Configuring pppd in Linux, Part II
In Part I of this article (see the February 2002 issue of LJ), I explained how to configure the modem. At the end of the article you ended up with a symbolic link called /dev/modem that pointed to the right device file for your modem. You were sure that everything worked fine, as you connected to your internet service provider (even though you didn't establish a PPP connection). In this article I go further, explaining how to connect to the Internet. You are advised to read the previous article first. If you can't, just make sure that your modem is configured correctly, and that you do have a symbolic link called /dev/modem that points to the right device file in /dev.
In order to make any use of this article you should have all the login information about your provider, including the phone number you should dial to connect, your login and password, and a valid DNS server address (this is optional, as it can be assigned automatically by your provider).
This article assumes that your provider accepts PAP authentication. PAP is a way of sending your login and password information to the provider through the PPP protocol; it saves the users from the more complicated (and often manual) login procedures required by some internet service providers in the past. The vast majority of ISPs today will require you to use PAP. This article also assumes that you have a standard modem and not a Winmodem. Configuring a Winmodem is possible but can be tedious and is outside the scope of this article.
First of all, you must be logged in as root to configure your internet connection. A connection to the Internet via the modem is established using PPP (point-to-point protocol), which is used to encapsulate common TCP/IP packets so that they can be sent through a serial line (in fact, TCP/IP packets are meant to be transmitted over a network medium and wouldn't fit, as they are on a serial connection without being serialized first).
This article assumes that you have the following software installed: the kernel module that handles the PPP connection (every distribution I know of comes with a kernel that includes the PPP module, so you probably don't need to worry about it); the program pppd, which initializes the kernel modules after establishing the connection; the program chat, which is responsible for establishing the connection; and the program minicom, a very simple terminal program that lets you talk to the modem. To check if you have all of these programs, you can use the which command. This command tells you if the programs are available in one of the directories listed in the $PATH environment variable:
which pppd /usr/bin/pppd which chat /usr/bin/chat which minicom /usr/bin/minicom
If you don't have some of these programs, you should grab the right package and install it. You also might want to disable the call waiting for your telephone line. If it is active, an incoming call could cause the line to drop while you are connected.
Once we configure the modem, how do we connect to the Internet? We have to use (and configure) a program called pppd (point-to-point protocol dæmon). The following is what happens when you run pppd (assuming that chat is used as the dialer program and that pppd is correctly configured).
The dæmon starts. It sets the serial port parameters (speed, etc.). Then it runs an external program (chat) to establish the connection, which sends the connection command to the modem (ATDT followed by the provider's number). Then it waits for the string CONNECT from the serial port. At that point the connection has been established, and it's as if there were a serial cable running from your computer to the provider's computer. Once chat has finished its job, the program pppd takes over again. If the connection could not be established, pppd will exit and return an error. Otherwise, it will talk to the PPP dæmon on the other side of the line (the PPP handshake that you saw earlier as a bunch of indecipherable symbols) and will be assigned an IP address. A login and a password normally are required to complete this stage successfully (login information is sent during the PPP handshake). The program pppd makes sure that a kernel network interface is created and that the network traffic is directed to it.
The two programs that you need, pppd and chat, are not interactive. They are run and then send any messages to the system log dæmon, syslogd. The syslogd will then write the received messages on the hard drive. There are several classes of messages, and the different classes usually are stored in separate files. The exact place they are stored depends on your syslogd configuration.
Now, you should configure syslogd so that you are 100% sure that the debugging information from the dæmons pppd and chat actually are stored on disk—and that you know where they are. The configuration file for syslogd is /etc/syslog.conf. All you have to do is enter one extra line to it. To do that, just type the command:
Of course, you may use any editor you like (vi, Emacs, joe, pico, etc.). Now, insert the following line:
daemon.debug;*.info /var/log/ppp_articleRemember that there should be a tab between info and /var/log/ppp_article.
Now, you have to make sure that the dæmon syslogd knows about the change in its configuration file. To achieve this, run the command:
killall -HUP syslogd
The file /var/log/ppp_article should have been created and should contain one line that tells you that syslogd has been restarted. To check that this is true, you can type the following command:
cat /var/log/ppp_article Aug 4 19:28:46 merc_linux syslogd 1.3-3: restart.Instead of the cat command, which just reads a file, you can use the command tail with the option -f. This will keep on reading a file and will print on the screen any new information added to it. This means that as soon as syslogd writes anything on the file ppp_article, tail will show it on the screen:
tail -f /var/log/ppp_article Aug 4 19:28:46 merc_linux syslogd 1.3-3: restart.From now on, any logging information recorded by pppd or chat will appear on the screen automatically. You really should keep this console open always, and check for messages whenever you need to.
As you probably saw in Part I of this article, in order to establish the serial connection, you have to send the string ATDT12345678 (with your provider's phone number, of course) to your modem and wait for the string CONNECT to come back from the modem itself (that would happen once the connection has established). Some messages other than CONNECT might be returned: BUSY, NO CARRIER, NO ANSWER, etc. In the previous article, you tried this practically, using minicom.
