Netgraph node with inet and ethernet hooks?

Josh Coombs kurlon at gwi.net
Sat Nov 13 08:51:39 PST 2004 

On Nov 13, 2004, at 10:59 AM, Bjoern A. Zeeb wrote:

> On Sat, 13 Nov 2004, Josh Coombs wrote:
>
>> I'm trying to find a way to get PPPoE half-bridging functionality
>> working with FreeBSD, similar to what Cisco routers and many older 
>> ISDN
>> routers can/could do.  Basically, I'm trying to get the ip/subnet
>> assigned to the ppp link usable on an ethernet interface.
>
> I am going to assume the FreeBSD should be the NAS and not the CPE.

Correct, the CPE is any DSL modem doing RFC1483 bridging, the FreeBSD 
box is doing PPPoE and linking that to the LAN.

> Cisco:
> 	int Lo1
> 		192.168.199.17
> 	int Vt1
> 		ip unnumbered Loopback1
>
> so the link would look like:
>
> 	NAS:					CPE:
> 	Cisco <- 192.168.199.17 PtP 10.0.0.1 -> DSL router
>                        ^             ^
>                        \-------------/
>                           IPCP handshake
>
> And further the cisco adds a route like
> 	route add 10.0.0.0/24 10.0.0.1
>
> But I still call that a HACK. Use a transfer IP for the customer
> (static or out of a pool) for IPCP PtP link and route the /24 to
> this IP then.
>
> user dsluser, prefix=P
> 	Framed-IP-Address = "172.16.36.1",
> 	Framed-IP-Netmask = "255.255.255.255",
> 	Framed-Route = "10.0.0.0/24 172.16.36.1"
>
> you need one single extra IP for that but it's a lot "cleaner" and
> should always work w/o problems.
>
The setup above, using a transfer IP was one of the first things we 
tried.  This setup only works if your dslam will accept and advertise 
framed-route's handed out via radius.  Turns out we have atleast one 
model that won't.  It strictly operates based on IP-Address and Netmask 
to determine what it advertises out.  The other roadblock, was most 
consumer CPE/Routers and broadband routers have no way to turn off NAT 
but still do routing.

So, this is why I started investigating doing this under FreeBSD so I 
can package up a suggested system, and offer it if customers balk at 
the price of Cisco 837's.

On Zyxels, the only conf besides basic ppp on the ISDN interface, was 
to enable 'half-bridge' mode.  At that point whatever IP was assigned 
via ppp became the ip assigned to the LAN interface.  LAN systems could 
then hardcode ip's within the assigned subnet, and point to the ip 
assigned via ppp as the gateway.

Joshua Coombs

More information about the freebsd-net mailing list