Difference between revisions of "Pppd"

From ArchWiki
Jump to: navigation, search
(Using SysV)
(Configuration: Adding pppconfig to easily configure pppd profiles)
 
(31 intermediate revisions by 14 users not shown)
Line 1: Line 1:
 +
{{Lowercase title}}
 
[[Category:Networking]]
 
[[Category:Networking]]
 +
[[ja:Pppd]]
 
[[ru:Pppd]]
 
[[ru:Pppd]]
[[zh-CN:Pppd]]
 
{{Lowercase title}}
 
  
{{Article summary start}}
+
'''ppp''' (Paul's PPP Package) is an open source package which implements the [[Wikipedia:point-to-point protocol|point-to-point protocol]] (PPP) on Linux and Solaris systems. It is implemented as single ''pppd'' daemon and acts as backend for {{Pkg|xl2tpd}}, {{Pkg|pptpd}} and [[netctl]]. [[Wikipedia:3G|3G]], [[Wikipedia:L2TP|L2TP]] and [[Wikipedia:PPPoE|PPPoE]] connections are internally based on PPP protocol and therefore can be managed by ppp.
{{Article summary text|This article explains how to set up a point-to-point connections using pppd and the kernel PPPoE driver.}}
+
{{Article summary end}}
+
 
+
'''ppp''' (Paul's PPP Package) is an open source package which implements the [[Wikipedia:point-to-point protocol|point-to-point protocol]] (PPP) on Linux and Solaris systems. It is implemented as single '''pppd''' daemon and acts as backend for {{Pkg|xl2tpd}}, {{Pkg|pptpd}} and [[netcfg]]. [[Wikipedia:3G|3G]], [[Wikipedia:L2TP|L2TP]] and [[Wikipedia:PPPoE|PPPoE]] connections are internally based on PPP protocol and therefore can be managed by {{Pkg|ppp}}.
+
  
 
== Installation ==
 
== Installation ==
[[pacman|Install]] {{Pkg|ppp}}, available in the [[official repositories]].
+
 
 +
[[Install]] the {{Pkg|ppp}} package.
  
 
Make sure that your kernel is compiled with PPPoE support (present in default kernel):
 
Make sure that your kernel is compiled with PPPoE support (present in default kernel):
Line 19: Line 16:
  
 
== Configuration ==
 
== Configuration ==
 +
 
=== PPPoE ===
 
=== PPPoE ===
 +
 
Create the connection configuration file:
 
Create the connection configuration file:
  
Line 26: Line 25:
 
# rp_pppoe_ac 'your ac name'
 
# rp_pppoe_ac 'your ac name'
 
# rp_pppoe_service 'your service name'
 
# rp_pppoe_service 'your service name'
 
+
 
 
# network interface
 
# network interface
 
eth0
 
eth0
 
# login name
 
# login name
name ''"someloginname"''
+
name "''someloginname''"
 
usepeerdns
 
usepeerdns
 
persist
 
persist
Line 40: Line 39:
 
noauth}}
 
noauth}}
  
If you want usepeerdns to work, you have to edit your {{Ic|/etc/ppp/ip-up}} and add a command that copies {{Ic|/etc/ppp/resolv.conf}} to {{Ic|/etc/resolv.conf}}.
+
If {{ic|usepeerdns}} option is used, ''pppd'' will create the {{ic|/etc/ppp/resolv.conf}} file with obtained DNS addresses while establishing a connection. By default, the {{ic|/etc/ppp/ip-up.d/00_dns}} hook script moves this file to {{ic|/etc/resolv.conf}}, allowing the system to use these name servers. If this is undesirable (e.g. you are using a local caching DNS), edit the {{ic|/etc/ppp/ip-up.d/00_dns.sh}} as you need.
  
