Forums

Albert39
Albert39
Offline
Resolved
0 votes
I'm currently running into a problem after switching from DSL with modem to a fiber connection without modem. ClearOS is connected directly to the NT box (Fiber to Cat interface)

What I did so far:
Used a un-configured NIC and added a VLAN on it. - Role External - Type DHCP - VLAN ID 6
Then eddited the VLAN addapter to PPPoE - Role External - Connection type PPPoE - Username (mac@internet) - Password (provided by ISP) -MTU 1500
After update the VLAN addapter is gone and settings in ifcfg-enp4s0.6 changed and ifcfg-ppp0 is created.
At this point there is no connection. I found this topic and added a additional VLAN Same as first time, this corrected the file ifcfg-enp4s0.6. At this point no connection at all.

Then I started over with the information i found here, Changed Iface.php and added a firewall rule as described.

From there I removed everything and started over again. Now I have a very unstable connection. With this in the logfile messages:

Jan 12 15:53:48 gateway pppoe-connect: PPPoE connection lost; attempting re-connection.
Jan 12 15:53:53 gateway pppd[14578]: Plugin /usr/lib64/pppd/2.4.5/rp-pppoe.so loaded.
Jan 12 15:53:53 gateway pppd[14578]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.5
Jan 12 15:53:53 gateway pppd[14578]: pppd 2.4.5 started by root, uid 0
Jan 12 15:53:53 gateway systemd-sysctl: Line is not an assignment in file '/etc/sysctl.d/99-sysctl.conf': (null)
Jan 12 15:53:53 gateway pppd[14578]: PPP session is 25606
Jan 12 15:53:53 gateway systemd-sysctl: Line is not an assignment in file '/etc/sysctl.conf': (null)
Jan 12 15:53:53 gateway pppd[14578]: Connected to 00:00:00:10:2f:30 via interface enp4s0.6
Jan 12 15:53:53 gateway pppd[14578]: Using interface ppp0
Jan 12 15:53:53 gateway pppd[14578]: Connect: ppp0 <--> enp4s0.6
Jan 12 15:53:53 gateway pppd[14578]: Remote message: Authentication success,Welcome!
Jan 12 15:53:53 gateway pppd[14578]: PAP authentication succeeded
Jan 12 15:53:53 gateway pppd[14578]: peer from calling number 00:00:00:10:2F:30 authorized
Jan 12 15:53:53 gateway pppd[14578]: Unsupported protocol 'IPv6 Control Protocol' (0x8057) received
Jan 12 15:53:53 gateway pppd[14578]: local IP address 81.205.120.xx
Jan 12 15:53:53 gateway pppd[14578]: remote IP address 195.190.228.xx
Jan 12 15:53:53 gateway pppd[14578]: LCP terminated by peer
Jan 12 15:53:53 gateway pppd[14578]: Connect time 0.0 minutes.
Jan 12 15:53:53 gateway pppd[14578]: Sent 0 bytes, received 0 bytes.
Jan 12 15:53:53 gateway pppd[14578]: Modem hangup
Jan 12 15:53:53 gateway pppd[14578]: Connection terminated.
Jan 12 15:53:53 gateway pppd[14578]: Failed to disconnect PPPoE socket: 114 Operation already in progress
Jan 12 15:53:54 gateway systemd: firewall.service: main process exited, code=killed, status=15/TERM
Jan 12 15:53:54 gateway systemd: Unit firewall.service entered failed state.
Jan 12 15:53:54 gateway systemd: firewall.service failed.
Jan 12 15:53:57 gateway clearsyncd[1441]: System Events: Socket hang-up: 30
Jan 12 15:53:58 gateway pppd[14578]: Exit.


This keeps repeating its self. Is there anyone who can help to diagnose this and find a solution. It also looks as if my firewall stopped working.
Wednesday, January 12 2022, 02:59 PM
Share this post:
Responses (8)
  • Accepted Answer

    Wednesday, January 12 2022, 04:15 PM - #Permalink
    Resolved
    0 votes
    I am not sure if I can help, but first of all, don't worry about the edit to Iface.php for the moment. It won't help with making a connection. It will just affect the speed you can get through the connection. Also don't worry about the firewall rule. The firewall already has it and it is active all the time. Then can I refer you to the app documentation at https://documentation.clearos.com/content:en_us:7_ug_network#pppoe_with_vlan_tag.

    I wrote up the documentation following comments from the forums but, which I had VDSL cable for a while, I tried it and could not make it work. Having said that, my modem normally added the VLAN tag so I could do a basic PPPoE connection. I tried turning off the tag in the modem and adding it in ClearOS and I could not get it to work, but it could have been because the modem was stripping the tag. I now have no way of testing as I've gone back to a DOCSIS line, and I don't think there is anyone else in the team who can help either.

