propppctl(1) ProL2TP Manual propppctl(1)
NAME
propppctl - Command line control utility for propppd
SYNOPSIS
propppctl
create create-args...
destroy ppp-instance
show ppp-instance or ultilink-bundle
status
list options
DESCRIPTION
The propppctl utility is used to configure and control the propppd(8)
daemon. PPP instances may be created or destroyed, and daemon runtime
status may be queried.
The command name is the first argument. The arguments accepted differs
for each command.
CREATE
Creates a new PPP instance. Each instance is assigned a unique name of
the form session-N. This name can be used as an argument to SHOW and
DESTROY commands to operate on the instance.
DESTROY
Destroys the named PPP instance. PPP LCP messages are sent to the peer
to terminate the connection.
SHOW
Shows information about the named PPP instance or multilink bundle.
STATUS
Shows status information about propppd, such as the number of PPP in-
stances, RADIUS requests and events.
LIST
Prints a summary of all PPP instances. For each instance, its name,
connection state and PPP username (if available) may be listed. The us-
er may list only the PPP instances which are up or only those which are
down.
OPTIONS
CREATE
The create command creates a new PPP instance. Arguments are specified
as a space-separated list. If an argument takes a value, the value is
given in the word following the argument name. e.g.
propppctl create param1 param1value param2 param3 param3value
propppd supports PPP over several different link types.
o Ethernet (PPPoE)
o L2TP (PPPoL2TP)
o Serial tty device
The following sections describe all of the options available. Many ar-
guments are the same as those used in pppd(8)
Common Options
auth Require the peer to authenticate itself before allowing network
packets to be sent or received.
mru n Set the MRU [Maximum Receive Unit] value to n. Propppd will ask
the peer to send packets of no more than n bytes. The value of
n must be between 128 and 16384; the default is 1500. Note that
for the IPv6 protocol, the MRU must be at least 1280.
mtu n Set the MTU [Maximum Transmit Unit] value to n. Unless the peer
requests a smaller value via MRU negotiation, propppd will re-
quest that the kernel networking code send data packets of no
more than n bytes through the PPP network interface. Note that
for the IPv6 protocol, the MTU must be at least 1280.
passive
Enables the "passive" option in the LCP. With this option,
propppd will attempt to initiate a connection; if no reply is
received from the peer, propppd will then just wait passively
for a valid LCP packet from the peer, instead of terminating, as
it would without this option.
<local_IP_address>:<remote_IP_address>
Set the local and/or remote interface IP addresses. Either one
may be omitted. The IP addresses can be specified with a host
name or in decimal dot notation (e.g. 150.234.56.78). The re-
mote address will be obtained from the peer if not specified in
any option. If a local and/or remote IP address is specified
with this option, propppd will not accept a different value from
the peer in the IPCP negotiation, unless the ipcp-accept-local
and/or ipcp-accept-remote options are given, respectively.
+ipv6 Enable the IPv6CP and IPv6 protocols.
ipv6 <local_interface_id>,<remote_interface_id>
Set the local and/or remote 64-bit interface identifier. Either
one may be omitted. The identifier must be specified in standard
ASCII notation of IPv6 addresses (e.g. ::dead:beef). If the
ipv6cp-use-ipaddr option is given, the local identifier is the
local IPv4 address (see above). On systems which supports a
unique persistent id, such as EUI-48 derived from the Ethernet
MAC address, ipv6cp-use-persistent option can be used to replace
the ipv6 <local>,<remote> option. Otherwise the identifier is
randomized.
allow-ip address(es)
Allow peers to use the given IP address or subnet without au-
thenticating themselves. The parameter is parsed as for each
element of the list of allowed IP addresses in the secrets files
(see the AUTHENTICATION section in propppd.conf(5) ).
bsdcomp nr,nt
Request that the peer compress packets that it sends, using the
BSD-Compress scheme, with a maximum code size of nr bits, and
agree to compress packets sent to the peer with a maximum code
size of nt bits. If nt is not specified, it defaults to the
value given for nr. Values in the range 9 to 15 may be used for
nr and nt; larger values give better compression but consume
more kernel memory for compression dictionaries. Alternatively,
a value of 0 for nr or nt disables compression in the corre-
sponding direction. Use nobsdcomp or bsdcomp 0 to disable BSD-
Compress compression entirely.
