mpd with a dual pppoe setup
Reinhold
freebsd at violetlan.net
Fri Feb 1 15:47:04 PST 2008
Hi,
I'm building a new router/firewall for my work, I have installed freebsd7
and updated it and compiled pf into the kernel and installed mpd5 for
pppoe. Before I make this system life I would like your input on my mpd
settings.
We have 2 adsl lines and I want to use the new firewall to do load
balancing between them. I've been searching all over the net to find out
more about how I can use mpd for this but all I can find is single pppoe
or mlppp conections, our isp does not support mlppp so thats not an
option. PF will be used for the load balancing and I want to use ancors
for when one of the dsl lines goes down.
For now I have only configured mpd but I'm not sure if its done corectly,
I can't test it because that will mean that I will have to take our
current system off line and that is not an option.
Here is what I've done so far.
/usr/local/etc/mpd5/mpd.conf
default:
load wan1
load wan2
wan1:
new -i ng0 provider PPPoE0
set iface route default
set iface up-script /usr/local/etc/mpd/script-wan1.sh
set iface down-script /usr/local/etc/mpd/script-wan1.sh
set bundle authname "username0 at provider"
set bundle password "passwd"
set ipcp ranges static-ip-0/32 isp-gateway-0/32
load common_setting
wan2:
new -i ng1 wan2 PPPoE1
set iface route default
set iface up-script /usr/local/etc/mpd/script-wan2.sh
set iface down-script /usr/local/etc/mpd/script-wan2.sh
set bundle authname "username1 at provider"
set bundle password "passwd"
set ipcp ranges static-ip-1/32 isp-gateway-1/32
load common_setting
common_setting:
set iface addrs 1.1.1.1 2.2.2.2
set iface disable on-demand
set iface idle 0
set iface enable tcpmssfix
set bundle disable multilink
set link no acfcomp protocomp
set link disable pap chap
set link accept chap
set link keep-alive 10 60
set link max-redial -1
set link mtu 1492
set link mru 1492
set ipcp yes vjcomp
set ipcp enable req-sec-dns
open iface
# PPTP
pptpd:
load pt0
load pt1
load pt2
load pt3
load pt4
load pt5
load pt6
load pt7
load pt8
load pt9
load pt10
load pt11
load pt12
load pt13
load pt14
load pt15
pt0:
new -i ng2 pt0 pt0
set ipcp ranges 192.168.2.1/32 192.168.1.240/32
load pts
pt1:
new -i ng3 pt1 pt1
set ipcp ranges 192.168.2.1/32 192.168.1.241/32
load pts
pt2:
new -i ng4 pt2 pt2
set ipcp ranges 192.168.2.1/32 192.168.1.242/32
load pts
pt3:
new -i ng5 pt3 pt3
set ipcp ranges 192.168.2.1/32 192.168.1.243/32
load pts
pt4:
new -i ng6 pt4 pt4
set ipcp ranges 192.168.2.1/32 192.168.1.244/32
load pts
pt5:
new -i ng7 pt5 pt5
set ipcp ranges 192.168.2.1/32 192.168.1.245/32
load pts
pt6:
new -i ng8 pt6 pt6
set ipcp ranges 192.168.2.1/32 192.168.1.246/32
load pts
pt7:
new -i ng9 pt7 pt7
set ipcp ranges 192.168.2.1/32 192.168.1.247/32
load pts
pt8:
new -i ng10 pt8 pt8
set ipcp ranges 192.168.2.1/32 192.168.1.248/32
load pts
pt9:
new -i ng11 pt9 pt9
set ipcp ranges 192.168.2.1/32 192.168.1.249/32
load pts
pt10:
new -i ng12 pt10 pt10
set ipcp ranges 192.168.2.1/32 192.168.1.250/32
load pts
pt11:
new -i ng13 pt11 pt11
set ipcp ranges 192.168.2.1/32 192.168.1.251/32
load pts
pt12:
new -i ng14 pt12 pt12
set ipcp ranges 192.168.2.1/32 192.168.1.252/32
load pts
pt13:
new -i ng15 pt13 pt13
set ipcp ranges 192.168.2.1/32 192.168.1.253/32
load pts
pt14:
new -i ng16 pt14 pt14
set ipcp ranges 192.168.2.1/32 192.168.1.254/32
load pts
pt15:
new -i ng17 pt15 pt15
set ipcp ranges 192.168.2.1/32 192.168.1.255/32
load pts
pts:
set iface disable on-demand
set iface enable proxy-arp
set iface enable tcpmssfix
set iface idle 1800
set iface up-script /usr/local/sbin/vpn-linkup
set iface down-script /usr/local/sbin/vpn-linkdown
set bundle enable multilink
set bundle enable crypt-reqd
set link yes acfcomp protocomp
set link no pap chap
set link enable chap-msv2
set link mtu 1460
set link keep-alive 10 60
set ipcp yes vjcomp
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e128
set ccp yes mpp-stateless
set ipcp nbns
set ipcp dns 208.67.220.220 208.67.222.222
/usr/local/etc/mpd5/mpd.links
# mpd.links
PPPoE0:
set link type pppoe
set pppoe iface fxp0
set pppoe service "BTconnect0"
set pppoe disable incoming
set pppoe enable originate
PPPoE1:
set link type pppoe
set pppoe iface fxp1
set pppoe service "BTconnect1"
set pppoe disable incoming
set pppoe enable originate
# PPTP
pt0:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt1:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt2:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt3:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt4:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt5:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt6:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt7:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt8:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt9:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt10:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt11:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt12:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt13:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt14:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
pt15:
set link type pptp
set pptp enable incoming
set pptp disable originate
set pptp disable windowing
set pptp self 127.0.0.1
This is an untested config and would love any input on if this will work
or not and any tips on any part of the config.
The parts that I'm not to clear on is these places
set iface route default
set ipcp ranges static-ip-1/32 isp-gateway-1/32
Any help will be apreseated
Regards
Reinhold
More information about the freebsd-questions
mailing list