so plugin sets a minimum initial connect
 time when the idle option is used.  The passprompt.so plugin allows PAP to
 be used with external prompting programs."]

system/network/ppp/tunnel@0.5.11,5.11-0.175.2.0.0.42.2:20140624T190103Z
["Extensions implementing PPP tunneling protocols including PPPoE
 (PPP over Ethernet)"]

Can PPP 4.0 be installed on the same machine along with older versions of Oracle PPP? [Top of page]

Under most circumstances, only one type of any PPP software is all that is needed. If more than one version/type of Oracle's PPP software is needed, use the guidelines below:

  • PPP 4.0 (/usr/bin/pppd) and Solstice PPP 3.0.1 (/usr/sbin/pppd) can reside on the same machine, but cannot be run simultaneously.
  • aspppd and PPP 4.0 can reside on the same machine, but cannot be run simultaneously.
  • aspppd and Solstice PPP 3.0.1 should not be loaded on the same machine, since they both contain a package called SUNWpppk which causes conflicts and errors upon use. Oracle Support recommends the complete removal of the aspppd software prior to the installation of the Solstice PPP software and vice versa.

Are there any PPP 4.0 specific patches? [Top of page]

Prior to Solaris 11: PPP 4.0 specific patches must be obtained from the vendor and will most likely require a support contract

For info on patch availability,see Oracle's Support page or the support.oracle.com website

Solaris 11x: Use the pkg command to install or update the pkgs listed above.

How to setup PPP logging: [Top of page]

Unlike aspppd and Solstice PPP 3.0.1, which have their own logging facilities, PPP 4.0 utilizes the syslog daemon via the LOG_DAEMON facility.

To generate logging to a file:

  1. Create /var/log/ppp (ppp logging) and /var/log/local2 (chat script logging), if they don't already exist.
  2. Add the following lines to /etc/syslog.conf (no spaces in this file, only tabs): 
    daemon.debug                                    /var/log/ppp
local2.debug                                    /var/log/local2
  3. Restart syslogd.

CLIENT CONFIGURATION

Dial up Client [Top of page]

Here's a recipe for connecting to a regional ISP that does no chat sequence and requires PAP. The options and options.ttya files are not used (all entries there are commented): 

# more /etc/ppp/netway-chat
""      AT&F1   #initialize the modem. AT&F can also be used. consult modem documentation.
ABORT   BUSY
ABORT   'NO CARRIER'
REPORT  CONNECT
TIMEOUT 10
""      "AT"
SAY     "Calling Netway.com\n"
TIMEOUT 60
OK      "ATDT5555551212"
CONNECT \r     #if \r, which sends a carriage return, confuses the peer, use \c
#ogin: "pppusername"      #if peer uses a traditional type of login/password, put keywords here
#word: "pppuserpassword"  #and comment out pap-secrets file unless it is also required by peer

# more /etc/ppp/peers/netway
user pppuser
connect "/usr/bin/chat -v -f /etc/ppp/netway-chat"
noipdefault
defaultroute
updetach #can be removed after successful debugging of connection along with "debug"
lock
modem
crtscts
ttya  #the dialout device cua/a can also be used if the ttya device is problematic. see the man pages for se and zs.
debug #can be removed after successful debugging of connection along with "updetach"
38400
noccp
#
#for increased speed, remove "updetach" and "debug"

more /etc/ppp/pap-secrets
pppusername         *        "password"           *
(note: "pppusername" and "password" used for example. Use the appropriate username and password.)


# more /etc/resolv.conf
domain          netway.com
nameserver      216.xxx.xxx.254
nameserver      216.xxx.xxx.253
(note: "x" characters used for example. Use real DNS server IP addresses appropriate to the
domain or ISP)

# more /etc/nsswitch.conf
(purposely truncated)
hosts:      files dns

To connect: pppd call netway.com

To disconnect: pkill pppd

If PAP and/or CHAP are not needed:
The pap-secrets or chap-secrets file is not used and the "ogin:" and "ssword:" keywords and values would be placed in the chat script (the netway-chat file in the previous example).