chap-interval n
If this option is given, propppd will rechallenge the peer every
n seconds.
chap-max-challenge n
Set the maximum number of CHAP challenge transmissions to n (de-
fault 10).
chap-restart n
Set the CHAP restart interval (retransmission timeout for chal-
lenges) to n seconds (default 3).
debug Enables connection debugging facilities. If this option is giv-
en, propppd will enable debug messages for the PPP instance
which may be useful to diagnose connection problems.
loglevel level
Sets the PPP instance debug log level. level must be one of "er-
ror", "warning", "notice", "info" or "debug". "loglevel debug"
is equivalent to the debug option.
default-mru
Disable MRU [Maximum Receive Unit] negotiation. With this op-
tion, propppd will use the default MRU value of 1500 bytes for
both the transmit and receive direction.
deflate nr,nt
Request that the peer compress packets that it sends, using the
Deflate scheme, with a maximum window size of 2**nr bytes, and
agree to compress packets sent to the peer with a maximum window
size of 2**nt bytes. If nt is not specified, it defaults to the
value given for nr. Values in the range 9 to 15 may be used for
nr and nt; larger values give better compression but consume
more kernel memory for compression dictionaries. Alternatively,
a value of 0 for nr or nt disables compression in the corre-
sponding direction. Use nodeflate or deflate 0 to disable De-
flate compression entirely. (Note: propppd requests Deflate
compression in preference to BSD-Compress if the peer can do ei-
ther.)
domain d
Append the domain name d to the local host name for authentica-
tion purposes. For example, if gethostname() returns the name
porsche, but the fully qualified domain name is
porsche.Quotron.COM, you could specify domain Quotron.COM.
Propppd would then use the name porsche.Quotron.COM for looking
up secrets in the secrets file, and as the default name to send
to the peer when authenticating itself to the peer. This option
is privileged.
enable-session
Enables session accounting via PAM. When PAM is enabled, the
PAM "account" and "session" module stacks determine behavior,
and are enabled for all PPP authentication protocols. PAM may
be configured separately to record wtmp/wtmpx entries for each
login, making peers visible in the last(1) log. See pam.conf(5)
for more information. This feature is automatically enabled
when the propppd login option is used. Session accounting is
disabled by default.
endpoint <epdisc>
Sets the endpoint discriminator sent by the local machine to the
peer during multilink negotiation to <epdisc>. The default is
to use the MAC address of the first ethernet interface on the
system. The endpoint discriminator can be the string null or of
the form type:value, where type is a decimal number or one of
the strings local, IP, MAC, magic, or phone. The value is an IP
address in dotted-decimal notation for the IP type, or a string
of bytes in hexadecimal, separated by periods or colons for the
other types. For the MAC type, the value may also be the name
of an ethernet or similar network interface.
eap-interval n
If this option is given and propppd authenticates the peer with
EAP (i.e., is the server), propppd will restart EAP authentica-
tion every n seconds.
eap-max-rreq n
Set the maximum number of EAP Requests to which propppd will re-
spond (as a client) without hearing EAP Success or Failure.
(Default is 20.)
eap-max-sreq n
Set the maximum number of EAP Requests that propppd will issue
(as a server) while attempting authentication. (Default is 10.)
eap-restart n
Set the retransmit timeout for EAP Requests when acting as a
server (authenticator). (Default is 3 seconds.)
eap-timeout n
Set the maximum time to wait for the peer to send an EAP Request
when acting as a client (authenticatee). (Default is 20 sec-
onds.)
ifname name
Sets the interface name to be assigned to the PPP interface when
it is established. The default name is assigned by the Linux
kernel using the 'pppN' naming convention.
holdoff n
Specifies how many seconds to wait before re-initiating the link
after it terminates. This option only has any effect if the
persist option is used. The holdoff period is not applied if
the link was terminated because it was idle.
idle n Specifies that propppd should disconnect if the link is idle for
n seconds. The link is idle when no data packets (i.e. IP pack-
ets) are being sent or received. Note: it is not advisable to
use this option with the persist option.
