Results 1 to 5 of 5

Thread: network advice for ppp0

  1. #1

    Default network advice for ppp0

    Greetings!

    A Leap-42.3, running as KVM guest, serves as internet gateway (GTW 192.168.1.222) for the local network (192.168.1.0)

    The networkdevice eth0 is intern and eth1 is extern.
    Both devices are bridged from the KVM host.

    Firewalling is done with SuSEFirewall2, everything standard.

    Works well since years.

    Sometimes, once a year or so, the cable-modem (internet connection eth1) fails and I need a backup internet connection.
    For this purpouse I use a HuaweiE220 UBS stick attached to the gateway computer.

    Using wvdial I dial up my GSM internet provider, works well so far.
    ifconfig shows the device ppp0 and journalctl -f shows

    Jun 14 12:32:27 GTW pppd[7131]: Plugin passwordfd.so loaded.
    Jun 14 12:32:27 GTW pppd[7131]: pppd 2.4.7 started by monitor, uid 0
    Jun 14 12:32:27 GTW pppd[7131]: Using interface ppp0
    Jun 14 12:32:27 GTW pppd[7131]: Connect: ppp0 <--> /dev/ttyUSB0
    Jun 14 12:32:27 GTW pppd[7131]: CHAP authentication succeeded
    Jun 14 12:32:27 GTW pppd[7131]: CHAP authentication succeeded
    Jun 14 12:32:31 GTW pppd[7131]: Could not determine remote IP address: defaulting to 10.64.64.64
    Jun 14 12:32:31 GTW pppd[7131]: local IP address 10.27.128.130
    Jun 14 12:32:31 GTW pppd[7131]: remote IP address 10.64.64.64
    Jun 14 12:32:31 GTW pppd[7131]: primary DNS address xxx.xxx.xxx.xxx
    Jun 14 12:32:31 GTW pppd[7131]: secondary DNS address yyy.yyy.yyy.yyy
    Jun 14 12:32:31 GTW nscd[666]: 666 monitored file `/etc/resolv.conf` was written to
    Jun 14 12:32:31 GTW pppd[7131]: Script /etc/ppp/ip-up finished (pid 7138), status = 0x0


    The settings of SuSEFirewall2 are obviously sufficient to protect the gateway machine from outside access.
    A networkcheck shows no open ports, as expected.

    Intenet browsing from GTW works.

    However, internet access from a network client 192.168.1.20 does not work, it is filtered by the default SuSEFirewall2 setting:
    Jun 14 12:32:35 GTW kernel: SFW2-FWDint-DROP-DEFLT IN=eth0 OUT=ppp0 MAC=aa:bb:00:00:02:22:34:97:f6:a3:59:e1:08:00 SRC=192.168.1.20 DST=aaa.aaa.aaa.aaa LEN=66 TOS=0x00 PREC=0x00 TTL=127 ID=30822 PROTO=UDP SPT=56162 DPT=53 LEN=46

    The OUT device ppp0 is filtered.

    Questions:
    1) Do I have to manually insert aNAT rule to the firewall/iptables to provide network address translation from eth0 to ppp0?

    2) What would be the appropriate approach to configure the ppp0 interface with yast, defining it as external device?



    Thanks for reading and hints
    Wolf

  2. #2
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    21,557
    Blog Entries
    1

    Default Re: network advice for ppp0

    This guide should be enough to get internet sharing working as desired...
    https://wiki.archlinux.org/index.php...#With_iptables

    An openSUSE guide using YaST to help with the necessary....
    https://en.opensuse.org/SDB:Internet_connection_sharing
    openSUSE Leap 15.2; KDE Plasma 5

  3. #3
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,278
    Blog Entries
    2

    Default Re: network advice for ppp0

    Answering your specific questions...

    I'm not sure that any YaST reference will help since you're using wvdial to connect using your Huawei.
    In fact, the general recommendation is to set up Network Manager to support PPPoE connections... but if you want to use wvdial and you have it working, that's fine. But, if you set up Network Manager for both Internet providers, you'll be able to switch between Providers more easily (IMO).

    So, for instance right now it's possible your Internet Connection sharing is not working because when you switch off your eth1 connection, ICS isn't enabled for your alternate dialup upstream connection using wvdial, and requires a configuration for wvdial. But, if you used Network Manager for both connections, then a single ICS configuration would work for both.

    The above should address your most likely problem...
    For anything beyond that, do you have any other LAN Hosts set up (virtual or physical)?
    Comparing which machines work and what don't is typically a first step in troubleshooting.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  4. #4

    Default Re: network advice for ppp0

    Thanks, TSU;

    Adding ppp0 to the line
    FW_DEV_EXT="eth0 ppp0" in /etc/sysconfig/SuSEfirewall2
    and
    defaultroute and replacedefaultroute in /etc/ppp/peers/wvdial
    made the thing work with wvdial, embedded in a script.

    Wolf

  5. #5
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,278
    Blog Entries
    2

    Default Re: network advice for ppp0

    Quote Originally Posted by WolfGrossi View Post
    Thanks, TSU;

    Adding ppp0 to the line
    FW_DEV_EXT="eth0 ppp0" in /etc/sysconfig/SuSEfirewall2
    and
    defaultroute and replacedefaultroute in /etc/ppp/peers/wvdial
    made the thing work with wvdial, embedded in a script.

    Wolf
    That's one way to make it work, the tiny bit of extra latency shouldn't be noticeable on a client machine.

    Congrats.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •