The new place I moved appeared to not have a digital cable available, so I had to switch to xDSL as a "broadband" transport.
There were some issues with getting the right software for Solaris,
since this is what I have as a mix of firewall, router, web server
and so on. Then there is connection problems, mostly impacting
IP filter and the fact, that I have an external
DNS server that needed to be updated when an IP address changes.
Not all xDSL providers authenticate you by the modem's serial number and then let the pure ip to flow, assigning you either static or DHCP dynamic IP address. Some of them, including one I picked, do not. Instead, they require the PPP authentication, using PPP over Ethernet tunneling, described in RFC 2516.
There are two software lines to go, to make DSL work, one is using the Solaris PPP/PPPoE packages, the other is using the GNU software. Below, you'll find the description of how to use it with the GNU sfuff, though I myself recommend to go with the Solaris packages. For how to install Solaris packages, refer to http://www.techgirl-net.com/pppoe.html page. You still might want to read the sections about IPF on this page though.
So, to let the ball rolling, you'll need the following pieces:
pppdshould come first, and
rp-pppoeshould be able to see where it was installed to.
Now, you'll need to know the username and password to connect
to the database. Usually what happens, is that they are assigned to you
when you sign up, or you may get an installation CD, and the software
will guide you through the process of getting one. Of course, for that,
the modem should be plugged into a system the provider supports officially.
Then, edit the
rp-pppoe configuration file, usually located
/etc/ppp/pppoe.conf, provide the interface name, for
Solaris it mostly either hme0 for 100Mbps cards, le0 for
10 Mbps cards or qfeX for quadriple ethernet cards. Put your user
Now, create file
/etc/ppp/pap-secrets. It should say:
# cat /etc/ppp/pap-secrets # Secrets for authentication using PAP # client server secret IP addresses firstname.lastname@example.org * "mypassword"Just in case, link or copy this file to
chap-secretsin case your provider uses CHAP over PAP authentication style. The client id in secrets should match whichever was specified as your name in
You're ready to try your new xDSL connection.
<bin_dir>/adsl-start to connect.
If there're any problems, try reading the FAQ that comes with
Now, it is wise to have an IP blocking software installed like
ip firewall, or ip filter. The best match for Solaris would be
Each time your IP address changes, you'll need to restart the ipf,
or at least reconfigure the tables, since they are bound to the
ip address on the system and at least the external
interface. Note, that in case when
PPPoE is used,
your external interface would be pppX instead of local
physical interface. Here is the
patch to the ipfboot script, provided along with the
ipf 3.4.23. When using this script, copy the
ipnat.conf files to
ipnat.conf.orig respectively, and replace local interface
$EXTIF define, and the external ip
$LOCALIP define. Then, each time
ipf is started, the correct values will be entered into the config
There has been a 2 second sleep inserted into the ipfboot script, just before the module is unloaded. The reason is that sometimes, the daemon doesn't have enough time to finish itself before script goes and tries to delete the module, so kernel doesn't remove the module with the resource is busy exception.
Also, there should be a way to automatically restart ipf when
ip address changes.
rp-pppoe will keep trying
to reestablish the link when it has been dropped, so all there
is needed to be done, is to detect when address is changed, and
restart the ipf. The only troubles with that is that your system
will not be protected by ipf at the time between address changes
and ipf restarts. Here is the
link to the
checkdsl script, that is supposed to be ran
from cron each minute or two. That would reasonable, I guess.
adsl-stop scripts should
be in the PATH for
checkdsl. Also, there is a call to
updatedhs that you can delete, if you don't have a hostname in
the DHS domain.
The reason the interface is beeing searched for, is that sometimes
pppd selects the
ppp1 rather than
name for the interface, probably because some resources don't get
Since I have domain name in the DHS group, the hostname to ip mapping should get resolved when address changes. I just used one of those programs DHS offers to use to do that automatically.
A very good idea is to move your DSL modem as far away from your computer(s) as possible. I had connection fail every few hours when the modem was near my boxes, every day or so when I moved about 6 feet from my boxes, and once may be 6 months, after I moved it away about 15 feet. So it does matter very much (at least with those SpeedStream modems).This page was accessed times.
(C) Pawel S. Veselov, 2002.