ipcp-accept-local
With this option, propppd will accept the peer's idea of our lo-
cal IP address, even if the local IP address was specified in an
option.
ipcp-accept-remote
With this option, propppd will accept the peer's idea of its
(remote) IP address, even if the remote IP address was specified
in an option.
ipcp-max-configure n
Set the maximum number of IPCP configure-request transmissions
to n (default 10).
ipcp-max-failure n
Set the maximum number of IPCP configure-NAKs returned before
starting to send configure-Rejects instead to n (default 10).
ipcp-max-terminate n
Set the maximum number of IPCP terminate-request transmissions
to n (default 3).
ipcp-restart n
Set the IPCP restart interval (retransmission timeout) to n sec-
onds (default 3).
ipv6cp-accept-local
With this option, propppd will accept the peer's idea of our lo-
cal IPv6 interface identifier, even if the local IPv6 interface
identifier was specified in an option.
ipv6cp-max-configure n
Set the maximum number of IPv6CP configure-request transmissions
to n (default 10).
ipv6cp-max-failure n
Set the maximum number of IPv6CP configure-NAKs returned before
starting to send configure-Rejects instead to n (default 10).
ipv6cp-max-terminate n
Set the maximum number of IPv6CP terminate-request transmissions
to n (default 3).
ipv6cp-restart n
Set the IPv6CP restart interval (retransmission timeout) to n
seconds (default 3).
kdebug n
Enable debugging code in the kernel-level PPP driver. The argu-
ment values depend on the specific kernel driver, but in general
a value of 1 will enable general kernel debug messages. (Note
that these messages are usually only useful for debugging the
kernel driver itself.) On most systems, messages printed by the
kernel are logged by syslog(1) to a file as directed in the
/etc/syslog.conf configuration file.
lcp-echo-failure n
If this option is given, propppd will presume the peer to be
dead if n LCP echo-requests are sent without receiving a valid
LCP echo-reply. If this happens, propppd will terminate the
connection. Use of this option requires a non-zero value for
the lcp-echo-interval parameter. This option can be used to en-
able propppd to terminate after the physical connection has been
broken (e.g., the modem has hung up) in situations where no
hardware modem control lines are available.
lcp-echo-interval n
If this option is given, propppd will send an LCP echo-request
frame to the peer every n seconds. Normally the peer should re-
spond to the echo-request by sending an echo-reply. This option
can be used with the lcp-echo-failure option to detect that the
peer is no longer connected.
lcp-max-configure n
Set the maximum number of LCP configure-request transmissions to
n (default 10).
lcp-max-failure n
Set the maximum number of LCP configure-NAKs returned before
starting to send configure-Rejects instead to n (default 10).
lcp-max-terminate n
Set the maximum number of LCP terminate-request transmissions to
n (default 3).
lcp-restart n
Set the LCP restart interval (retransmission timeout) to n sec-
onds (default 3).
login Use the system password database for authenticating the peer us-
ing PAP. Note that the peer must have an entry in the
/etc/proppp/pap-secrets file as well as the system password
database to be allowed access. If the password given in
/etc/proppp/pap-secrets is the special value @login, the pass-
word is obtained from the system's password file /etc/passwd.
See also the enable-session option.
maxconnect n
Terminate the connection when it has been available for network
traffic for n seconds (i.e. n seconds after the first network
control protocol comes up).
maxfail n
Terminate after n consecutive failed connection attempts. A
value of 0 means no limit. The default value is 10.
mpshortseq
Enables the use of short (12-bit) sequence numbers in multilink
headers, as opposed to 24-bit sequence numbers. This option on-
ly has any effect if multilink is enabled (see the multilink op-
tion).
mrru n Sets the Maximum Reconstructed Receive Unit to n. The MRRU is
the maximum size for a received packet on a multilink bundle,
and is analogous to the MRU for the individual links. This op-
tion only has any effect if multilink is enabled (see the multi-
link option).
