propppctl(1)                    ProL2TP Manual                    propppctl(1)



NAME
       propppctl - Command line control utility for propppd

SYNOPSIS
       propppctl
             create create-args...
             destroy ppp-instance
             show ppp-instance or ultilink-bundle
             status
             list options

DESCRIPTION
       The  propppctl  utility is used to configure and control the propppd(8)
       daemon. PPP instances may be created or destroyed, and  daemon  runtime
       status may be queried.

       The  command name is the first argument. The arguments accepted differs
       for each command.

   CREATE
       Creates a new PPP instance. Each instance is assigned a unique name  of
       the  form  session-N.  This name can be used as an argument to SHOW and
       DESTROY commands to operate on the instance.

   DESTROY
       Destroys the named PPP instance. PPP LCP messages are sent to the  peer
       to terminate the connection.

   SHOW
       Shows information about the named PPP instance or multilink bundle.

   STATUS
       Shows  status  information about propppd, such as the number of PPP in-
       stances, RADIUS requests and events.

   LIST
       Prints a summary of all PPP instances. For  each  instance,  its  name,
       connection state and PPP username (if available) may be listed. The us-
       er may list only the PPP instances which are up or only those which are
       down.

OPTIONS
   CREATE
       The  create command creates a new PPP instance. Arguments are specified
       as a space-separated list. If an argument takes a value, the  value  is
       given in the word following the argument name. e.g.

          propppctl create param1 param1value param2 param3 param3value

       propppd supports PPP over several different link types.

       o Ethernet (PPPoE)

       o L2TP (PPPoL2TP)

       o Serial tty device

       The  following sections describe all of the options available. Many ar-
       guments are the same as those used in pppd(8)

   Common Options
       auth   Require the peer to authenticate itself before allowing  network
              packets to be sent or received.

       mru n  Set  the MRU [Maximum Receive Unit] value to n. Propppd will ask
              the peer to send packets of no more than n bytes.  The value  of
              n must be between 128 and 16384; the default is 1500.  Note that
              for the IPv6 protocol, the MRU must be at least 1280.

       mtu n  Set the MTU [Maximum Transmit Unit] value to n.  Unless the peer
              requests  a  smaller value via MRU negotiation, propppd will re-
              quest that the kernel networking code send data  packets  of  no
              more  than n bytes through the PPP network interface.  Note that
              for the IPv6 protocol, the MTU must be at least 1280.

       passive
              Enables the "passive" option in  the  LCP.   With  this  option,
              propppd  will  attempt  to initiate a connection; if no reply is
              received from the peer, propppd will then  just  wait  passively
              for a valid LCP packet from the peer, instead of terminating, as
              it would without this option.

       <local_IP_address>:<remote_IP_address>
              Set the local and/or remote interface IP addresses.  Either  one
              may  be  omitted.  The IP addresses can be specified with a host
              name or in decimal dot notation (e.g. 150.234.56.78).   The  re-
              mote  address will be obtained from the peer if not specified in
              any option.  If a local and/or remote IP  address  is  specified
              with this option, propppd will not accept a different value from
              the peer in the IPCP negotiation, unless  the  ipcp-accept-local
              and/or ipcp-accept-remote options are given, respectively.

       +ipv6  Enable the IPv6CP and IPv6 protocols.

       ipv6 <local_interface_id>,<remote_interface_id>
              Set  the local and/or remote 64-bit interface identifier. Either
              one may be omitted. The identifier must be specified in standard
              ASCII  notation  of  IPv6  addresses  (e.g. ::dead:beef). If the
              ipv6cp-use-ipaddr option is given, the local identifier  is  the
              local  IPv4  address  (see  above).  On systems which supports a
              unique persistent id, such as EUI-48 derived from  the  Ethernet
              MAC address, ipv6cp-use-persistent option can be used to replace
              the ipv6 <local>,<remote> option. Otherwise  the  identifier  is
              randomized.

       allow-ip address(es)
              Allow  peers  to  use the given IP address or subnet without au-
              thenticating themselves.  The parameter is parsed  as  for  each
              element of the list of allowed IP addresses in the secrets files
              (see the AUTHENTICATION section in propppd.conf(5) ).

       bsdcomp nr,nt
              Request that the peer compress packets that it sends, using  the
              BSD-Compress  scheme,  with  a maximum code size of nr bits, and
              agree to compress packets sent to the peer with a  maximum  code
              size  of  nt  bits.   If nt is not specified, it defaults to the
              value given for nr.  Values in the range 9 to 15 may be used for
              nr  and  nt;  larger  values give better compression but consume
              more kernel memory for compression dictionaries.  Alternatively,
              a  value  of  0  for nr or nt disables compression in the corre-
              sponding direction.  Use nobsdcomp or bsdcomp 0 to disable  BSD-
              Compress compression entirely.