Populating /etc/resolv.conf with the usepeerdns option:
If the ISP/peer does dynamic ip addressing and provides DNS information during the ppp negotiation, add a keyword and a required softlinked file to capture that information. This is handy when the specific DNS server IP addresses that the /etc/resolv.conf file utilizes are not known: 

# rm -f /etc/resolv.conf
# ln -s /etc/ppp/resolv.conf /etc/resolv.conf
# ls -la res*
lrwxrwxrwx   1 root     other         20 Aug 13 06:10 resolv.conf -> /etc/ppp/resolv.conf

Note: To preserve /etc/resolv.conf, do "mv /etc/resolv.conf /etc/resolv.conf.old" instead of "rm -f". The /etc/ppp/resolv.conf file has to already exist prior to the ln command, but /etc/resolv.conf does not.

Cable modem/DSL router alternative to running PPPoE on Unix [Top of page]

If you are reading this because you want to connect your Solaris system to the Internet via Verizon DSL and other high speed providers, you should consider the following.

For well under $100 (usually), you can purchase a "cable modem/DSL router" to very effectively and efficiently do the PPPoE for you. This approach has many advantages:

  1. Inexpensive (for what it does)
  2. Basic (or advanced, depending on the make/model) firewall and VPN capabilities. Threats like viruses and worms are definitely something to worry about when connecting systems to the Internet. VPN capabilities are required for most corporate "work from home" situations to be able to safely access a private network via the Internet.
  3. Ease of setup and configuration. Usually all you need to set them up is a web browser. Some of these devices MAY require initial configuration via a PC, so check specs and docs before you buy. Generally, it's easier to set up a cable modem/DSL router than it is to get PPPoE running properly under Unix. Your experiences may, of course, vary.
    Note that cable and DSL providers generally don't support Unix or Linux. That means if your service is brand new, you will have to use a PC to initialize your account. You can find out more about that here.
  4. Multiple network ports. The "mini hub" device will allow you to connect as many computers to the Internet as the device has ports. This assumes the computers you want to connect have appropriate interfaces.
  5. Most of these devices support firmware upgrades to fix problems and add new protocols and functions.
  6. Readily available at office supply and computer/electronics stores. Popular brands are LinkSys, DLink and NetGear.

    Once a router is installed and configured, the fastest and easiest way to get the Solaris machine on the Internet is to configure the network interface for DHCP. Oracle has you use the sys-unconfig command to do this. (In Solaris 11, the sys-unconfig command has been replaced by the sysconfig command.) You can also configure a Solaris DHCP client by creating an empty /etc/hostname.(interface) and /etc/dhcp.(interface) and rebooting. The main problem created by configuring the system for DHCP is that you will receive the hostname "unknown" from a Linksys or equivalent device. This is because those devices don't use a network client table, and/or can't reply to the Solaris client's "dhcpinfo" request.

    You can work around this and set your hostname locally by editing a few files: 

    1. For Solaris 2.6 and Solaris 7 Systems.

Edit the file /etc/init.d/rootusr and change the line that reads

 hostname=`/sbin/dhcpinfo Hostname`

to

# hostname=`/sbin/dhcpinfo Hostname`
hostname=`shcat /etc/nodename`
uname -S $hostname

Save the file and reboot the system. The system's hostname will be the 
entry in the file /etc/nodename.

2. For Solaris 8 and 9 systems.

Edit the file /etc/init.d/network  and change the line that reads

"dhcp") hostname=`/sbin/dhcpinfo Hostname` ;;

to

# "dhcp") hostname=`/sbin/dhcpinfo Hostname` ;;
"dhcp") hostname=`shcat /etc/nodename` ;;

Then, edit the file /etc/init.d/inetsvc and change the line that reads

 hostname=`/sbin/dhcpinfo Hostname`

to

# hostname=`/sbin/dhcpinfo Hostname`
hostname=`/usr/bin/cat /etc/nodename`

Save the files and reboot the system. The system's hostname will be the
entry in the file /etc/nodename.

3. For Solaris 10 systems.

See: No hostname when using DHCP in Sun Solaris 8/9/10
" .. . . For Solaris 10, . .. . .  the hostname in /etc/nodename overrides the hostname provided by the DHCP Server . . ."