ms-dns <addr>
If propppd is acting as a server for Microsoft Windows clients,
this option allows propppd to supply one or two DNS (Domain Name
Server) addresses to the clients. The first instance of this
option specifies the primary DNS address; the second instance
(if given) specifies the secondary DNS address.
ms-wins <addr>
If propppd is acting as a server for Microsoft Windows or "Sam-
ba" clients, this option allows propppd to supply one or two
WINS (Windows Internet Name Services) server addresses to the
clients. The first instance of this option specifies the prima-
ry WINS address; the second instance (if given) specifies the
secondary WINS address.
multilink
Enables the use of the PPP multilink protocol. If the peer also
supports multilink, then this link can become part of a bundle
between the local system and the peer. If there is an existing
bundle to the peer, propppd will join this link to that bundle,
otherwise propppd will create a new bundle. See the MULTILINK
section below.
name name
Set the name of the local system for authentication purposes to
name. With this option, propppd will use lines in the secrets
files which have name as the second field when looking for a se-
cret to use in authenticating the peer. In addition, unless
overridden with the user option, name will be used as the name
to send to the peer when authenticating the local system to the
peer. (Note that propppd does not append the domain name to
name.)
noaccomp
Disable Address/Control compression in both directions (send and
receive).
noauth Do not require the peer to authenticate itself.
nobsdcomp
Disables BSD-Compress compression; propppd will not request or
agree to compress packets using the BSD-Compress scheme.
noccp Disable CCP (Compression Control Protocol) negotiation. This
option should only be required if the peer is buggy and gets
confused by requests from propppd for CCP negotiation.
nodeflate
Disables Deflate compression; propppd will not request or agree
to compress packets using the Deflate scheme.
noendpoint
Disables propppd from sending an endpoint discriminator to the
peer or accepting one from the peer (see the MULTILINK section
below). This option should only be required if the peer is bug-
gy.
noip Disable IPCP negotiation and IP communication. This option
should only be required if the peer is buggy and gets confused
by requests from propppd for IPCP negotiation.
noipv6 Disable IPv6CP negotiation and IPv6 communication. This option
should only be required if the peer is buggy and gets confused
by requests from propppd for IPv6CP negotiation.
noipdefault
Disables the default behaviour when no local IP address is spec-
ified, which is to determine (if possible) the local IP address
from the hostname. With this option, the peer will have to sup-
ply the local IP address during IPCP negotiation (unless it
specified explicitly on the command line).
nomagic
Disable magic number negotiation. With this option, propppd
cannot detect a looped-back line. This option should only be
needed if the peer is buggy.
nompshortseq
Disables the use of short (12-bit) sequence numbers in the PPP
multilink protocol, forcing the use of 24-bit sequence numbers.
This option only has any effect if multilink is enabled.
nomultilink
Disables the use of PPP multilink.
nopcomp
Disable protocol field compression negotiation in both the re-
ceive and the transmit direction.
nopredictor1
Do not accept or agree to Predictor-1 compression.
novj Disable Van Jacobson style TCP/IP header compression in both the
transmit and the receive direction.
novjccomp
Disable the connection-ID compression option in Van Jacobson
style TCP/IP header compression. With this option, propppd will
not omit the connection-ID byte from Van Jacobson compressed
TCP/IP headers, nor ask the peer to do so.
papcrypt
Indicates that all secrets in the /etc/proppp/pap-secrets file
which are used for checking the identity of the peer are en-
crypted, and thus propppd should not accept a password which,
before encryption, is identical to the secret from the
/etc/proppp/pap-secrets file.
pap-max-authreq n
Set the maximum number of PAP authenticate-request transmissions
to n (default 10).
pap-restart n
Set the PAP restart interval (retransmission timeout) to n sec-
onds (default 3).
pap-timeout n
Set the maximum time that propppd will wait for the peer to au-
thenticate itself with PAP to n seconds (0 means no limit).
password password-string
Specifies the password to use for authenticating to the peer.
persist
If the connection is terminated, try to reopen the connection.