Even though you could do all of this by hand using minicom, you might want to use a program that does it all for you. The program should be able to talk to the modem, sending information and expecting a particular string as a response. Of course, such a program does exist, and it's called chat. For example, try to run the following command:
chat ABORT "BUSY" "OK" "TRY" "THIS" "TESTING" "COMMAND"
Be careful, because from now on the keyboard will be locked and you won't be able to quit the program, not even by pressing Ctrl-C. Type ok. The word TRY will pop out. Now type this; the word TESTING will appear on the screen. Finally, type command; the program chat will exit successfully. Try to run the command again: type ok, and again you will see the string TRY come out. At this point, type busy: the program will exit immediately. As you can guess, the chat program is designed to wait for a string and print something as a response. The first two words, ABORT BUSY, are special and instruct chat to exit if the word BUSY is received at any point during its execution. If something goes wrong, you can run the same chat command adding the switch -v:
chat -v ABORT "BUSY" "OK" "TRY" "THIS" "TESTING" "COMMAND"The -v option stands for verbose, meaning that chat will tell you exactly what is going on, what it is expecting and so on. Of course, all the debug information will be recorded in /var/log/ppp_article if you followed the instructions I gave you earlier about syslogd. Let's analyze a different chat command:
chat ABORT "BUSY" "" "AT" "OK" "ATDT93355100" "CONNECT"As you can probably guess, you will have to behave like a modem in order to get chat to exit successfully. It will send you an AT string, and you have to type ok. Then, it will send you the string ATDT93355100 and wait until you type connect. Then, it will exit. This probably sounds familiar to most readers; this is exactly what you need to connect to your ISP, if you could get chat to talk to the modem and not the keyboard. The command I use for my provider is:
chat ABORT BUSY ABORT "NO CARRIER" TIMEOUT 120 "" AT OK ATDT94310999 CONNECTIt's very simplistic, and as a matter of fact, it could be done a lot better. But in my case, it does the job and I am perfectly happy with it. You should have a look at the man page for chat (just type man chat) and look at the options it offers; later, you might want to change your connection script so that it uses all of the fancy options offered by chat. The next step is to write a shell script that encapsulates the chat command you wrote. The file will be placed in /etc/ppp and will be called chat-connect. To create it, just type the command:
vi /etc/ppp/chat-connect(of course, you can use any editor you like if you don't like vi). The script should look like this:
#!/bin/sh chat ABORT BUSY ABORT "NO CARRIER" TIMEOUT 120 "" AT OK ATDT94310999 CONNECTYou should substitute 94310999 with your ISP's dial-up number. Now, save and exit the editor. You need to make the script executable, with the chmod command:
chmod +x /etc/ppp/chat-connectSee if the script works by running
/etc/ppp/chat-connectIf it works, you moved one step toward your working internet connection. Effectively, you are very close to the goal. All you have to do is run pppd with the right parameters.
At this point you can start to work on the actual pppd configuration. The files involved are /etc/ppp/options, /etc/ppp/chap-secrets, /etc/ppp/pap-secrets and /etc/ppp/peers.
The options file is used to give pppd a list of default options. For now you should make sure that the options file, stored in /etc/ppp, is totally empty; just edit it with your favorite editor and delete everything in it. If you don't feel comfortable deleting the content, you can comment all the lines out putting a # symbol in front of each line. It is important to have the options file empty to make sure you have a fresh start. The first thing now is to test if the chat script we wrote works in a real situation. In order to do that, you can run pppd with the minimum number of parameters:
pppd /dev/modem 38400 modem lock connect /etc/ppp/chat-connect
The parameters can be given to pppd in any order. The /dev/modem option represents the serial port that the modem is connected to (as you know, it is a symbolic link that points to the real ttyS device). The parameter modem instructs the pppd dæmon that it will be dealing with a modem connection, and not a straight serial cable between you and your provider. The word lock tells pppd to lock the modem while using it (if you don't know what that means, don't panic; basically it's a way of guaranteeing that no other program will be accessing the modem while your connection is up). The last option, connect, comes with the parameter /etc/ppp/chat-connect and tells pppd what program it should run to dial the number and connect to the internet service provider; in your case, it's the chat script you wrote in the previous section of the article.
If nothing seems to work, you should add the option -v to the chat script, try again and look at the logs—at this point, it's normally quite easy to fix problems. If everything goes well, you should be able to see your modem connecting and hear it going through the usual whistling noises. Now you should be able to connect to the Internet with only one extra step. Edit the file /etc/pap-secrets and add your password to that file, adding a line that looks like this:
your_username_here * your_password_here
Remember that there should be a tab between each word. Now you are ready for the big test, an actual connection. Try the following command:
pppd /dev/modem 38400 modem lock connect /etc/ppp/chat-connect user your_username_here defaultrouteThe only extra parameters are user (followed by your user name as it comes in /etc/ppp/pap-secrets) and the option defaultroute. This last option makes sure that your connection will be used by default by the packets that are supposed to reach the Internet. With this option, pppd will set up the correct routing table once the connection is established. You should see, in the log, a message like this:
Aug 4 16:12:23 merc_linux pppd: local IP address 188.8.131.52 Aug 4 16:12:23 merc_linux pppd: remote IP address 184.108.40.206If it didn't happen, you might have to run pppd with the debug option and read the log file (that is /var/log/ppp_article) to see what happened:
pppd /dev/modem 38400 modem lock connect /etc/ppp/chat-connect user your_username_here defaultroute debugIf everything worked, congratulations; you are now connected to the Internet. Remember that when you want to disconnect, you simply can type:
The next step is to test whether the connection actually works. The best way to see if the link is up is to run ifconfig (see Listing 1). This command shows you the active kernel network interfaces. In my case, I have lo, the standard loopback interface I will use if I want to connect to myself, and ppp0, which is the modem PPP interface.
