linuxマシンのルータ化 その2 pppoeでの接続
前回でLinuxマシンにUSB経由でNICの増設を行いました。今回は、実際にPPPOE経由でインターネットに接続できることを確認します。
Step1 rp-pppoeのインストール
rp-pppoeパッケージにて、PPPOEの接続を行います。そのため、rp-pppoeのインストールを行います。
# yum install rp-pppoe
無事にインストールされました。
[root@new-host ~]# yum list |grep pppoe rp-pppoe.i686 3.10-8.el6 @base
Step2 rp-pppoeの設定
CentOSの5系ならばpppoe-setupコマンドで対話的に設定を行うようですが、CentOSの6系ではファイルの編集で設定します。まず設定ファイルをコピーします。
# cp /usr/share/doc/rp-pppoe-3.10/configs/pppoe.conf /etc/ppp/
UNIと接続するNICがeth3で、PPPOEの接続に用いるユーザIDはhoge@plala.or.jpです。
それらを設定ファイルである/etc/ppp/pppoe.confのETHとUSERの行に追加します。それ以外は帰る必要はないようです。
#*********************************************************************** # # pppoe.conf # # Configuration file for rp-pppoe. Edit as appropriate and install in # /etc/ppp/pppoe.conf # # NOTE: This file is used by the pppoe-start, pppoe-stop, pppoe-connect and # pppoe-status shell scripts. It is *not* used in any way by the # "pppoe" executable. # # Copyright (C) 2000 Roaring Penguin Software Inc. # # This file may be distributed under the terms of the GNU General # Public License. # # LIC: GPL # $Id$ #*********************************************************************** # When you configure a variable, DO NOT leave spaces around the "=" sign. # Ethernet card connected to DSL modem ETH=eth3 # PPPoE user name. You may have to supply "@provider.com" Sympatico # users in Canada do need to include "@sympatico.ca" # Sympatico uses PAP authentication. Make sure /etc/ppp/pap-secrets # contains the right username/password combination. # For Magma, use xxyyzz@magma.ca USER=hoge@plala.or.jp # Bring link up on demand? Default is to leave link up all the time. # If you want the link to come up on demand, set DEMAND to a number indicating # the idle time after which the link is brought down. DEMAND=no #DEMAND=300 # DNS type: SERVER=obtain from server; SPECIFY=use DNS1 and DNS2; # NOCHANGE=do not adjust. DNSTYPE=server # Obtain DNS server addresses from the peer (recent versions of pppd only) # In old config files, this used to be called USEPEERDNS. Changed to # PEERDNS for better Red Hat compatibility PEERDNS=yes DNS1= DNS2= # Make the PPPoE connection your default route. Set to # DEFAULTROUTE=no if you don't want this. DEFAULTROUTE=yes ### ONLY TOUCH THE FOLLOWING SETTINGS IF YOU'RE AN EXPERT # How long pppoe-start waits for a new PPP interface to appear before # concluding something went wrong. If you use 0, then pppoe-start # exits immediately with a successful status and does not wait for the # link to come up. Time is in seconds. # # WARNING WARNING WARNING: # # If you are using rp-pppoe on a physically-inaccessible host, set # CONNECT_TIMEOUT to 0. This makes SURE that the machine keeps trying # to connect forever after pppoe-start is called. Otherwise, it will # give out after CONNECT_TIMEOUT seconds and will not attempt to # connect again, making it impossible to reach. CONNECT_TIMEOUT=30 # How often in seconds pppoe-start polls to check if link is up CONNECT_POLL=2 # Specific desired AC Name ACNAME= # Specific desired service name SERVICENAME= # Character to echo at each poll. Use PING="" if you don't want # anything echoed PING="." # File where the pppoe-connect script writes its process-ID. # Three files are actually used: # $PIDFILE contains PID of pppoe-connect script # $PIDFILE.pppoe contains PID of pppoe process # $PIDFILE.pppd contains PID of pppd process