The maxfail option still has an effect on persistent connec-
tions.
predictor1
Request that the peer compress frames that it sends using Pre-
dictor-1 compression, and agree to compress transmitted frames
with Predictor-1 if requested. This option has no effect unless
the kernel driver supports Predictor-1 compression.
profile
Tells propppd to fetch additional arguments from the named pro-
file defined in propppd.conf(5). The profile must exist. This
option may be specified multiple times.
proxyarp
Add an entry to this system's ARP [Address Resolution Protocol]
table with the IP address of the peer and the Ethernet address
of this system. This will have the effect of making the peer
appear to other systems to be on the local ethernet.
receive-all
With this option, propppd will accept all control characters
from the peer, including those marked in the receive asyncmap.
Without this option, propppd will discard those characters as
specified in RFC1662. This option should only be needed if the
peer is buggy.
remotename name
Set the assumed name of the remote system for authentication
purposes to name.
remotenumber number
Set the assumed telephone number of the remote system for au-
thentication purposes to number.
refuse-chap
With this option, propppd will not agree to authenticate itself
to the peer using CHAP.
refuse-eap
With this option, propppd will not agree to authenticate itself
to the peer using EAP.
refuse-pap
With this option, propppd will not agree to authenticate itself
to the peer using PAP.
require-chap
Require the peer to authenticate itself using CHAP [Challenge
Handshake Authentication Protocol] authentication.
require-eap
Require the peer to authenticate itself using EAP [Extensible
Authentication Protocol] authentication.
require-pap
Require the peer to authenticate itself using PAP [Password Au-
thentication Protocol] authentication.
scope string
This option is ignored if not using multilink. It adds a string
to the key used to match multilink links with bundles. It may be
useful to associate links with specific multilink bundles when
there is more than one multilink bundle to a peer.
set name=value
Set a variable for use by external applications that listen for
and receive events from propppd. The variables and values are
included in the PPP event data sent by propppd when a PPP in-
stance is destroyed or changes state.
silent With this option, propppd will not transmit LCP packets to ini-
tiate a connection until a valid LCP packet is received from the
peer.
sync Use synchronous HDLC serial encoding instead of asynchronous.
The device used by propppd with this option must have sync sup-
port.
user name
Sets the name used for authenticating the local system to the
peer to name.
vj-max-slots n
Sets the number of connection slots to be used by the Van Jacob-
son TCP/IP header compression and decompression code to n, which
must be between 2 and 16 (inclusive).
radius Enables RADIUS authentication. propppd will contact the RADIUS
servers specified in propppd.conf(5) when establishing and man-
aging the PPP instance if RADIUS operations are enabled for the
PPP instance.
rad-nas-ip-addr ip-address
Sets the value set in the RADIUS NAS-IP-Address AVP in RADIUS
messages sent to the RADIUS server. By default, no NAS-IP-Ad-
dress data is sent.
rad-nas-id string
Sets the value set in the RADIUS NAS-Id AVP in RADIUS messages
sent to the RADIUS server. By default, no NAS-Id data is sent.
rad-calling-station-id string
Sets the value set in the RADIUS Calling-Station-ID AVP in RA-
DIUS messages sent to the RADIUS server. By default, no Calling-
Station-ID data is sent.
rad-nas-port-type number
Sets the value set in the RADIUS NAS-Port-Type AVP in RADIUS
messages sent to the RADIUS server. By default, no NAS-Port-Type
data is sent.
rad-nas-port number
Sets the value set in the RADIUS NAS-Port AVP in RADIUS messages
sent to the RADIUS server. By default, no NAS-Port data is sent.
rad-acct
Indicates that RADIUS accounting messages should be sent to a
RADIUS Accounting server when the PPP instance is established
and when it closes. The default is that no RADIUS Accounting
messages are sent.
rad-acct-interim-interval number
Specifies the periodic interval (as a number of seconds) with
which propppd will send RADIUS Interim Accounting updates to the
RADIUS Accounting server. Such messages are used to gather usage
statistics of a PPP instance over time. The default is 0 (no in-
terim updates are sent).
Ethernet
The following arguments may be used for PPP instances which use PPPoE.
pppoe devicename
Indicates that the PPP instance will use PPPoE on the indicated
device. The PPPoE session must already be established with the
PPPoE server.
pppoe-session-id number
The PPPoE session ID to be used for the instance. This is the
ID provided by the PPPoE server when establishing the session.
pppoe-peer-mac mac-address
The MAC address of the interface to direct PPPoE packets to.