PPPoE client (minimum) [Top of page]

  1. Configure the /etc/ppp/peers/my-isp-file: 
    sppptun
plugin pppoe.so
connect "/usr/lib/inet/pppoec hme0 internet"
    (where "hme0" matches the ethernet interface on the client and "internet" matches the server's configuration. More info in the PPPoE server section below)
  2. Plumb the interface: 
    #sppptun plumb pppoed hme0
#sppptun plumb pppoe hme0
  3. Establish the connection: 
    #pppd call my-isp-file

Basic PPPoE client troubleshooting options: [Top of page]

  1. Add the following to the options file, where n would be: 0 = no debugging; 1 = general messages; 2 = received packets; 4 = transmitted packets (see the kdebug keyword in the pppd man page for more information) 
    #kdebug n
  2. Add "debug" to the /etc/ppp/peer/my-isp-file (for the PPPoE server, add "debug" to the /etc/ppp/options file. Can also run debug from the command line, e.g.) 

      # pppd debug updetach call my-isp-file
  3. Add the -v (verbose option) to the connect statement "/usr/lib/inet/pppoec -v hme0 internet"
  4. Add "updetach" to the /etc/ppp/peer/my-isp-file to output messages to the screen when pppd starts
  5. Make sure that the client can see the server: This will ouput the mac address, service and name of available servers. 
     # /usr/lib/inet/pppoec -i hme0

SERVER CONFIGURATION

Dial in server [Top of page]

  1. If desired, logging can be setup on the server in the same manner as on the client. On the server, logging isn't as helpful for troubleshooting as it is on the client side. If logging is desired, only the ppp log (daemon.debug) will be of any use, however chat logging can be setup.
  2. Create a login account that uses the shell /usr/bin/pppd. The login account MUST use that shell as it will start the required services.
  3. Start up a login service on the desired serial port. A "modem - bidirectional" service configured via admintool will do.
  4. Configure /etc/ppp/options 
    lock
nodefaultroute
noauth
server_ip_or_hostname:client_ip_or_hostname  #see note below
proxyarp
debug
    NOTE: ip addresses can also be put into /etc/ppp/pap-(or chap-)secrets or /etc/ppp/options.. Here they appear in /etc/ppp/options to reduce the amount of configuration files needed, but be aware that options that appear in /etc/ppp/options affect ALL ppp operations.

The required ppp processes will be started when a user logs in with the /usr/bin/pppd shell.

To do a quick test of the ppp server, use any terminal program (tip, cu, Hyperterminal, Tera Term, etc.) to dial the server's phone number, login with the ppp user account name and password at the "login:" prompt and watch for ppp packets. The packets will show up on the screen as a flurry of bracket and brace characters. This demonstrates that the ppp mechanism is setup and operating properly on the server.

A note about proxyarp: To use proxyarp, all of the IP addresses must be on the same network. This includes the ethernet interface AND the sppp interface on the server as well as the IP address that the client will use.

PPPoE server [Top of page]

This sample PPPoE server configuration sets up the following scenario: hme0 interface; Oracle clients only; internet service only; connect to server "roscoe" only; plumb interface at boot time. Both examples have been tested and work fine:

  1. Example #1. Set up the /etc/ppp/pppoe.hme0 file: 
    server roscoe
client 8:0:20:*.*.*
service internet
    Example #2: Set up the /etc/ppp/pppoe file with the device option: 
    server roscoe
client 8:0:20:*.*.*
device hme0
service internet
  2. Set up the options file: 
    lock
nodefaultroute
noauth
(server ip ppp addr):(client ip ppp addr)
  3. Set up the /etc/ppp/pppoe.if file: 
    sppptun plumb pppoed hme0 #used in the discovery stage
sppptun plumb pppoec hme0 #used in the session stage
  4. Start the pppoed: 
    # /usr/lib/inet/pppoed

Basic PPPoE server troubleshooting options: [Top of page]

  1. Add the following to the options file, where n would be: 0 = no debugging; 1 = general messages; 2 = received packets; 4 = transmitted packets (see the kdebug keyword in the pppd man page for more information) 
    #kdebug n
  2. Add "debug" to the /etc/ppp/options file
  3. Check the /tmp/pppoed.pid file for dumped pppoed state information
  4. Check the plumbed interfaces: 
    # sppptun query
  5. Check for server response: check for the server's name in the output. 
    # /usr/lib/inet/pppoec -i hme0