CF_BASE=`basename $CONFIG` PIDFILE="/var/run/$CF_BASE-pppoe.pid" # Do you want to use synchronous PPP? "yes" or "no". "yes" is much # easier on CPU usage, but may not work for you. It is safer to use # "no", but you may want to experiment with "yes". "yes" is generally # safe on Linux machines with the n_hdlc line discipline; unsafe on others. SYNCHRONOUS=no # Do you want to clamp the MSS? Here's how to decide: # - If you have only a SINGLE computer connected to the DSL modem, choose # "no". # - If you have a computer acting as a gateway for a LAN, choose "1412". # The setting of 1412 is safe for either setup, but uses slightly more # CPU power. CLAMPMSS=1412 #CLAMPMSS=no # LCP echo interval and failure count. LCP_INTERVAL=20 LCP_FAILURE=3 # PPPOE_TIMEOUT should be about 4*LCP_INTERVAL PPPOE_TIMEOUT=80 # Firewalling: One of NONE, STANDALONE or MASQUERADE FIREWALL=NONE # Linux kernel-mode plugin for pppd. If you want to try the kernel-mode # plugin, use LINUX_PLUGIN=/etc/ppp/plugins/rp-pppoe.so LINUX_PLUGIN= # Any extra arguments to pass to pppoe. Normally, use a blank string # like this: PPPOE_EXTRA="" # Rumour has it that "Citizen's Communications" with a 3Com # HomeConnect DSL Modem DualLink requires these extra options: # PPPOE_EXTRA="-f 3c12:3c13 -S ISP" # Any extra arguments to pass to pppd. Normally, use a blank string # like this: PPPD_EXTRA="" ########## DON'T CHANGE BELOW UNLESS YOU KNOW WHAT YOU ARE DOING # If you wish to COMPLETELY overrride the pppd invocation: # Example: # OVERRIDE_PPPD_COMMAND="pppd call dsl" # If you want pppoe-connect to exit when connection drops: # RETRY_ON_FAILURE=no
/etc/ppp/chap-secretsにユーザIDとパスワード(ここではhogehoge)を以下のように記載します。
# Secrets for authentication using CHAP # client server secret IP addresses #"root" * "tuey2wzh7vkfr" "hoge@plala.or.jp" * "hogehoge"
/etc/resolv.confにISPから指定されたDNSサーバを書き込んだ状態で、以下のコマンドを実行します。
#pppoe-start
Step3 PPPOE接続完了
ifconfigコマンドでppp0というインタフェースが表示され無事にpppoeの接続完了です。
ppp0 Link encap:Point-to-Point Protocol inet addr:XXX.XXX.XXX.XXX P-t-P:XXX.XXX.XXX.XXX Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1454 Metric:1 RX packets:3 errors:0 dropped:0 overruns:0 frame:0 TX packets:3 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:54 (54.0 b) TX bytes:54 (54.0 b)
/var/log/messagesには以下のように出力されます。
Apr 1 23:42:35 new-host pppd[3363]: pppd 2.4.5 started by root, uid 0 Apr 1 23:42:35 new-host pppd[3363]: Using interface ppp0 Apr 1 23:42:35 new-host pppd[3363]: Connect: ppp0 <--> /dev/pts/1 Apr 1 23:42:35 new-host pppoe[3364]: PPP session is 6646 (0x19f6) Apr 1 23:42:37 new-host pppd[3363]: CHAP authentication succeeded Apr 1 23:42:37 new-host pppd[3363]: CHAP authentication succeeded Apr 1 23:42:37 new-host pppd[3363]: local IP address XXX.XXX.XXX.XXX Apr 1 23:42:37 new-host pppd[3363]: remote IP address XXX.XXX.XXX.XXX Apr 1 23:42:37 new-host pppd[3363]: primary DNS address XXX.XXX.XXX.XXX Apr 1 23:42:37 new-host pppd[3363]: secondary DNS address XXX.XXX.XXX.XXX
Step4 動作確認
DNSの設定をしていないので、このままではアドレス解決できません。そこでIPアドレスを用いてgoogleのDNSにpingを打ってインターネットとの接続確認を行います。無事に届いているので、正しく動作しています。
[root@localhost ~]# ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=53 time=11.6 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=53 time=6.76 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=53 time=6.83 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=53 time=7.84 ms