Edit {{Ic|/etc/ppp/pap-secrets}}:
+
Put a line like this in {{ic|/etc/ppp/pap-secrets}} or {{ic|/etc/ppp/chap-secrets}} as required by the authentication method used by your ISP. It is OK to write these two files at the same time, ''pppd'' will automatically use the appropriate one:
 
+
Put a line like this in {{Ic|/etc/ppp/pap-secrets}} or {{Ic|/etc/ppp/chap-secrets}} as required by the authentication method used by your ISP. It's OK to write these two files at the same time, pppd will automatically use the appropriate one.
+
  
 
  ''someloginname'' * ''yourpassword''
 
  ''someloginname'' * ''yourpassword''
  
You can now start the link using the command
+
You can now start the link using the command:
  
  # pppd ''call your_provider''
+
  # pppd call ''your_provider''
  
 
Alternatively, you can use this
 
Alternatively, you can use this
Line 56: Line 53:
 
  # pon ''your_provider''
 
  # pon ''your_provider''
  
To see whether your pppoe connection is started correctly, check {{Ic|/var/log/errors.log}} first and then check {{Ic|/var/log/everything.log}}. On a successful connection, you should see something like the following in the everything.log:
+
where ''your_provider'' is the exact name of your options file in {{ic|/etc/ppp/peers}}.
  
{{hc|# tail /var/log/everything.log |
+
To see whether your PPPoE connection is started correctly, check the ''pppd'' output in system logs:
Aug 9 00:18:08 localhost pppd[2268]: Using interface ppp0
+
 
Aug 9 00:18:08 localhost pppd[2268]: Connect: ppp0 <--> eth0
+
# journalctl -b --no-pager | grep pppd
Aug 9 00:18:11 localhost pppd[2268]: CHAP authentication succeeded
+
 
Aug 9 00:18:11 localhost pppd[2268]: CHAP authentication succeeded
+
On a successful connection, you will see something like the following:
Aug 9 00:18:11 localhost pppd[2268]: peer from calling number 00:06:29:AF:4F:E0 authorized
+
 
Aug 9 00:18:11 localhost pppd[2268]: Cannot determine ethernet address for proxy ARP
+
Jul 09 22:42:33 localhost pppd[239]: Plugin rp-pppoe.so loaded.
Aug 9 00:18:11 localhost pppd[2268]: local  IP address 10.6.2.137
+
Jul 09 22:42:33 localhost pppd[239]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.6
Aug 9 00:18:11 localhost pppd[2268]: remote IP address 10.6.1.1
+
Jul 09 22:42:33 localhost network[184]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.6
Aug 9 00:18:11 localhost pppd[2268]: primary  DNS address 10.6.1.1
+
Jul 09 22:42:33 localhost pppd[239]: pppd 2.4.6 started by root, uid 0
Aug 9 00:18:11 localhost pppd[2268]: secondary DNS address 210.21.196.6
+
Jul 09 22:42:39 localhost pppd[239]: PPP session is 292
}}
+
Jul 09 22:42:39 localhost pppd[239]: Connected to a0:f3:e4:4f:e3:b0 via interface enp4s0
 +
  Jul 09 22:42:39 localhost pppd[239]: Using interface ppp0
 +
  Jul 09 22:42:39 localhost pppd[239]: Connect: ppp0 <--> enp4s0
 +
  Jul 09 22:42:39 localhost pppd[239]: CHAP authentication succeeded: CHAP authentication success
 +
  Jul 09 22:42:39 localhost pppd[239]: CHAP authentication succeeded
 +
  Jul 09 22:42:39 localhost pppd[239]: peer from calling number A0:F3:E4:4F:E3:B0 authorized
 +
  Jul 09 22:42:39 localhost pppd[239]: Cannot determine ethernet address for proxy ARP
 +
  Jul 09 22:42:39 localhost pppd[239]: local  IP address 10.6.2.137
 +
  Jul 09 22:42:39 localhost pppd[239]: remote IP address 10.6.1.1
 +
  Jul 09 22:42:39 localhost pppd[239]: primary  DNS address 10.6.1.1
 +
  Jul 09 22:42:39 localhost pppd[239]: secondary DNS address 210.21.196.6
  