This is the MAC of the PPPoE server the session is established
with.
L2TP
The following arguments may be used for PPP instances which use L2TP.
The L2TP tunnel and session must already be established. Since L2TP
sessions are created by an external L2TP application, these options
would probably only be used by the L2TP application.
pppol2tp
Indicates that the PPP instance will use L2TP.
pppol2tp_fd number
The file descriptor of the L2TP tunnel. This is usually a UDP
socket, but may also be an L2TPIP socket if the tunnel uses
L2TPv3 IP encapsulation.
pppol2tp_protocol_version number
The L2TP protocol version. Must be 2 or 3 and must match the
L2TP protocol version of the tunnel identified by the pp-
pol2tp_tunnel_id parameter.
pppol2tp_lns_mode
Indicates that this side of the PPP connection is at an L2TP
LNS. This enables L2TP-specific behaviour where LCP packets are
checked for ACCM settings. The default is that propppd does not
snoop LCP packets.
pppol2tp_send_seq
Indicates that L2TP sequence numbers should be added to trans-
mitted L2TP data packets. Sequence numbers may be used by the
peer to reorder packets. The default is off.
pppol2tp_recv_seq
Indicates that L2TP sequence numbers should be checked in re-
ceived L2TP data packets and packets optionally reordered. The
default is off.
pppol2tp_reorderto number
If pppol2tp_recv_seq is specified, this parameter sets the time
which out-of-sequence packets should be held while trying to re-
order them. The default is 0 (reordering disabled).
pppol2tp_debug_mask mask
This option may be used to enable debug messages in the L2TP PPP
implementation. The mask is a bitmask of debug options: bit0 -
verbose, bit1 - control API, bit2 - sequence numbers, bit3 - da-
ta packets. The default is 0 (no debug).
pppol2tp_ifname name
This option is deprecated. Use the equivalent ifname option in-
stead.
pppol2tp_tunnel_id number
Specifies the L2TP tunnel-id. This identifies the L2TP tunnel
instance over which the new PPP instance will be established.
The tunnel must already exist.
pppol2tp_session_id number
Specifies the L2TP session-id. This identifies the L2TP session
instance within the L2TP tunnel over which the new PPP instance
will be established. The session must already exist.
pppol2tp_peer_tunnel_id number
Specifies the L2TP peer tunnel-id. This identifies the L2TP tun-
nel instance over which the new PPP instance will be estab-
lished. The tunnel must already exist.
pppol2tp_peer_session_id number
Specifies the L2TP peer session-id. This identifies the L2TP
session instance over which the new PPP instance will be estab-
lished. The session must already exist.
Serial tty device
The following arguments may be used for PPP instances which use a seri-
al device.
allow-number number
Allow peers to connect from the given telephone number. A
trailing `*' character will match all numbers beginning with the
leading part.
local If using serial terminal devices, this option tells propppd to
not use the modem control lines. With this option, propppd will
ignore the state of the CD (Carrier Detect) signal from the mo-
dem and will not change the state of the DTR (Data Terminal
Ready) signal. This is the opposite of the modem option.
ttyname
Use the serial port called ttyname to communicate with the peer.
If ttyname does not begin with a slash (/), the string "/dev/"
is prepended to ttyname to form the name of the device to open.
speed This option sets the desired baud rate for the serial device.
asyncmap map
This option sets the Async-Control-Character-Map (ACCM) for this
end of the link. The ACCM is a set of 32 bits, one for each of
the ASCII control characters with values from 0 to 31, where a 1
bit indicates that the corresponding control character should
not be used in PPP packets sent to this system. The map is en-
coded as a hexadecimal number (without a leading 0x) where the
least significant bit (00000001) represents character 0 and the
most significant bit (80000000) represents character 31. Propp-
pd will ask the peer to send these characters as a 2-byte escape
sequence. If multiple asyncmap options are given, the values
are ORed together. If no asyncmap option is given, the default
is zero, so propppd will ask the peer not to escape any control
characters. To escape transmitted characters, use the escape
option.
crtscts
Specifies that propppd should set the serial port to use hard-
ware flow control using the RTS and CTS signals in the RS-232
interface. If neither the crtscts, the nocrtscts, the cdtrcts
nor the nocdtrcts option is given, the hardware flow control
setting for the serial port is left unchanged. Some serial
ports (such as Macintosh serial ports) lack a true RTS output.