       chap-interval n
              If this option is given, propppd will rechallenge the peer every
              n seconds.

       chap-max-challenge n
              Set the maximum number of CHAP challenge transmissions to n (de-
              fault 10).

       chap-restart n
              Set  the CHAP restart interval (retransmission timeout for chal-
              lenges) to n seconds (default 3).

       debug  Enables connection debugging facilities.  If this option is giv-
              en,  propppd  will  enable  debug  messages for the PPP instance
              which may be useful to diagnose connection problems.

       loglevel level
              Sets the PPP instance debug log level. level must be one of "er-
              ror",  "warning",  "notice", "info" or "debug". "loglevel debug"
              is equivalent to the debug option.

       default-mru
              Disable MRU [Maximum Receive Unit] negotiation.  With  this  op-
              tion,  propppd  will use the default MRU value of 1500 bytes for
              both the transmit and receive direction.

       deflate nr,nt
              Request that the peer compress packets that it sends, using  the
              Deflate  scheme,  with a maximum window size of 2**nr bytes, and
              agree to compress packets sent to the peer with a maximum window
              size of 2**nt bytes.  If nt is not specified, it defaults to the
              value given for nr.  Values in the range 9 to 15 may be used for
              nr  and  nt;  larger  values give better compression but consume
              more kernel memory for compression dictionaries.  Alternatively,
              a  value  of  0  for nr or nt disables compression in the corre-
              sponding direction.  Use nodeflate or deflate 0 to  disable  De-
              flate  compression  entirely.   (Note:  propppd requests Deflate
              compression in preference to BSD-Compress if the peer can do ei-
              ther.)

       domain d
              Append  the domain name d to the local host name for authentica-
              tion purposes.  For example, if gethostname() returns  the  name
              porsche,    but    the    fully   qualified   domain   name   is
              porsche.Quotron.COM,  you  could  specify  domain   Quotron.COM.
              Propppd  would then use the name porsche.Quotron.COM for looking
              up secrets in the secrets file, and as the default name to  send
              to the peer when authenticating itself to the peer.  This option
              is privileged.

       enable-session
              Enables session accounting via PAM.  When PAM  is  enabled,  the
              PAM  "account"  and  "session" module stacks determine behavior,
              and are enabled for all PPP authentication protocols.   PAM  may
              be  configured  separately to record wtmp/wtmpx entries for each
              login, making peers visible in the last(1) log.  See pam.conf(5)
              for  more  information.   This  feature is automatically enabled
              when the propppd login option is used.   Session  accounting  is
              disabled by default.

       endpoint <epdisc>
              Sets the endpoint discriminator sent by the local machine to the
              peer during multilink negotiation to <epdisc>.  The  default  is
              to  use  the  MAC address of the first ethernet interface on the
              system.  The endpoint discriminator can be the string null or of
              the  form  type:value,  where type is a decimal number or one of
              the strings local, IP, MAC, magic, or phone.  The value is an IP
              address  in dotted-decimal notation for the IP type, or a string
              of bytes in hexadecimal, separated by periods or colons for  the
              other  types.   For the MAC type, the value may also be the name
              of an ethernet or similar network interface.

       eap-interval n
              If this option is given and propppd authenticates the peer  with
              EAP  (i.e., is the server), propppd will restart EAP authentica-
              tion every n seconds.

       eap-max-rreq n
              Set the maximum number of EAP Requests to which propppd will re-
              spond  (as  a  client)  without  hearing EAP Success or Failure.
              (Default is 20.)

       eap-max-sreq n
              Set the maximum number of EAP Requests that propppd  will  issue
              (as a server) while attempting authentication.  (Default is 10.)

       eap-restart n
              Set  the  retransmit  timeout  for EAP Requests when acting as a
              server (authenticator).  (Default is 3 seconds.)

       eap-timeout n
              Set the maximum time to wait for the peer to send an EAP Request
              when  acting  as  a client (authenticatee).  (Default is 20 sec-
              onds.)

       ifname name
              Sets the interface name to be assigned to the PPP interface when
              it  is  established.  The  default name is assigned by the Linux
              kernel using the 'pppN' naming convention.

       holdoff n
              Specifies how many seconds to wait before re-initiating the link
              after  it  terminates.   This  option only has any effect if the
              persist option is used.  The holdoff period is  not  applied  if
              the link was terminated because it was idle.

