AIX 5L Configuring TCP/IP (Unit 04): Point-to-Point Protocol

How to configure a serial connection to be a routable connection that can be another hop in your TCP/IP network.

Unit Objectives
———————–
Explain the difference between PPP and SLIP
Describe the features of PPP
List the configuration steps of PPP
Establish a PPP connection

SLIP – Serial Line Internet Protocol
—————————————————
Has problems with security.
Limited to TCP/IP transmission only

PPP Features
———————
0/1 0/1 0/1 1/2 n… 1500 2 0/1
flag, address, control, protocol, information, padding, error checking, flag
(7E) (FF) (03) (7E)

Encapsulates IP datagrams for serial link transmission
Supports multiple protocols on a single link
Dynamic negotiation of IP address, authentication, compression
More sophisticated than SLIP
Consists of:
– Link Control Protocol (LCP)
– Network Control Protocol (NCP)
– Encapsulation/framing technique

AIX PPP Features
—————————-
Demand connections
PAP/CHAP security
PAP – Password Authentication Protocol (password can be seen on the line)
CHAP – Challenge Handshake Protocol (private key encryption, rechallenges also)

Server provides the IP Address from a pool of IP addresses
Client – Calling System
Server – Called System
or visa versa

PPP Commands and Daemons
———————————————-
pppcontrold
– pppauthd
Must be running on both sides.

pppattachd (dynamically launched on the server side)
– pppdial (how to make this connection)

Assume that the connection is coming through on dumb terminal TTY
Starts a getty process to begin listening on a specific port
getty (issues the login prompts)
login
password
chat file on client responds to the request for login name and password
just a mechanism to launch the .profile for the username (ex. ppp)
Server – /home/ppp/.profile (runs the ppp .profile with pppattachd daemon)

startsrc -s pppcontrold
$ pppattachd client tty0 connect “pppdial -f chatfile”
$ pppattachd server

Installation and Configuration Steps
—————————————————
Install bos.net.ppp
Create TTY devices on both sides (Server enabled, Client disabled)
Create PPP Link Control Configuration files on both sides
Add IP Interfaces for PPP (Servers side only with pool of IP addresses)
Define PAP/CHAP authentication (optional)
Start PPP subsystem (pppcontrold/pppauthd)
Accessed via smit ppp
Establish PPP Connection

Server Setup – Create a TTY Device
—————————————————
smit maktty
Will prompt for a serial port# on the parent adapter
Add a TTY screen
Must be setup the same on both the client and server sides
Note: Refer to screen for detailed settings.

Server – Create Link Control Configuration
————————————————————-
smit addlcp
Link Configuration screen
Note: Refer to screen for detailed settings.

Server PPP Interfaces
——————————–
smit addpppserver
PPP IP Configuration
Define IP Address Pool to give to clients

Server – Final Setup Steps
—————————————
One copy of pppattachd must run for each connected client:
– Set up account for clients to log into, for example, ppp
– Start pppattachd in /home/.profile:
exec/usr/sbin/pppattachd server 2>/dev/null
Start PPP subsystem using smit or startsrc commands

Note: If you are having troubles, change the /dev/null to a real file such as /tmp/ppp.log so that you can see what the output is and find the problems.

Server – Ready for Connections
———————————————–
Interfaces (pp0, pp1, and so forth) and routes created once PPP subsystem started:
# ifconfig pp0
pp0:flags=6000031
inet 192.168.0.1 –> 192.168.0.2 netmask 0xffffff00

Note: It should have both UP and RUNNING to be active.

Route added to kernel routing table

Client Setup – Create a TTY Device
—————————————————
Add a TTY screen
Note: See example screen for detailed settings

Client Setup – Create Link Control Configuration
———————————————————————
smit addlcp

Note: Test it as a tty dump terminal using att to see if the settings are working.

Client Setup – Start PPP Subsystem
——————————————————-
smit startppp
PPP interfaces created when PPP subsystem starts:
# ifconfig pp0
pp0: flags=6000030
inet 0.0.0.0 –> 0.0.0.0 netmask 0xff000000

Client – Establishing a Connection
————————————————–
To connect: start pppattachd on local system:
$ pppattachd client tty0 connect “pppdial -f mychatfile”

Connector program (for example pppdial) makes connection to remote system:
– Dials (if needed)
– Logs in
– PPP process starts automatically

Client Exampe (Chat File)
————————————–
Contents of chat file: (dial in over a modem)

atdt1234567
CONNECT
\d\n (Enter/Return)
ogin: (What do I see)
ppp (What do I respond with)
ssword: (What do I see)
ppppw (What do I respond with)

Client Example – Connection Established
————————————————————–
PPP processes running
$ ps -ef | grep ppp
Interface configured with address/netmask from remote system:
$ ifconfig pp0
Route to remote host created

Server – With Connected Client
———————————————–
Each client assigned free interface and corresponding address:
– Interface/address assigned from pool – not based on client identity or incoming port