    Have a look at your modem and see if it can add the tag for you. That is the easiest option. If not, try following the documentation. If and only if that works, try the mod to ifcfg-ppp0 and, if that works, add the one line to Iface.php to make it permanent.
    The reply is currently minimized Show
  • Accepted Answer

    Albert39
    Albert39
    Offline
    Friday, January 14 2022, 06:51 AM - #Permalink
    Resolved
    0 votes
    Thanks for your reply Nick,

    I'm still stuck having this in my log files:
    Jan 14 07:38:17 gateway pppd[7988]: Using interface ppp0
    Jan 14 07:38:17 gateway pppd[7988]: Connect: ppp0 <--> /dev/pts/1
    Jan 14 07:38:17 gateway pppoe[7989]: PPP session is 59734 (0xe956)
    Jan 14 07:38:18 gateway pppd[7988]: Remote message: Authentication success,Welcome!
    Jan 14 07:38:18 gateway pppd[7988]: PAP authentication succeeded
    Jan 14 07:38:18 gateway pppd[7988]: Unsupported protocol 'IPv6 Control Protocol' (0x8057) received
    Jan 14 07:38:18 gateway pppd[7988]: local IP address 81.205.120.246
    Jan 14 07:38:18 gateway pppd[7988]: remote IP address 195.190.228.145
    Jan 14 07:38:18 gateway pppd[7988]: LCP terminated by peer
    Jan 14 07:38:18 gateway pppd[7988]: Connect time 0.0 minutes.
    Jan 14 07:38:18 gateway pppd[7988]: Sent 0 bytes, received 0 bytes.
    Jan 14 07:38:18 gateway pppoe[7989]: Session 59734 terminated -- received PADT from peer
    Jan 14 07:38:18 gateway pppoe[7989]: Sent PADT
    Jan 14 07:38:18 gateway pppd[7988]: Modem hangup
    Jan 14 07:38:18 gateway pppd[7988]: Connection terminated.


    I get the feeling that my ISP is closing the session as my system doesn't accept IPV6. If you look at the sequence it is like this.
    Authentication - PAP authentication succeeded
    System can't handle IPV6 - Unsupported protocol 'IPv6 Control Protocol' (0x8057) received
    System gets IPV4 - local IP address 81.205.***.***
    I don't understand this - remote IP address 195.190.228.145
    ISP is terminating - LCP terminated by peer
    Session terminited as
    is recieved from ISP - PADTSession 59734 terminated -- received PADT from peer
    Systems sends PADT and
    does not accept any data
    from this point - Sent PADT

    Can it be the ISP is terminating the session as the offered IPV6 is not accepted?

    I also see this coming by:
    Jan 14 07:38:16 gateway dhclient[7052]: DHCPDISCOVER on enp4s0.6 to 255.255.255.255 port 67 interval 14 (xid=0x398d2719)

    I think I have seen somewhere ClearOS can't handle this IP but I can't recall anymore.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 14 2022, 09:12 AM - #Permalink
    Resolved
    0 votes
    PPPoE is a funny protocol and I don't have it any more so can't comment too much. The remote IP could be correct as it does not have to be in any particular subnet (the PPP in PPPoE stands for Point to Point Protocol). I think you just have a direct connection between your IP and their IP.

    ClearOS does not do IPv6 very well. It is enabled, but none of the ClearOS apps are IPv6 aware.

    I am afraid I honestly have no idea where to go to troubleshoot. You can packet sniff but I would not know what to do with the results. You may be better getting a PPPoE aware router and, perhaps putting ClearOS in its DMZ
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 14 2022, 09:43 AM - #Permalink
    Resolved
    -1 votes
    The firewall may be OK but it is being killed as the WAN effectively goes down.

    You may be able to produce a debug log with the -D file_name switch - https://www.systutorials.com/docs/linux/man/8-pppoe/ - but I don't know where you should put it. Perhaps somewhere under /etc/ppp, or add DEBUG="1" near the top of /usr/sbin/pppoe-start?
    The reply is currently minimized Show
  • Accepted Answer

    Albert39
    Albert39
    Offline
    Sunday, January 16 2022, 09:21 AM - #Permalink
    Resolved
    0 votes
    I found a solution that works as this is not the preferred one.

    When I connect a managed switch in between the NTU and ClearOS with a configuration that bridges VLAN6 tagged from one port to VLAN6 untagged on a other I can connect. On the VLAN6 tagged port is the NTU on the untagged ClearOS.