By default the configuration in {{Ic|/etc/ppp/peers/provider}} is treated as the default, so if you want to make "your_provider" the default, you can create a link like this
+
By default the configuration in {{ic|/etc/ppp/peers/provider}} is treated as the default, so if you want to make "your_provider" the default, you can create a link like this
  
 
  # ln -s /etc/ppp/peers/''your_provider'' /etc/ppp/peers/provider
 
  # ln -s /etc/ppp/peers/''your_provider'' /etc/ppp/peers/provider
  
Now you can start the link by simply running
+
Now you can start the link by simply running:
  
 
  # pon
 
  # pon
Line 81: Line 88:
 
To close a connection, use this
 
To close a connection, use this
  
  # poff your_provider
+
  # poff ''your_provider''
 +
=== Easy wizard configuration ===
  
== Starting pppd with Arch ==
+
{{Aur|pppconfig}} provides a dialog interface to create pppd configuration easily. The usage is as simple as running {{ic|pppconfig}} as root and it will guide the configuration creation.
  
=== Using Initscripts ===
+
<pre>
+
# pppconfig --dialog
{{Warning|Initscripts has been '''deprecated'''}}
+
</pre>
 
+
* The init script {{Ic|/etc/rc.d/ppp}} calls the default ppp provider ({{Ic|/etc/ppp/peers/provider}}), so make sure you have the right configuration file there, otherwhise you could create a symlink to the desired provider as explained before.
+
 
+
* Make sure '''ppp''' module is loaded. If ppp support is compiled as a module, you have to load the {{Ic|ppp_generic}} module. In this case, add this to {{Ic|rc.conf}}:
+
 
+
MODULES=(... ppp-generic ...)
+
 
+
* Add ppp to {{Ic|DAEMONS}} in {{Ic|/etc/rc.conf}}, and make sure that you also have the network daemon listed:
+
  
DAEMONS=(... network ... ppp ...)
+
The resulting configuration can be called using {{ic|pon}} and discarded using {{ic|poff}} as mentioned before.
  
* Also make sure that you have the correct interface declared in the networking section of {{Ic|/etc/rc.conf}}.
+
=== Starting pppd on boot ===
  
=== Using Systemd ===
+
* Configure the {{ic|ppp_generic}} module to load on boot. See [[Kernel modules#Automatic module handling]] for more information.
 +
* [[Enable]] the systemd service {{ic|ppp@''your_provider''.service}}.
  
* Load the {{Ic|ppp_generic}} module by creating a file in {{Ic|/etc/modules-load.d/}}. See [[Kernel Modules#Loading|Module Loading]] for more information.
+
== Tips and tricks ==
 
+
* Enable the service:
+
# systemctl enable ppp@provider.service
+
 
+
where 'provider' is your configuration file
+
 
+
== Extra tweaks ==
+
  
 
=== Do an auto redial ===
 
=== Do an auto redial ===
  
If {{Ic|pppd}} is running, you can force a connection reset by sending the {{Ic|SIGHUP}} signal to the process
+
If ''pppd'' is running, you can force a connection reset by sending the {{ic|SIGHUP}} signal to the process:
  
 
  # export PPPD_PID=$(pidof pppd)
 
  # export PPPD_PID=$(pidof pppd)
  # kill -s HUP $PPPD_PID  
+
  # kill -s HUP $PPPD_PID
  
 
And you have redialed the connection.
 
And you have redialed the connection.
  