# ifconfig pp0
# ps -ef | grep ppp

Unit Summary
———————
AIX supports PPP client/server and calling/called system
pppcontrold implements PPP subsystem, must always run on PPP participants
pppattachd implements the PPP protocol on clients and servers
pppdial runs chat scripts to establish physical connections

Exercise 4
—————–
Server Setup
sys3 # smitty mktty
Add a TTY
Select RS232
Select addapters sa0 or sa1
Enter following data
Port number (use F4 for a list)
Enable Login: Enabled
Default everything else (These settings must be same on client)
Execute
tty0 Available

Enable login
vi /etc/syslog.conf
got to end of file
add line
*.debug /var/adm/syslog (log file to see messages)
save

cd /var/adm
syslog (creates empty log file)
refresh -s syslogd (re-reads the .profile)

Create user on server
mkuser ppp
passwd ppp
Note: You must redefine the password because it was just created.
su – tcp1
su – ppp
ppp’s password:
Enter new password for user ppp
Ctrl-D
whoami
su – ppp
No request to redefine the password.
exit
exit

Make ppp user a member of the ppp group.
chuser groups=uucp ppp
su – ppp

Edit the .profile
vi .profile
add a line
exec /usr/sbin/pppattachd server 2> /dev/null (automatically executes when logging in)
end editing settion
exit

Setup Config files on Server
whoami – root
smitty addlcp
PPP subsystem name: Enter “pppserver”
max server connections: 1
max client connections: 0 (must have an entry)
max demand connections: 0 (must have an entry)
max ip interfaces: 1 (same as max server connections above)
max async hdlc attachments: 1 (same as max server connections above)
everything else is optional
Execute
Creates the config file for Link Control

Create the address pool on server
smitty addpppserver
Local IP address: 192.168.1.3
Starting Remote IP Address: 192.168.1.2
Number of addresses: 1
Netmask: 255.255.255.0

Start up the ppp control deamon
smitty startppp
Start PPP now: both
smitty uses startsrc to start it
lssrc -a | grep PPP (verify that it is running)
ifconfig pp0 (view setup info)
Server Setup is now complete

Client Setup
Setup a user to test with
mkuser ppptest
chuser groups=uucp ppptest
passwd ppptest (reset password)

Turn on Error logging on Client
vi /etc/syslog.conf
go to the bottom
*.debug /var/adm/syslog
save

> /var/adm/syslog (creates an empty syslog file)

reread the syslog deamon
refresh -s syslogd

Define TTY connection on Client
smitty mktty
Add a tty
RS232
Parent Adapter: _sa0 or _sa1
port number _0
Enable Login: disabled
Everything else use defaults (must be same as server side)
Execute
tty0 Available

Test the tty connections
ate (Asynchronous Terminal Emulator – excute in a windows environment so that if it hangs you can start a new window)
> a (alter connections menu)
> r 9600 (modify the rate)
Note: ate sets its own characteristics, therefore you must specify here
> Ctrl-R (back out to previous screen)
> c (connect command)
> tty0
Should see a login prompt from the other system.
> quit

Login as ppptest
ls -ld /home/ppptest (check permissions) drwxr-xr-x
su – ppptest
ls -a (shows the .profile and .sh_history files)

Add chatfile
vi chatfile
ogin: (only need a substring of the string)
ppp (enter the user)
ssword:
ppp (enter the password
save

Trigger the ppp connection
Create a script for this command
vi connect-script
exec /usr/sbin/pppattachd client tty0 connect “/usr/sbin/pppdial -v -f chatfile”
save

Must be root
whoami

Add link control information
smitty addlcp
cd /etc/ppp
rm lcp_config
cd
smitty addlcp
PPP-Subsystem name: pppclient
max server connections: 0
max client connections: 1
max demand conneconts: 0
max ip interfaces: 1
max async hdlc attachment: 1
use defaults on everything else
execute (recreates the lcp_config file)

ls /etc/ppp (verify that the lcp_config file exists)

Make sure ppp control deamon running
smitty startppp
Start-PPP: both
execute
lssrc -a | grep ppp (verify that it is running)

Note: Instead of memorizing all of the smitty fast paths, you can use the smitty ppp to get to the ppp menu and select the options from there.

Make the connection script executable
su – ppptest
chmod 755 connect-script

Test ppp connection
./connect-script
ifconfig pp0 (can see the ip addresses, RUNNING)
ping 192.168.1.3

Setup name resolution
vi /etc/hosts
must be root
smitty hosts
List hosts
Add a host
Internal address: 192.168.1.3
Host name: ppp3
execute

Add a host
Internal address: 192.168.1.2
Host name: ppp2
execute

List hosts

ping ppp3

verify state of interface on the server side
sys3 # ls src -a | grep ppp (RUNNING state)

Leave a Reply

Your email address will not be published. Required fields are marked *

*