Ubuntu + pppoe client?

N

Netker2015-09-08 14:44:54

ubuntu

Netker, 2015-09-08 14:44:54

Good afternoon, tell me what could be the problem?
Ubuntu server 15.04, made a pppoe connection to the provider. It connects to the provider, the ip address is assigned to the connection. The ppp0 connection becomes the default route for the system.
And the external network does not respond. I've looked all over the internet and can't find a solution.

[email protected]:~# ifconfig
lo        Link encap:Локальная петля (Loopback)
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:402 errors:0 dropped:0 overruns:0 frame:0
          TX packets:402 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:38237 (38.2 KB)  TX bytes:38237 (38.2 KB)

p4p1      Link encap:Ethernet  HWaddr f4:6d:04:9e:39:a0
          inet addr:192.168.0.148  Bcast:192.168.1.255  Mask:255.255.254.0
          inet6 addr: fe80::f66d:4ff:fe9e:39a0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:46934 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20919 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5452034 (5.4 MB)  TX bytes:13925854 (13.9 MB)
          Interrupt:16 Память:df400000-df420000

p5p1      Link encap:Ethernet  HWaddr f4:6d:04:9e:39:a1
          inet6 addr: fe80::f66d:4ff:fe9e:39a1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:28630 errors:0 dropped:307 overruns:0 frame:0
          TX packets:1286 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3297861 (3.2 MB)  TX bytes:119220 (119.2 KB)
          Interrupt:17 Память:df300000-df320000

ppp0      Link encap:Протокол PPP (Point-to-Point Protocol)
          inet addr:10.11.36.60  P-t-P:10.10.1.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:172 (172.0 B)  TX bytes:54 (54.0 B)

[email protected]:~# route
Таблица маршутизации ядра протокола IP
Destination Gateway Genmask Flags Metric Ref Use Iface
default         *               0.0.0.0         U     0      0        0 ppp0
10.10.1.1       *               255.255.255.255 UH    0      0        0 ppp0
192.168.0.0     *               255.255.254.0   U     0      0        0 p4p1

/etc/network/interface

source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto p4p1
iface p4p1 inet dhcp
auto dsl-provider
iface dsl-provider inet ppp
pre-up /bin/ip link set p5p1 up # line maintained by pppoeconf
provider dsl-provider
auto p5p1
iface p5p1 inet manual
post-up /etc/nat

file /etc/nat

#!/bin/sh
# Включаем форвардинг пакетов
echo 1 > /proc/sys/net/ipv4/ip_forward
# Разрешаем трафик на loopback-интерфейсе
iptables -A INPUT -i lo -j ACCEPT
# Разрешаем доступ из внутренней сети наружу
iptables -A FORWARD -i p4p1 -o ppp0 -j ACCEPT
# Включаем NAT
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
# Разрешаем ответы из внешней сети
iptables -A FORWARD -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Запрещаем доступ снаружи во внутреннюю сеть
iptables -A FORWARD -i ppp0 -o p4p1 -j REJECT

[email protected]:~# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

sim3x, 2015-09-08
@sim3x

№!/bin/shexactly works?
change # to #

N

Netker, 2015-09-11
@Netker

And so it stands #, it was when I wrote here that I typed it up.
As I understand it, I have a problem with the routes, but I don’t know how to do it right.
ppp0 connection log

Sep  9 12:57:04 Gateway pppd[1529]: Plugin rp-pppoe.so loaded.
Sep  9 12:57:04 Gateway pppd[1530]: pppd 2.4.6 started by gate, uid 0
Sep  9 12:57:04 Gateway pppd[1530]: PPP session is 28844
Sep  9 12:57:04 Gateway pppd[1530]: Connected to 2c:53:4a:00:02:5b via interface p5p1
Sep  9 12:57:04 Gateway pppd[1530]: Using interface ppp0
Sep  9 12:57:04 Gateway pppd[1530]: Connect: ppp0 <--> p5p1
Sep  9 12:57:04 Gateway pppd[1530]: CHAP authentication succeeded: Welcome.
Sep  9 12:57:04 Gateway pppd[1530]: CHAP authentication succeeded
Sep  9 12:57:04 Gateway pppd[1530]: peer from calling number 2C:53:4A:00:02:5B authorized
Sep  9 12:57:04 Gateway systemd[1]: Started ifup for ppp0.
Sep  9 12:57:04 Gateway systemd[1]: Starting ifup for ppp0...
Sep  9 12:57:04 Gateway pppd[1530]: local  IP address 10.11.36.60
Sep  9 12:57:04 Gateway pppd[1530]: remote IP address 10.10.1.1
Sep  9 12:57:04 Gateway pppd[1530]: primary   DNS address 91.205.208.1
Sep  9 12:57:04 Gateway pppd[1530]: secondary DNS address 77.88.8.1
Sep  9 12:57:04 Gateway sh[1534]: Unknown interface ppp0
Sep  9 12:57:04 Gateway named[857]: received control channel command 'reconfig'
Sep  9 12:57:04 Gateway named[857]: loading configuration from '/etc/bind/named.conf'
Sep  9 12:57:04 Gateway named[857]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Sep  9 12:57:04 Gateway named[857]: using default UDP/IPv4 port range: [1024, 65535]
Sep  9 12:57:04 Gateway named[857]: using default UDP/IPv6 port range: [1024, 65535]
Sep  9 12:57:04 Gateway named[857]: listening on IPv4 interface ppp0, 10.11.36.60#53
Sep  9 12:57:04 Gateway named[857]: sizing zone task pool based on 5 zones
Sep  9 12:57:04 Gateway named[857]: using built-in root key for view _default

[email protected]:~# netstat -rn
Таблица маршутизации ядра протокола IP
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 ppp0
10.10.1.1       0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
192.168.0.0     0.0.0.0         255.255.254.0   U         0 0          0 p4p1

[email protected]:~# iptables-save
# Generated by iptables-save v1.4.21 on Wed Sep  9 08:02:54 2015
*mangle
:PREROUTING ACCEPT [2065:192365]
:INPUT ACCEPT [1628:146294]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1306:176020]
:POSTROUTING ACCEPT [1306:176020]
-A FORWARD -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:65495 -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Wed Sep  9 08:02:54 2015
# Generated by iptables-save v1.4.21 on Wed Sep  9 08:02:54 2015
*nat
:PREROUTING ACCEPT [796:86732]
:INPUT ACCEPT [348:38770]
:OUTPUT ACCEPT [783:56699]
:POSTROUTING ACCEPT [55:3791]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Wed Sep  9 08:02:54 2015
# Generated by iptables-save v1.4.21 on Wed Sep  9 08:02:54 2015
*filter
:INPUT ACCEPT [1440:135291]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1362:182124]
-A INPUT -i lo -j ACCEPT
-A FORWARD -i p4p1 -o ppp0 -j ACCEPT
-A FORWARD -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ppp0 -o p4p1 -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Wed Sep  9 08:02:54 2015

L

LAV45, 2015-11-09
@LAV45

you have some terrible file /etc/nat
in my iptables only this and everything works fine

iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmt
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE

PS provider dsl-provider is better to replace with post-up pon dsl-provider then when you restart it will not be so stupid.