Such serial ports use this mode to implement unidirectional flow
control. The serial port will suspend transmission when request-
ed by the modem (via CTS) but will be unable to request the mo-
dem to stop sending to the computer. This mode retains the abil-
ity to use DTR as a modem control line.
escape xx,yy,...
Specifies that certain characters should be escaped on transmis-
sion (regardless of whether the peer requests them to be escaped
with its async control character map). The characters to be es-
caped are specified as a list of hex numbers separated by com-
mas. Note that almost any character can be specified for the
escape option, unlike the asyncmap option which only allows con-
trol characters to be specified. The characters which may not
be escaped are those with hex values 0x20 - 0x3f or 0x5e.
modem Use the modem control lines. This option is the default. With
this option, propppd will wait for the CD (Carrier Detect) sig-
nal from the modem to be asserted when opening the serial device
and it will drop the DTR (Data Terminal Ready) signal briefly
when the connection is terminated. and before executing This is
the opposite of the local option.
nocrtscts
Disable hardware flow control (i.e. RTS/CTS) on the serial port.
If neither the crtscts nor the nocrtscts nor the cdtrcts nor the
nocdtrcts option is given, the hardware flow control setting for
the serial port is left unchanged.
nocdtrcts
This option is a synonym for nocrtscts. Either of these options
will disable both forms of hardware flow control.
xonxoff
Use software flow control (i.e. XON/XOFF) to control the flow of
data on the serial port.
DESTROY
The destroy command destroys a PPP instance. The instance is identified
by its name, e.g. "session-42" which must be given as a parameter. When
a PPP instance is destroyed, propppd will send LCP Term packets to the
peer. The instance is destroyed when the peer acknowledges the LCP mes-
sages, or after a timeout.
SHOW
The show command displays detailed information about a PPP instance.
The instance is identified by its name, e.g. "session-42" which must be
given as a parameter.
LIST
The list command is useful to show a summary of all PPP instances or a
subset of them. The following parameters may be used to filter the out-
put:
up list only PPP instances which are up.
down list only PPP instances which are down.
brief list only the PPP instance names, one per line. This may
be most useful for external scripting.
session-N
list only information for the specified PPP instance,
e.g. "session-101".
MULTILINK
Multilink PPP provides the capability to combine two or more PPP links
between a pair of machines into a single `bundle', which appears as a
single virtual PPP link which has the combined bandwidth of the indi-
vidual links.
Propppd detects that the link it is controlling is connected to the
same peer as another link using the peer's endpoint discriminator and
the authenticated identity of the peer. The endpoint discriminator is
a block of data which is hopefully unique for each peer. Several types
of data can be used, including locally-assigned strings of bytes, IP
addresses, MAC addresses, randomly strings of bytes, or E-164 phone
numbers. The endpoint discriminator sent to the peer by propppd can be
set using the endpoint option.
In some circumstances the peer may send no endpoint discriminator or a
non-unique value. The scope option adds an extra string which is added
to the peer's endpoint discriminator and authenticated identity when
matching up links to be joined together in a bundle. The scope option
can also be used to allow the establishment of multiple bundles between
the local system and the peer.
Assuming that multilink is enabled and the peer is willing to negotiate
multilink, then when propppd is invoked to bring up the first link to
the peer, it will detect that no other link is connected to the peer
and create a new bundle, that is, another ppp network interface unit.
When another link is brought up to the peer, it will detect the exist-
ing bundle and join its link to it.
If the first link terminates (for example, because of a received LCP
terminate-request) the bundle is not destroyed unless there are no oth-
er links remaining in the bundle. The first ppp instance of a bundle
remains after its link terminates, until all the links in the bundle
have terminated.
