|SPPP(4)||Device Drivers Manual||SPPP(4)|
sppp — PPP and
Link Control Protocol
sppp network layer implements the
state machine and Link Control Protocol (LCP) of the Point-to-Point Protocol
(PPP) as described in RFC 1661. Note that this layer does not provide
network interfaces of its own, it is rather intended to be layered on top of
drivers providing a point-to-point connection that wish to run a PPP stack
over it. The corresponding network interfaces have to be provided by these
sppp layer provides three basic modes
of operation. The default mode, with no special flags set, is to create the
PPP connection (administrative Open event to the LCP
layer) as soon as the interface is taken up with the
ifconfig(8) command. Taking the
interface down again will terminate the LCP layer and thus all other layers
on top. The link will also terminate itself as soon as no Network Control
Protocol (NCP) is open anymore, indicating that the lower layers are no
Setting the link-level flag
ifconfig(8) will cause the respective
network interface to go into passive mode. This means the
administrative Open event to the LCP layer will be delayed
until after the lower layers signal an Up event (rise of
“carrier”). This can be used by the lower layers to support a
dial-in connection where the physical layer isn't available immediately at
startup, but only after some external event arrives. Receipt of a
Down event from the lower layer will not take the
interface completely down in this case.
Finally, setting the flag
link1 will cause
the interface to operate in dial-on-demand mode. This is
also only useful if the lower layers support the notion of a carrier (like
with an ISDN line). Upon configuring the respective interface, it will delay
the administrative Open event to the LCP layer until
either an outbound network packet arrives, or until the lower layers signal
an Up event, indicating an inbound connection. As with
passive mode, receipt of a Down event (loss of carrier)
will not automatically take the interface down, thus it remains available
for further connections.
sppp layer supports the
debug interface flag, which can be set with
ifconfig(8). If this flag is set, the
various control protocol packets being exchanged as well as the option
negotiation between both ends of the link will be logged at level
LOG_DEBUG. This can be helpful to examine
configuration problems during the first attempts to set up a new
configuration. Without this flag being set, only the major phase transitions
will be logged at level
It is possible to leave the local interface IP address open for negotiation by setting it to 0.0.0.0. This requires that the remote peer can correctly supply a value for it based on the identity of the caller, or on the remote address supplied by this side. Due to the way the IPCP option negotiation works, this address is supplied late during the negotiation, which could cause the remote peer to make false assumptions.
In a similar spirit the remote address can be set to the magical
value 0.0.0.1, which means that we don't care what address the remote side
will use, as long as it is not 0.0.0.0. This is useful if your ISP has
several dial-in servers. You can of course
something or other 0.0.0.1 and it will do exactly what you would want
The PAP and CHAP authentication protocols, as described in RFCs 1334 and 1994, respectively, are also implemented. Their parameters are controlled by the ifconfig(8) utility.
Display the settings for pppoe0. The interface is currently in the
establish phase and tries to connect to the remote peer;
other possible PPP phases are dead,
authenticate, network, or
terminate. Both ends of the connection use the CHAP
protocol, the local client tells the remote peer the system name
uriah’, and the peer is expected to
authenticate by the name ‘
Once the initial CHAP handshake has been successful, no further CHAP
challenges will be transmitted. There are supposedly some known CHAP secrets
for both ends of the link which are not displayed.
$ ifconfig pppoe0 pppoe0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1492 dev: em0 state: PADI sent sid: 0x0 PADI retries: 0 PADR retries: 0 sppp: phase establish authproto chap authname "uriah" \ peerproto chap peername "ifb-gw" norechallenge groups: pppoe inet 0.0.0.0 --> 0.0.0.1 netmask 0xffffffff
A possible call to ifconfig(8) that could have been used to bring the interface into the state shown by the previous example:
# ifconfig em0 up # ifconfig pppoe0 0.0.0.0 0.0.0.1 netmask 0xffffffff \ pppoedev em0 \ authproto chap authname uriah authkey "some secret" \ peerproto chap peername "ifb-gw" peerkey "another" \ peerflag norechallenge \ up
G. McGregor, The PPP Internet Protocol Control Protocol (IPCP), RFC 1332, May 1992.
B. Lloyd and W. Simpson, PPP Authentication Protocols, RFC 1334, October 1992.
W. Simpson, The Point-to-Point Protocol (PPP), RFC 1661, July 1994.
W. Simpson, PPP Challenge Handshake Authentication Protocol (CHAP), RFC 1994, August 1996.
S. Varada, D. Haskins, and E. Allen, IP Version 6 over PPP, RFC 5072, September 2007.
The original implementation of
written in 1994 at Cronyx Ltd., Moscow, by Serge
rewrote a large part in 1997 in order to fully implement the state machine
as described in RFC 1661, so it could also be used for dialup lines. He also
wrote the initial version of this man page. Serge later on wrote a basic
implementation for PAP and CHAP, which served as the base for the current
implementation, done again by Joerg Wunsch.
Reyk Floeter implemented
sppp support for
ifconfig(8) in OpenBSD
4.0 in order to remove the original
spppcontrol’ utility, which was
previously used to configure and display the
Negotiation loop avoidance is not fully implemented. If the negotiation doesn't converge, this can cause an endless loop.
The various parameters that should be adjustable per RFC 1661 are currently hard-coded into the kernel, and should be made accessible through ifconfig(8).
Passive mode has not been tested extensively.
More NCPs should be implemented, as well as other control protocols for authentication and link quality reporting.
IPCP should support VJ header compression.
Link-level compression protocols should be supported.
|March 17, 2014||OpenBSD-current|