       idle n Specifies that propppd should disconnect if the link is idle for
              n seconds.  The link is idle when no data packets (i.e. IP pack-
              ets)  are  being sent or received.  Note: it is not advisable to
              use this option with the persist option.

       ipcp-accept-local
              With this option, propppd will accept the peer's idea of our lo-
              cal IP address, even if the local IP address was specified in an
              option.

       ipcp-accept-remote
              With this option, propppd will accept the  peer's  idea  of  its
              (remote) IP address, even if the remote IP address was specified
              in an option.

       ipcp-max-configure n
              Set the maximum number of IPCP  configure-request  transmissions
              to n (default 10).

       ipcp-max-failure n
              Set  the  maximum  number of IPCP configure-NAKs returned before
              starting to send configure-Rejects instead to n (default 10).

       ipcp-max-terminate n
              Set the maximum number of IPCP  terminate-request  transmissions
              to n (default 3).

       ipcp-restart n
              Set the IPCP restart interval (retransmission timeout) to n sec-
              onds (default 3).

       ipv6cp-accept-local
              With this option, propppd will accept the peer's idea of our lo-
              cal  IPv6 interface identifier, even if the local IPv6 interface
              identifier was specified in an option.

       ipv6cp-max-configure n
              Set the maximum number of IPv6CP configure-request transmissions
              to n (default 10).

       ipv6cp-max-failure n
              Set  the maximum number of IPv6CP configure-NAKs returned before
              starting to send configure-Rejects instead to n (default 10).

       ipv6cp-max-terminate n
              Set the maximum number of IPv6CP terminate-request transmissions
              to n (default 3).

       ipv6cp-restart n
              Set  the  IPv6CP  restart interval (retransmission timeout) to n
              seconds (default 3).

       kdebug n
              Enable debugging code in the kernel-level PPP driver.  The argu-
              ment values depend on the specific kernel driver, but in general
              a value of 1 will enable general kernel debug  messages.   (Note
              that  these  messages  are usually only useful for debugging the
              kernel driver itself.)  On most systems, messages printed by the
              kernel  are  logged  by  syslog(1)  to a file as directed in the
              /etc/syslog.conf configuration file.

       lcp-echo-failure n
              If this option is given, propppd will presume  the  peer  to  be
              dead  if  n LCP echo-requests are sent without receiving a valid
              LCP echo-reply.  If this happens,  propppd  will  terminate  the
              connection.   Use  of  this option requires a non-zero value for
              the lcp-echo-interval parameter.  This option can be used to en-
              able propppd to terminate after the physical connection has been
              broken (e.g., the modem has hung  up)  in  situations  where  no
              hardware modem control lines are available.

       lcp-echo-interval n
              If  this  option is given, propppd will send an LCP echo-request
              frame to the peer every n seconds.  Normally the peer should re-
              spond to the echo-request by sending an echo-reply.  This option
              can be used with the lcp-echo-failure option to detect that  the
              peer is no longer connected.

       lcp-max-configure n
              Set the maximum number of LCP configure-request transmissions to
              n (default 10).

       lcp-max-failure n
              Set the maximum number of  LCP  configure-NAKs  returned  before
              starting to send configure-Rejects instead to n (default 10).

       lcp-max-terminate n
              Set the maximum number of LCP terminate-request transmissions to
              n (default 3).

       lcp-restart n
              Set the LCP restart interval (retransmission timeout) to n  sec-
              onds (default 3).

       login  Use the system password database for authenticating the peer us-
              ing PAP.   Note  that  the  peer  must  have  an  entry  in  the
              /etc/proppp/pap-secrets  file  as  well  as  the system password
              database to  be  allowed  access.   If  the  password  given  in
              /etc/proppp/pap-secrets  is  the special value @login, the pass-
              word is obtained from the system's  password  file  /etc/passwd.
              See also the enable-session option.

       maxconnect n
              Terminate  the connection when it has been available for network
              traffic for n seconds (i.e. n seconds after  the  first  network
              control protocol comes up).

       maxfail n
              Terminate  after  n  consecutive  failed connection attempts.  A
              value of 0 means no limit.  The default value is 10.

       mpshortseq
              Enables the use of short (12-bit) sequence numbers in  multilink
              headers, as opposed to 24-bit sequence numbers.  This option on-
              ly has any effect if multilink is enabled (see the multilink op-
              tion).

       mrru n Sets  the  Maximum Reconstructed Receive Unit to n.  The MRRU is
              the maximum size for a received packet on  a  multilink  bundle,
              and  is analogous to the MRU for the individual links.  This op-
              tion only has any effect if multilink is enabled (see the multi-
              link option).