To see if you actually are routing to the Internet, you can run the traceroute command, followed by any IP address. For now you should use the -n option in order to disable the DNS name resolution (that hasn't been configured yet). For example:
traceroute -n 220.127.116.11 traceroute to 18.104.22.168 (22.214.171.124), 30 hops max, 38 byte packets 1 126.96.36.199 (188.8.131.52) 181.518 ms 139.473 ms 149.822 ms 2 184.108.40.206 (220.127.116.11) 129.540 ms 139.739 ms 139.821 ms
19 18.104.22.168 (22.214.171.124) 479.696 ms 479.653 ms * 20 126.96.36.199 (188.8.131.52) 489.711 ms 479.644 ms 479.874 msThe IP 184.108.40.206 is the server for www.linux.org. The program traceroute will tell you about the path followed by the packets you send to the Internet. Now, you should make sure that you tell your system the IP of your DNS, through the file /etc/resolv.conf. My resolv.conf file looks like this:
nameserver 220.127.116.11 nameserver 18.104.22.168Some ISPs don't provide a DNS server address, as your computer is given one once the PPP handshake is completed. If that is the case, you simply can disconnect and reconnect using the usepeerdns option when you run pppd:
pppd /dev/modem 38400 modem lock connect /etc/ppp/chat-connect user your_username_here defaultroute usepeerdnsNow, you can try to see if your DNS is working, using, for example, the Telnet program. The Telnet program is only an excuse to see if the system was able to translate the name www.linux.org into an IP address.
telnet www.linux.org 80 Trying 22.214.171.124... Connected to www.linux.org. Escape character is '^]'.It worked! Now, you can start your browser (Netscape, Mozilla, Opera, Galeon, Lynx, etc.) and browse the Net as you like.
By now, everything should work well; the internet connection is up, and you can connect to the Internet whenever you want. There is, of course, room for improvement. The first thing to do would be to increase the speed of the serial port and see if everything still works. To do that, just substitute 38400 with 115200 in the pppd command line.
Also, after a couple of weeks you probably will start noticing that there is a high number of parameters that have to be typed for the command pppd. In fact, every time you want to connect you have to type:
pppd /dev/modem 115200 modem lock connect /etc/ppp/chat-connect user your_username_here defaultroute
The good news is that you can, of course, put all those parameters in a configuration file, /etc/ppp/options. So, in your case, the options file would look like this:
/dev/modem 115200 modem lock connect /etc/ppp/chat-connect user defaultrouteIn this file the order of the parameters really doesn't matter. From this point on, you will be able to connect to the Internet simply by typing the command pppd. What happens if you have several providers you might want to call? In this case, you can create several options files and then place them in /etc/ppp/peers. The output below shows what my peers directory looks like:
ls -l /etc/ppp/peers total 4 -rw-r--r-- 1 root root 197 Aug 4 15:41 main_net -rw-r--r-- 1 root root 189 Mar 11 2000 primusMy file /etc/ppp/options is empty; when I run pppd, I always run:
pppd call main_netThis way, the file /etc/ppp/peers/main_net will be used as well as my /etc/ppp/options file (which happens to be empty). If my main provider (Main Net) is down for some reason, I still can use some of my time-limited account with Primus.
Now, the best thing you can do is to read the man page for pppd (just type man pppd) and see if any of the esoteric options can somehow improve your connection. In Listing 2 you will find a very rich options file written by my friend and Linux guru Pancrazio De Mauro. Can you do better than that?
This process certainly can look quite scary; the amount of knowledge you must have to connect to the Internet using Linux seems ludicrous, especially if you compare it to the simplicity of the Windows Remote access interface; the comparison makes you wonder whether it was worthwhile doing everything by hand.
In my opinion, there are two main advantages in configuring everything by hand. The first one is that you can (and should) go through the many options of pppd to optimize your connection. The second is that from now on when you use a graphical interface to configure your internet access, you know exactly what is going on, and you can fix problems if the automatic process doesn't seem to work properly.
Before I finish, I would like to point out that there is a command-line program (no GUI) that automatically does everything I have explained in this article (find the modem, connect to the provider with the right parameters, etc.). The program is called wvdial (www.worldvisions.ca/wvdial/index.html). When I discovered it a few years ago, I found it rather amazing. I would suggest it to impatient people who want to connect to the Internet quickly without going through the hassle of knowing everything about pppd, chat, etc.