'''Make sure you have {{Ic|persist}} option enabled in your {{Ic|/etc/ppp/peers/provider}} tab.'''
+
{{Note|Make sure you have {{ic|persist}} option enabled in your {{ic|/etc/ppp/peers/provider}} tab. Additionally you might want to set {{ic|holdoff 0}} to reconnect without waiting.}}
  
 
=== ISP auto-disconnect after 24h ===
 
=== ISP auto-disconnect after 24h ===
{{Note|If you aren't running your computer always on (running 24/7) then you can skip this step.}}
 
  
If you use a flat-rate always-on connection on a computer, some providers restart your connection after 24h. That makes sure that the IP is rotated every 24h. To compensate, you can use an dynamic DNS service in combination with {{Ic|inadyn}} (available on AUR) to compensate for the rotating IP address. But to avoid disconnects when you don't need it, you might try to restart the connection using a cron job at a time of day you know no one will be using the connection (ex. 4 AM).
+
{{Note|If you are not running your computer always on (running 24/7) then you can skip this step.}}
 +
 
 +
If you use a flat-rate always-on connection on a computer, some providers restart your connection after 24h. That makes sure that the IP is rotated every 24h. To compensate, you can use an dynamic DNS service in combination with {{AUR|inadyn}}{{Broken package link|{{aur-mirror|inadyn}}}} to compensate for the rotating IP address. But to avoid disconnects when you do not need it, you might try to restart the connection using a cron job or [[systemd#Timers|systemd]] timer at a time of day you know no one will be using the connection (e.g. at 4 AM).
 +
 
 +
==== Using cron ====
  
 
As root, do the following:
 
As root, do the following:
  
Create a bash script similar to this and give it a name (ex {{Ic|pppd_redial.sh}}):  
+
Create a bash script similar to this and give it a name (e.g. {{ic|pppd_redial.sh}}):
  
 
  #!/bin/bash
 
  #!/bin/bash
Line 138: Line 135:
 
   
 
   
 
  kill -s HUP $pppd_id
 
  kill -s HUP $pppd_id
  wall $message
+
  echo $message
  
 
Give it execute permissions and put it on a path visible to root.
 
Give it execute permissions and put it on a path visible to root.
  
Then create a cron job using {{Ic|crontab -e}}. Check that your {{Ic|EDITOR}} env variable is set if the command fails. So add anywhere in the file,
+
Then create a cron job using {{ic|crontab -e}}. Check that your {{ic|EDITOR}} env variable is set if the command fails. So add anywhere in the file,
  
 
  0 4 * * * /bin/bash /root/pppd_redial.sh
 
  0 4 * * * /bin/bash /root/pppd_redial.sh
  
Save and exit. Your PPPoE connection will now restart every day at 4AM.  
+
Confirm that {{ic|cronie}} service is up and running. If this is not the case, just [[enable]] and [[start]] it.
 +
 
 +
Save and exit. Your PPPoE connection will now restart every day at 4AM.
 +
 
 +
==== Using a systemd timer ====
 +
 
 +
An alternative way to force a reconnect is using a [[systemd]] timer and the ''poff'' script (in particular its {{ic|-r}} option). Simply create a ''.service'' and ''.timer'' files with the same name:
 +
{{hc|ppp-redial.timer|<nowiki>
 +
[Unit]
 +
Description=Reconnect PPP connections daily
 +
 
 +
[Timer]
 +
OnCalendar=*-*-* 05:00:00
 +
 
 +
[Install]
 +
WantedBy=multi-user.target
 +
</nowiki>}}
 +
 
 +
{{hc|ppp-redial.service|<nowiki>
 +
[Unit]
 +
Description=Reconnect PPP connections
 +
 
 +
[Service]
 +
Type=simple
 +
ExecStart=/usr/bin/poff -r
 +
</nowiki>}}
 +
 
 +
Now just [[enable]] and [[start]] the timer and systemd will cause a restart at the specified time.
  