       ms-dns <addr>
              If  propppd is acting as a server for Microsoft Windows clients,
              this option allows propppd to supply one or two DNS (Domain Name
              Server)  addresses  to  the clients.  The first instance of this
              option specifies the primary DNS address;  the  second  instance
              (if given) specifies the secondary DNS address.

       ms-wins <addr>
              If  propppd is acting as a server for Microsoft Windows or "Sam-
              ba" clients, this option allows propppd to  supply  one  or  two
              WINS  (Windows  Internet  Name Services) server addresses to the
              clients.  The first instance of this option specifies the prima-
              ry  WINS  address;  the second instance (if given) specifies the
              secondary WINS address.

       multilink
              Enables the use of the PPP multilink protocol.  If the peer also
              supports  multilink,  then this link can become part of a bundle
              between the local system and the peer.  If there is an  existing
              bundle  to the peer, propppd will join this link to that bundle,
              otherwise propppd will create a new bundle.  See  the  MULTILINK
              section below.

       name name
              Set  the name of the local system for authentication purposes to
              name. With this option, propppd will use lines  in  the  secrets
              files which have name as the second field when looking for a se-
              cret to use in authenticating the  peer.   In  addition,  unless
              overridden  with  the user option, name will be used as the name
              to send to the peer when authenticating the local system to  the
              peer.   (Note  that  propppd  does not append the domain name to
              name.)

       noaccomp
              Disable Address/Control compression in both directions (send and
              receive).

       noauth Do not require the peer to authenticate itself.

       nobsdcomp
              Disables  BSD-Compress  compression; propppd will not request or
              agree to compress packets using the BSD-Compress scheme.

       noccp  Disable CCP (Compression Control  Protocol)  negotiation.   This
              option  should  only  be  required if the peer is buggy and gets
              confused by requests from propppd for CCP negotiation.

       nodeflate
              Disables Deflate compression; propppd will not request or  agree
              to compress packets using the Deflate scheme.

       noendpoint
              Disables  propppd  from sending an endpoint discriminator to the
              peer or accepting one from the peer (see the  MULTILINK  section
              below).  This option should only be required if the peer is bug-
              gy.

       noip   Disable IPCP negotiation  and  IP  communication.   This  option
              should  only  be required if the peer is buggy and gets confused
              by requests from propppd for IPCP negotiation.

       noipv6 Disable IPv6CP negotiation and IPv6 communication.  This  option
              should  only  be required if the peer is buggy and gets confused
              by requests from propppd for IPv6CP negotiation.

       noipdefault
              Disables the default behaviour when no local IP address is spec-
              ified,  which is to determine (if possible) the local IP address
              from the hostname.  With this option, the peer will have to sup-
              ply  the  local  IP  address  during IPCP negotiation (unless it
              specified explicitly on the command line).

       nomagic
              Disable magic number negotiation.   With  this  option,  propppd
              cannot  detect  a  looped-back line.  This option should only be
              needed if the peer is buggy.

       nompshortseq
              Disables the use of short (12-bit) sequence numbers in  the  PPP
              multilink  protocol, forcing the use of 24-bit sequence numbers.
              This option only has any effect if multilink is enabled.

       nomultilink
              Disables the use of PPP multilink.

       nopcomp
              Disable protocol field compression negotiation in both  the  re-
              ceive and the transmit direction.

       nopredictor1
              Do not accept or agree to Predictor-1 compression.

       novj   Disable Van Jacobson style TCP/IP header compression in both the
              transmit and the receive direction.

       novjccomp
              Disable the connection-ID compression  option  in  Van  Jacobson
              style TCP/IP header compression.  With this option, propppd will
              not omit the connection-ID byte  from  Van  Jacobson  compressed
              TCP/IP headers, nor ask the peer to do so.

       papcrypt
              Indicates  that  all secrets in the /etc/proppp/pap-secrets file
              which are used for checking the identity of  the  peer  are  en-
              crypted,  and  thus  propppd should not accept a password which,
              before  encryption,  is  identical  to  the  secret   from   the
              /etc/proppp/pap-secrets file.

       pap-max-authreq n
              Set the maximum number of PAP authenticate-request transmissions
              to n (default 10).

       pap-restart n
              Set the PAP restart interval (retransmission timeout) to n  sec-
              onds (default 3).

       pap-timeout n
              Set  the maximum time that propppd will wait for the peer to au-
              thenticate itself with PAP to n seconds (0 means no limit).

       password password-string
              Specifies the password to use for authenticating to the peer.

