[Server-devel] pppd restarting mysteriously
James Cameron
quozl at laptop.org
Thu Jul 23 21:32:37 EDT 2009
On Thu, Jul 23, 2009 at 10:35:14PM +0530, Joshua N Pritikin wrote:
> I am attaching two logs. dell-desktop shows a working ppp session.
> schoolserver shows a ppp session which is terminated shortly after
> connecting.
I'm familiar with this symptom, I've seen it before on CDMA modems.
http://quozl.linux.org.au/mm-5100/ ... "PPP Renegotiations"
The symptom is that your pppd receives an LCP Configuration Request from
the modem that attempts to begin authentication all over again. pppd
handles this (correctly) by shutting down the link.
My analysis of this when I was observing the problem was that it was
caused by packets being sent with source IP addresses that the service
provider's network did not like. It might take up to 30 seconds between
the offending packet and the disconnection.
What I'd like you to try is to add an iptables rule to prevent any
packets being sent through the modem that are *from* IP addresses the
service provider's network does not expect. This is what I used in an
/etc/ppp/ip-up.d on Debian:
# drop anything untoward
iptables --insert OUTPUT 1 --source 192.168.0.0/255.255.0.0 \
--destination 0.0.0.0/0.0.0.0 --jump DROP \
--out-interface ${PPP_IFACE}
iptables --insert OUTPUT 1 --source 10.0.0.0/255.255.0.0 \
--destination 0.0.0.0/0.0.0.0 --jump DROP \
--out-interface ${PPP_IFACE}
(In my case the 192.168.0.0/16 address range was a satellite service,
and the 10/8 range was my LAN. You should substitute your available
networks on the school server.)
Another thing you can do is use tcpdump to log all the packets in order
to look for what might have triggered the event.
At one stage I used the pppd "record" option, and wireshark on the
resultant file, to verify pppd was doing everything it could. But in
the end it was the packets shown by tcpdump that proved my theory.
--
James Cameron
http://quozl.linux.org.au/
More information about the Server-devel
mailing list