 
== Troubleshooting ==
 
== Troubleshooting ==
===Default route===
 
If you have a preconfigured default route before the pppd is started, the default route is kept, so take a look in <code>/var/log/errors.log</code> and if you have something like:
 
  
pppd[nnnn]: not replacing existing default route via xx.xx.xx.xx
+
=== Default route ===
  
and xx.xx.xx.xx is not the correct route for you
+
If you have a preconfigured default route before the ''pppd'' is started, the default route is kept, so take a look in {{ic|/var/log/errors.log}} and if you have something like:
  
* Create a new script <code>/etc/ppp/ip-pre-up</code>
+
pppd[nnnn]: not replacing existing default route via ''xxx.xxx.xxx.xxx''
  
$ chmod +x <code>/etc/ppp/ip-pre-up</code>
+
and {{ic|xxx.xxx.xxx.xxx}} is not the correct route for you
  
with this content:
+
* Create a new script in {{ic|/etc/ppp/ip-pre-up.d}} with this content:
  
#!/bin/sh
+
{{hc|/etc/ppp/ip-pre-up.d/10-route-del-default.sh|
/sbin/route del default
+
#!/bin/sh
 +
/usr/bin/route del default
 +
}}
  
* Restart pppd:
+
Note: Make sure you have a script named 'ip-pre-up' which launches *.sh in 'ip-pre-up.d' like other launch scripts do.
$ /etc/rc.d/ppp restart
+
 
===Masquerading seems to be working fine but some sites don't work.===
+
* [[Restart]] the {{ic|pppd}} service.
The MTU under pppoe is 1492 bytes. Most sites use an MTU of 1500. So your connection sends an ICMP 3:4 (fragmentation needed) packet, asking for a smaller MTU, but some sites have their firewall blocking that.
+
 
 +
=== Masquerading seems to be working fine but some sites do not work ===
 +
 
 +
The MTU under pppoe is 1492 bytes. Most sites use an MTU of 1500. So your connection sends an ICMP 3:4 (fragmentation needed) packet, asking for a smaller MTU, but some sites have their firewall blocking that.
 +
 
 +
Enabling the PMTU clamping in [[iptables]] can solve that:
  
Using PMTU clamping can solve that:
 
 
  iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
 
  iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  
===pppd cannot load kernel module ppp_generic===
+
Now, for some reason, just trying to save the resulting iptables configuration with ''iptables-save'' and restoring it later, does not work. It has to be executed after the other iptables configuration had been loaded. So, here is a systemd unit to solve it:
'''Symptom:''' When starting PPTP Client, the pppd process cannot locate the appropriate module.
+
 
  Couldn't open the /dev/ppp device: No such device or address
+
{{hc|pmtu-clamping.service|<nowiki>
  Please load the ppp_generic kernel module.
+
[Unit]
'''Solution:''' Edit the <code>/etc/modprobe.d/modules.conf</code> file and change  
+
Description=PMTU clamping for pppoe
  alias char-major-108 ppp  
+
Requires=iptables.service
to  
+
After=iptables.service
  alias char-major-108 ppp_generic
+
 
If there is no alias included add
+
[Service]
  alias char-major-108 ppp_generic
+
Type=oneshot
and reboot.
+
ExecStart=/usr/bin/iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
 +
 
 +
[Install]
 +
WantedBy=multi-user.target
 +
</nowiki>}}
 +
 
 +
And [[enable]] it.
 +
 
 +
=== pppd cannot load kernel module ppp_generic ===
 +
 
 +
When starting PPTP client, the ''pppd'' process cannot locate the appropriate module:
 +
 
 +
Couldn't open the /dev/ppp device: No such device or address
 +
Please load the ppp_generic kernel module.
 +
 
 +
The solution is to edit the {{ic|/etc/modprobe.d/modules.conf}} file and change
 +
 
 +
alias char-major-108 ppp
 +
 
 +
to
 +
 
 +
alias char-major-108 ppp_generic
 +
 
 +
or just add such alias if it does not exist.
 +
 
 +
The correct module will be loaded after reboot.

Latest revision as of 07:21, 2 July 2016

ppp (Paul's PPP Package) is an open source package which implements the point-to-point protocol (PPP) on Linux and Solaris systems. It is implemented as single pppd daemon and acts as backend for xl2tpd, pptpd and netctl. 3G, L2TP and PPPoE connections are internally based on PPP protocol and therefore can be managed by ppp.

Installation

Install the ppp package.

Make sure that your kernel is compiled with PPPoE support (present in default kernel):

$ zgrep CONFIG_PPPOE /proc/config.gz
CONFIG_PPPOE=m

Configuration

PPPoE

Create the connection configuration file:

/etc/ppp/peers/your_provider
plugin rp-pppoe.so
# rp_pppoe_ac 'your ac name'
# rp_pppoe_service 'your service name'

# network interface
eth0
# login name
name "someloginname"
usepeerdns
persist
# Uncomment this if you want to enable dial on demand
#demand
#idle 180
defaultroute
hide-password
noauth

If usepeerdns option is used, pppd will create the /etc/ppp/resolv.conf file with obtained DNS addresses while establishing a connection. By default, the /etc/ppp/ip-up.d/00_dns hook script moves this file to /etc/resolv.conf, allowing the system to use these name servers. If this is undesirable (e.g. you are using a local caching DNS), edit the /etc/ppp/ip-up.d/00_dns.sh as you need.

Put a line like this in /etc/ppp/pap-secrets or /etc/ppp/chap-secrets as required by the authentication method used by your ISP. It is OK to write these two files at the same time, pppd will automatically use the appropriate one:

someloginname * yourpassword

You can now start the link using the command:

# pppd call your_provider

Alternatively, you can use this

# pon your_provider

where your_provider is the exact name of your options file in /etc/ppp/peers.

To see whether your PPPoE connection is started correctly, check the pppd output in system logs:

# journalctl -b --no-pager | grep pppd

On a successful connection, you will see something like the following:

Jul 09 22:42:33 localhost pppd[239]: Plugin rp-pppoe.so loaded.
Jul 09 22:42:33 localhost pppd[239]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.6
Jul 09 22:42:33 localhost network[184]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.6
Jul 09 22:42:33 localhost pppd[239]: pppd 2.4.6 started by root, uid 0
Jul 09 22:42:39 localhost pppd[239]: PPP session is 292
Jul 09 22:42:39 localhost pppd[239]: Connected to a0:f3:e4:4f:e3:b0 via interface enp4s0
Jul 09 22:42:39 localhost pppd[239]: Using interface ppp0
Jul 09 22:42:39 localhost pppd[239]: Connect: ppp0 <--> enp4s0
Jul 09 22:42:39 localhost pppd[239]: CHAP authentication succeeded: CHAP authentication success
Jul 09 22:42:39 localhost pppd[239]: CHAP authentication succeeded
Jul 09 22:42:39 localhost pppd[239]: peer from calling number A0:F3:E4:4F:E3:B0 authorized
Jul 09 22:42:39 localhost pppd[239]: Cannot determine ethernet address for proxy ARP
Jul 09 22:42:39 localhost pppd[239]: local  IP address 10.6.2.137
Jul 09 22:42:39 localhost pppd[239]: remote IP address 10.6.1.1
Jul 09 22:42:39 localhost pppd[239]: primary   DNS address 10.6.1.1
Jul 09 22:42:39 localhost pppd[239]: secondary DNS address 210.21.196.6

By default the configuration in /etc/ppp/peers/provider is treated as the default, so if you want to make "your_provider" the default, you can create a link like this

# ln -s /etc/ppp/peers/your_provider /etc/ppp/peers/provider

Now you can start the link by simply running:

# pon

To close a connection, use this

# poff your_provider

Easy wizard configuration

pppconfigAUR provides a dialog interface to create pppd configuration easily. The usage is as simple as running pppconfig as root and it will guide the configuration creation.

# pppconfig --dialog

The resulting configuration can be called using pon and discarded using poff as mentioned before.

