1.安装pppoe
sudo apt-get install pppoe
#查看帮助与版本号(本文基于Version 3.12)
pppoe-server -h
2.修改配置文件
主要包括/etc/ppp/options 、/etc/ppp/pppoe-server-options 、/etc/ppp/chap-secrets三个文件
/etc/ppp/options :
#设置DNS
ms-dns 8.8.8.8
ms-dns 114.114.114.114
#
asyncmap 0
noauth
crtscts
local
lock
hide-password
modem
#注释+pap,取消注释-pap;
#取消注释+chap,注释-chap.
#PAP和CHAP为两种不同的认证协议,我们选择CHAP。
-pap
+chap
#
passive
lcp-echo-interval 30
lcp-echo-failure 4
noipx
/etc/ppp/pppoe-server-options:
auth
require-chap
#设置log
logfile /var/log/pppd.log
/etc/ppp/chap-secrets(不存在话自行创建):
#表示用户名为admin,服务器名为任意,密码为admin,IP为任意的IP
# Secrets for authentication using CHAP
# client server secret IP addresses
admin * admin *
3.开启IP转发功能
打开/etc/sysctl.conf
文件,找到 net.ipv4.ip_forward=1
所在行,取消该行的注释,随后运行 sudo sysctl -p
即可打开 IP 转发功能
或者
echo 1 > /proc/sys/net/ipv4/ip_forward
检查看下是否成功:
cat /proc/sys/net/ipv4/ip_forward
4.配置iptables策略
PPPoE接入控制的主要方式就是通过对IP数据包的封装再转发。所以要配置 PPPoE 服务器必须要开启IP转发功能
sudo iptables -t nat -A POSTROUTING -s 192.168.5.0/24 -o enp2s0 -j MASQUERADE
#检查配置结果
sudo iptables -t nat -S
#成功配置的话,有以下条目的输出:
-A POSTROUTING -s 192.168.66.0/24 -o enp2s0 -j MASQUERADE
5.运行PPPoE服务
#-I 参数为网络端口名称,可以使用 ifconfig 命令查看当前工作的端口。
#-L 参数为一个PPP连接中,PPPoE服务器的IP地址,即当前 Ubuntu 服务器的地址。
#-R 参数为当有客户连接到服务器上时,从哪个IP地址开始分配。
#-N 参数为至多可以有多少个客户同时连接到当前服务器上。
sudo pppoe-server -I enp2s0 -L 192.168.5.1 -R 192.168.5.10 -N 5
注:配置的interface(网络端口)是要接到client的网口名,比如你ifconfig结果如下,wlp1s0为连接wifi的无线网卡,enp2s0 为Ubuntu主机对应的物理RJ45网口,完成上述配置后连接enp2s0的client设备可以通过enp2s0来进行pppoe请求,进而得到pppoe server分配的IP。
root@ubuntu:~/Desktop# ifconfig
enp2s0 : flags=4099<UP,BROADCAST,MULTICAST> mtu 1500ether 00:0e:c6:b7:ec:f4 txqueuelen 1000 (Ethernet)RX packets 22561 bytes 1296811 (1.2 MB)RX errors 0 dropped 2 overruns 0 frame 0TX packets 20882 bytes 1234179 (1.2 MB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0inet6 ::1 prefixlen 128 scopeid 0x10<host>loop txqueuelen 1000 (Local Loopback)RX packets 6753 bytes 1119755 (1.1 MB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 6753 bytes 1119755 (1.1 MB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.98.228 netmask 255.255.255.0 broadcast 192.168.98.255inet6 fe80::13a1:4772:d2e1:7d63 prefixlen 64 scopeid 0x20<link>ether e0:94:67:32:3e:f3 txqueuelen 1000 (Ethernet)RX packets 183031 bytes 58421398 (58.4 MB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 41106 bytes 5008701 (5.0 MB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
完成后如果client连接,server侧用ifconfig命令查看会多一个interface:
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472inet 192.168.5.1 netmask 255.255.255.255 destination 192.168.5.10ppp txqueuelen 3 (Point-to-Point Protocol)RX packets 262 bytes 8725 (8.7 KB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 171 bytes 1293 (1.2 KB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
client 也会拿到ip
pppoe-wan Link encap:Point-to-Point Protocol inet addr:192.168.5.10 P-t-P:192.168.5.1 Mask:255.255.255.255UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1472 Metric:1RX packets:162 errors:0 dropped:0 overruns:0 frame:0TX packets:251 errors:0 dropped:2 overruns:0 carrier:0collisions:0 txqueuelen:3 RX bytes:1233 (1.2 KiB) TX bytes:8319 (8.1 KiB)
6.通过配置脚本快速配置
完成pppoe安装与配置文件配置后可以手动运行下面的shell脚本,如果想开机自启动开启pppoe server可以配置shell脚本开机自动运行
#!/bin/sh
main() {echo "Setup PPPoE Server"if [ ! -f /etc/ppp/chap-secrets ]; thensudo apt-get install pppoe-serversudo apt-get install pppoefi# modify your configuration herelocal interface=enx000ec6b7ecf4local lan=192.168.5local mask=24local ip_pool_count=5local exist=`pgrep pppoe-server`[ ! -z "$exist" ] && sudo killall pppoe-serversudo pppoe-server -I $interface -L $lan.1 -R $lan.10 -N $ip_pool_countlocal ipt_rule=`sudo iptables -t nat -S|grep "$lan.10"`if [ -z "$ipt_rule" ]; thenecho "add iptables rule"sudo iptables -t nat -A POSTROUTING -s $lan.0/$mask -o $interface -j MASQUERADEelseecho "iptables rule seems already added"echo $ipt_rulefiecho "pppoe info:"sudo cat /etc/ppp/chap-secrets |tail -n 2
}main