EXAMPLES
# propppctl create /dev/ttyS3 local 10.1.1.254: passive persist maxfail 0 \
require-pap refuse-chap refuse-eap \
radius rad-acct rad-acct-interim-interval 600
# propppctl list
Name Interface Multilink Duration State User
session-1 ppp0 - 0:02:21 UP dave
session-2 ppp1 - 0:02:21 UP bob
session-3 ppp2 multilink-1 0:00:18 UP alfie
session-4 ppp2 multilink-1 0:00:18 UP alfie
# propppctl list session-2
session-3 ppp2 - 0:02:23 UP bob
# propppctl list up
Name Interface Multilink Duration State User
session-1 ppp0 - 0:02:55 UP dave
session-2 ppp1 - 0:02:55 UP bob
session-3 ppp2 multilink-1 0:00:52 UP alfie
session-4 ppp2 multilink-1 0:00:52 UP alfie
# propppctl list down
Name Interface Multilink Duration State User
# propppctl list up brief
4 contexts
session-1
session-2
session-3
session-4
# propppctl list brief down
0 contexts
# propppctl show session-3
interface name: ppp2
created: 2021-03-04 16:11:16
type: tty
debug: 7
connect delay: 1000
state: RUNNING
connect time: 0.1 minutes
link mtu: 1500, peer mru: 1500
run count: 20
tty:
baud: 38400, hardware flow control: no
sync: no, stop bits: 1
lcp:
echo interval: 0, max echo failures: 0
want: pap asyncmap magic mru mrru pcomp accomp epdisc
got: pap asyncmap magic mru mrru pcomp accomp epdisc
allow: asyncmap magic mru mrru pcomp accomp epdisc
his: asyncmap magic mrru pcomp accomp epdisc
state: OPENED
timeout: 3
max confreqs: 10, max termreqs: 2
retransmits: 10, naks: 0
naks since last ack: 0
ccp:
want: bsd deflate
got: bsd deflate
allow: bsd deflate predictor1
his: bsd deflate
state: OPENED
timeout: 3
max confreqs: 10, max termreqs: 2
retransmits: 10, naks: 0
naks since last ack: 0
ipcp:
want: negaddr reqaddr
got: negaddr reqaddr
allow: negaddr proxyarp
his: negaddr
state: OPENED
timeout: 3
max confreqs: 10, max termreqs: 2
retransmits: 10, naks: 0
naks since last ack: 0
local ip: 10.1.1.254
peer ip: 10.1.1.2
pap:
auth timeout: 30, retransmit interval: 3
our state: OPEN, peer state: CLOSED
chap:
timeout: 3, rechallenge time: 0
local state: lowerup
transmits: 0
peer state: lowerup
eap:
local:
state: Closed
requests: 0, responses: 0
timeout: 3, max requests: 10
peer:
state: Closed
requests: 0, responses: 0
timeout: 20, max requests: 20
auth:
remote name: 'alfie'
config: local: , peer:
done: local: pap, peer:
multilink:
bundle: multilink-1
endpoint: 'MAC:00:1b:21:6a:7e:96'
mrru: 1500, mtru:1500
short-seq-tx: 0, short-seq-rx: 0
# propppctl show multilink-1
multilink-1:
key: 'test/MAC:00:1b:21:6a:7e:96/'
interface: ppp2
links: session-3 session-4
# propppctl status
ProPPP v2.2.0
support: support@prol2tp.com
License:
product: proppp
licensed to: Katalix Systems Ltd
PPP:
ppp instance count: 4
create requests: 4, failures: 0
destroy requests: 0, failures: 0
RADIUS:
access requests: 0, accepts: 0, rejects: 0, challenges: 0
accounting starts: 0, stops: 0, updates: 0, responses: 0
disconnect requests: 0, responses: 0
retransmits: 0, timeouts: 0
auth requests in progress: 0, accounting requests in progress: 0
Events:
created: 4, destroyed: 0, up: 4, down: 0
Config:
config updates: 1, failures: 0
SEE ALSO
propppd(8), propppwatch(1)
COPYRIGHT
propppctl is proprietary software developed and maintained by Katalix
Systems Limited, and is part of its ProPPP software.
ProL2TP 2.4.1 April 2023 propppctl(1)