Starting pppd on boot

Tips and tricks

Do an auto redial

If pppd is running, you can force a connection reset by sending the SIGHUP signal to the process:

# export PPPD_PID=$(pidof pppd)
# kill -s HUP $PPPD_PID

And you have redialed the connection.

Note: Make sure you have persist option enabled in your /etc/ppp/peers/provider tab. Additionally you might want to set holdoff 0 to reconnect without waiting.

ISP auto-disconnect after 24h

Note: If you are not running your computer always on (running 24/7) then you can skip this step.

If you use a flat-rate always-on connection on a computer, some providers restart your connection after 24h. That makes sure that the IP is rotated every 24h. To compensate, you can use an dynamic DNS service in combination with inadynAUR[broken link: archived in aur-mirror] to compensate for the rotating IP address. But to avoid disconnects when you do not need it, you might try to restart the connection using a cron job or systemd timer at a time of day you know no one will be using the connection (e.g. at 4 AM).

Using cron

As root, do the following:

Create a bash script similar to this and give it a name (e.g. pppd_redial.sh):

#!/bin/bash

message="Restarting the PPP connection @:" $(date)
pppd_id=$(pidof pppd)

kill -s HUP $pppd_id
echo $message

Give it execute permissions and put it on a path visible to root.

Then create a cron job using crontab -e. Check that your EDITOR env variable is set if the command fails. So add anywhere in the file,

0 4 * * * /bin/bash /root/pppd_redial.sh

Confirm that cronie service is up and running. If this is not the case, just enable and start it.

Save and exit. Your PPPoE connection will now restart every day at 4AM.

Using a systemd timer

An alternative way to force a reconnect is using a systemd timer and the poff script (in particular its -r option). Simply create a .service and .timer files with the same name:

ppp-redial.timer
[Unit]
Description=Reconnect PPP connections daily

[Timer]
OnCalendar=*-*-* 05:00:00

[Install]
WantedBy=multi-user.target
ppp-redial.service
[Unit]
Description=Reconnect PPP connections

[Service]
Type=simple
ExecStart=/usr/bin/poff -r

Now just enable and start the timer and systemd will cause a restart at the specified time.

Troubleshooting

Default route

If you have a preconfigured default route before the pppd is started, the default route is kept, so take a look in /var/log/errors.log and if you have something like:

pppd[nnnn]: not replacing existing default route via xxx.xxx.xxx.xxx

and xxx.xxx.xxx.xxx is not the correct route for you

  • Create a new script in /etc/ppp/ip-pre-up.d with this content:
/etc/ppp/ip-pre-up.d/10-route-del-default.sh
#!/bin/sh
/usr/bin/route del default

Note: Make sure you have a script named 'ip-pre-up' which launches *.sh in 'ip-pre-up.d' like other launch scripts do.

Masquerading seems to be working fine but some sites do not work

The MTU under pppoe is 1492 bytes. Most sites use an MTU of 1500. So your connection sends an ICMP 3:4 (fragmentation needed) packet, asking for a smaller MTU, but some sites have their firewall blocking that.

Enabling the PMTU clamping in iptables can solve that:

iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Now, for some reason, just trying to save the resulting iptables configuration with iptables-save and restoring it later, does not work. It has to be executed after the other iptables configuration had been loaded. So, here is a systemd unit to solve it:

pmtu-clamping.service
[Unit]
Description=PMTU clamping for pppoe
Requires=iptables.service
After=iptables.service

[Service]
Type=oneshot
ExecStart=/usr/bin/iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

[Install]
WantedBy=multi-user.target

And enable it.

pppd cannot load kernel module ppp_generic

When starting PPTP client, the pppd process cannot locate the appropriate module:

Couldn't open the /dev/ppp device: No such device or address
Please load the ppp_generic kernel module.

The solution is to edit the /etc/modprobe.d/modules.conf file and change

alias char-major-108 ppp

to

alias char-major-108 ppp_generic

or just add such alias if it does not exist.

The correct module will be loaded after reboot.