Setting up a PPPoE Server with Roaring Penguin PPPoE Server
If you're looking to configure a PPPoE server, you are probably already aware of how to configure a PPPoE client. If configuring your device to work with your ISP's PPPoE server is what you're looking for, you'll want to visit the PPPoE setup guide instead.
Using your device as a PPPoE server may be useful in various scenarios, such as supporting ISP VoIP devices which mandate a PPPoE server for internet access as opposed to an IPoE LAN, or for testing PPPoE clients locally without relying on an ISP or other third party service.
Roaring Penguine PPPoE Server (package rp-pppoe-server) is a supported PPPoE server for OpenWrt, with a support package allowing web based configuration in LuCI (package luci-app-rp-pppoe-server) and is what we will be using in this guide.
Prerequisite Installation
To set up your PPPoE server, install the luci-app-rp-pppoe-server and rp-pppoe-server packages, either through the Software menu on LuCI, or using the following commands over SSH:
# Update your package index opkg update # Install the packages opkg install luci-app-rp-pppoe-server rp-pppoe-server
Usually, installing luci-app-rp-pppoe-server will automatically install rp-pppoe-server, but do confirm that rp-pppoe-server is installed before proceeding.
Enabling RP PPPoE Server Configuration Menu
Unfortunately, at the time of writing, the menu item for RP PPPoE Server does not immediately appear after installation as the configuration section for it is commented out. Usually, it should appear in the Services menu on LuCI:
If this menu item is already present, you may skip this section, otherwise you'll need to SSH into your device and modify the /etc/config/pppoe
file. If you are not comfortable using an SSH terminal, you may want to use an SCP client to browse and edit files graphically, an example of which being WinSCP.
The default contents of this file is as follows:
#config pppoe_server # option interface eth1 # option ac_name access-concentrator-name # list service_name service-name1 # list service_name service-name2 # option maxsessionsperpeer 0 # option localip 192.168.2.1 # option firstremoteip 192.168.2.2 # option maxsessions 64 # option optionsfile /etc/ppp/pppoe-server-options # option randomsessions 1 # option unit 0 # option offset 0 # option timeout 60 # option mss 1468 # option sync 0 #config pppoe_relay # list server_interface eth1 # list client_interface eth0 # list both_interface eth2 # option maxsessions 64 # option timeout 60
You'll need to remove all the comment hashtags from each line of the first section only, leaving the config file looking like so:
config pppoe_server option interface eth1 option ac_name access-concentrator-name list service_name service-name1 list service_name service-name2 option maxsessionsperpeer 0 option localip 192.168.2.1 option firstremoteip 192.168.2.2 option maxsessions 64 option optionsfile /etc/ppp/pppoe-server-options option randomsessions 1 option unit 0 option offset 0 option timeout 60 option mss 1468 option sync 0 #config pppoe_relay # list server_interface eth1 # list client_interface eth0 # list both_interface eth2 # option maxsessions 64 # option timeout 60
The best thing to do now is to reboot your device, after which the menu item will appear.
Initial Configuration
The initial configuration of the PPPoE server is quite straightforward, but does require you to continually be aware that PPPoE is not the same as IP.
Without going into too much detail, PPPoE directly sends Ethernet frames between devices using MAC addresses instead of IP addresses in order to establish a PPP tunnel. This PPP tunnel also runs over Ethernet frames, and IP runs on top of this established PPP tunnel. The main point here is that establishing IPs is handled by PPP, and not the DHCP server on your IPoE LAN. The significance of this will be explained later, when we choose where PPPoE traffic will be directed and what IP addresses will be handed out.
We will go through each option one by one for the initial configuration of RP PPPoE Server.
Interface
--picture of default interface selection
The Interface option allows you to select what logical Interface will be used for the server. Because of the way OpenWrt manages interfaces, it is necessary to select a logical interface which has been configured in the Network → Interfaces section of OpenWrt. This is because an interface will not be active until it is configured to be by OpenWrt.
You should choose which port (or ports) on your physical device you would like the PPPoE server to run on. If you would like all of the ports that your IPoE LAN is on to also be used as a PPPoE LAN, choosing the LAN
interface should be acceptable. You may however want to use one specific port on your device as a dedicated PPPoE port, in which case you should remove this port from any other bridges or logical interfaces, and create an Unmanaged interface without a firewall zone, as demonstrated below:
--picture of creating and created unmanaged interface
You are restricted to only selecting logical OpenWrt interfaces for use by the PPPoE server because the port(s) the server runs on must of course be enabled, which is handled by OpenWrt for you using these logical interfaces.
Access Concentrator Name
--picture of acn input
The Access Concentrator Name is essentially the name of your PPPoE server. This allows you to run more than one PPPoE server on one LAN, and allow you to specify on the PPPoE client which one to connect to (citation needed). For the purposes of a single server, this option is not necessary as it should be autodetected by the PPPoE client, so the default name of access-concentrator-name
is perfectly acceptable.
Service Name
--picture of sn input
Explanation needed
Maximum Sessions Per Peer
-- picture of mspp input
Maximum Sessions Per Peer specifies how many connections a single PPPoE user can have active at any one time. The default is 0
, which means unlimited, and will allow you to simultaneously use as many PPPoE clients as you want with the same login credentials. It may be desirable to set this to 1 to only allow a single connection per user.
IP of Listening Side
-- picture of iols
PPP stands for Peer to Peer (P2P) Protocol, which means two peers are talking directly to each other. This IP address is the address the server will use in this P2P connection. This will be used as the default gateway of the IP connection running atop the PPP session (citation needed). You should configure this to be a different subnet to your IPoE LAN on which your DHCP server is running, which is further explained in the First Remote IP section.
First Remote IP
-- picture of fri
This is the first IP address that will be handed out to PPPoE clients when they connect. When establishing a PPP connection, the PPP daemon handles issuing of IP addresses to clients on the PPPoE LAN, and the DHCP server on the IPoE LAN is not used. It is also important to note that PPP does not interact with the DHCP server to verify if it has already assigned an IP address to a client, and for this reason it is recommended to place PPPoE clients on a different subnet to the one DHCP is running, to prevent both PPP and DHCP issuing the same address to two different clients resulting in an IP conflict.