    What I see when I also have VLAN1 on the same port as the one the NTU is connected to, so VLAN1 and VLAN6 tagged. It is not possible to connect. It will connect but immediately disconnect.

    So what I think what happens is that when I configure VLAN6 on ClearOS it is not tagged right or there is also a other VLAN that still exist on the same WAN interface most likely VLAN1 as this triggers the disconnect from my ISP. When with the managed switch I also put for example VLAN4 and VLAN7 tagged on the same port as VLAN6 tagged there is no issue.

    So the question is how do I make sure I only have a well tagged VLAN6 on my WAN adapter?
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, January 16 2022, 10:23 AM - #Permalink
    Resolved
    0 votes
    What is the content of /etc/sysconfig/network-scripts/ifcfg-ppp0 and the /etc/sysconfig/network-scripts/ifcfg-????? of the underlying NIC (and what is the file name)?
    The reply is currently minimized Show
  • Accepted Answer

    Albert39
    Albert39
    Offline
    Sunday, January 16 2022, 01:42 PM - #Permalink
    Resolved
    0 votes
    In the working situation with a switch in between I have this:

    content of ifcfg-enp4s0:
    DEVICE=enp4s0
    BOOTPROTO="none"
    ONBOOT="no"


    content of ifcfg-ppp0:
    DEVICE=ppp0
    TYPE="xDSL"
    USERCTL="no"
    BOOTPROTO="dialup"
    NAME="DSLppp0"
    ONBOOT="yes"
    PIDFILE="/var/run/pppoe-ppp0.pid"
    FIREWALL="NONE"
    PING="."
    PPPOE_TIMEOUT="80"
    LCP_FAILURE="5"
    LCP_INTERVAL="20"
    CLAMPMSS="1412"
    CONNECT_POLL="6"
    CONNECT_TIMEOUT="80"
    DEFROUTE="yes"
    SYNCHRONOUS="no"
    ETH="enp4s0"
    PROVIDER="DSLppp0"
    PEERDNS="no"
    USER="(remover mac)@internet"
    LINUX_PLUGIN="/usr/lib64/pppd/2.4.5/rp-pppoe.so"
    MTU="1508"



    Then I can configure it without the switch in two order, do I use one there is a file ifcfg-enp4s0 the other tis file doesn't exists. And there is a 1 line difference in ifcfg-ppp0.
    content of ifcfg-enp4s0:
    DEVICE=enp4s0
    BOOTPROTO="none"
    ONBOOT="no"


    content of ifcfg-enp4s0.6:
    DEVICE=enp4s0.6
    TYPE="VLAN"
    ONBOOT="yes"
    USERCTL="no"
    BOOTPROTO="dhcp"
    PEERDNS="no"
    VLAN="yes"


    content of ifcfg-ppp0:
    DEVICE=ppp0
    TYPE="xDSL"
    USERCTL="no"
    BOOTPROTO="dialup"
    NAME="DSLppp0"
    ONBOOT="yes"
    PIDFILE="/var/run/pppoe-ppp0.pid"
    FIREWALL="NONE"
    PING="."
    PPPOE_TIMEOUT="80"
    LCP_FAILURE="5"
    LCP_INTERVAL="20"
    CLAMPMSS="1412"
    CONNECT_POLL="6"
    CONNECT_TIMEOUT="80"
    DEFROUTE="yes"
    SYNCHRONOUS="no"
    ETH="enp4s0"
    PROVIDER="DSLppp0"
    PEERDNS="no"
    USER="(remover mac)@internet"
    LINUX_PLUGIN="/usr/lib64/pppd/2.4.5/rp-pppoe.so"
    MTU="1508"


    When ifcfg-enp4s0 exists ifcfg-ppp0 is has ETH="enp4s0" if it doesn't ETH="enp4s0.6"
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, January 16 2022, 04:41 PM - #Permalink
    Resolved
    0 votes
    As far as I am concerned, the ifcfg-ppp0 file should have the line `ETH="enp4s0.6"` in it. Also I recommended starting without `LINUX_PLUGIN="/usr/lib64/pppd/2.4.5/rp-pppoe.so"` until you have it working. An MTU of 1508 seems high. I know with ADSL that you normally limit it to 1492 or less. Having said that, it is irrelevant if you have the `LINUX_PLUGIN="/usr/lib64/pppd/2.4.5/rp-pppoe.so"` line as it gets ignored (which is why you need the extra firewall rule).

    You can try packet sniffing with tcpdump bit I am not sure you you'd packet sniff after your switch. You would be looking for a difference in the packets.
    The reply is currently minimized Show
Your Reply