       persist
              If the connection is terminated, try to reopen  the  connection.
              The  maxfail  option  still  has an effect on persistent connec-
              tions.

       predictor1
              Request that the peer compress frames that it sends  using  Pre-
              dictor-1  compression,  and agree to compress transmitted frames
              with Predictor-1 if requested.  This option has no effect unless
              the kernel driver supports Predictor-1 compression.

       profile
              Tells  propppd to fetch additional arguments from the named pro-
              file defined in propppd.conf(5).  The profile must  exist.  This
              option may be specified multiple times.

       proxyarp
              Add  an entry to this system's ARP [Address Resolution Protocol]
              table with the IP address of the peer and the  Ethernet  address
              of  this  system.   This will have the effect of making the peer
              appear to other systems to be on the local ethernet.

       receive-all
              With this option, propppd will  accept  all  control  characters
              from  the  peer, including those marked in the receive asyncmap.
              Without this option, propppd will discard  those  characters  as
              specified  in RFC1662.  This option should only be needed if the
              peer is buggy.

       remotename name
              Set the assumed name of the  remote  system  for  authentication
              purposes to name.

       remotenumber number
              Set  the  assumed  telephone number of the remote system for au-
              thentication purposes to number.

       refuse-chap
              With this option, propppd will not agree to authenticate  itself
              to the peer using CHAP.

       refuse-eap
              With  this option, propppd will not agree to authenticate itself
              to the peer using EAP.

       refuse-pap
              With this option, propppd will not agree to authenticate  itself
              to the peer using PAP.

       require-chap
              Require  the  peer  to authenticate itself using CHAP [Challenge
              Handshake Authentication Protocol] authentication.

       require-eap
              Require the peer to authenticate itself  using  EAP  [Extensible
              Authentication Protocol] authentication.

       require-pap
              Require  the peer to authenticate itself using PAP [Password Au-
              thentication Protocol] authentication.

       scope string
              This option is ignored if not using multilink. It adds a  string
              to the key used to match multilink links with bundles. It may be
              useful to associate links with specific multilink  bundles  when
              there is more than one multilink bundle to a peer.

       set name=value
              Set  a variable for use by external applications that listen for
              and receive events from propppd. The variables  and  values  are
              included  in  the  PPP event data sent by propppd when a PPP in-
              stance is destroyed or changes state.

       silent With this option, propppd will not transmit LCP packets to  ini-
              tiate a connection until a valid LCP packet is received from the
              peer.

       sync   Use synchronous HDLC serial encoding  instead  of  asynchronous.
              The  device used by propppd with this option must have sync sup-
              port.

       user name
              Sets the name used for authenticating the local  system  to  the
              peer to name.

       vj-max-slots n
              Sets the number of connection slots to be used by the Van Jacob-
              son TCP/IP header compression and decompression code to n, which
              must be between 2 and 16 (inclusive).

       radius Enables  RADIUS  authentication. propppd will contact the RADIUS
              servers specified in propppd.conf(5) when establishing and  man-
              aging  the PPP instance if RADIUS operations are enabled for the
              PPP instance.

       rad-nas-ip-addr ip-address
              Sets the value set in the RADIUS NAS-IP-Address  AVP  in  RADIUS
              messages  sent  to  the RADIUS server. By default, no NAS-IP-Ad-
              dress data is sent.

       rad-nas-id string
              Sets the value set in the RADIUS NAS-Id AVP in  RADIUS  messages
              sent to the RADIUS server. By default, no NAS-Id data is sent.

       rad-calling-station-id string
              Sets  the  value set in the RADIUS Calling-Station-ID AVP in RA-
              DIUS messages sent to the RADIUS server. By default, no Calling-
              Station-ID data is sent.

       rad-nas-port-type number
              Sets  the  value  set  in the RADIUS NAS-Port-Type AVP in RADIUS
              messages sent to the RADIUS server. By default, no NAS-Port-Type
              data is sent.

       rad-nas-port number
              Sets the value set in the RADIUS NAS-Port AVP in RADIUS messages
              sent to the RADIUS server. By default, no NAS-Port data is sent.

       rad-acct
              Indicates that RADIUS accounting messages should be  sent  to  a
              RADIUS  Accounting  server  when the PPP instance is established
              and when it closes. The default is  that  no  RADIUS  Accounting
              messages are sent.

       rad-acct-interim-interval number
              Specifies  the  periodic  interval (as a number of seconds) with
              which propppd will send RADIUS Interim Accounting updates to the
              RADIUS Accounting server. Such messages are used to gather usage
              statistics of a PPP instance over time. The default is 0 (no in-
              terim updates are sent).

   Ethernet
       The following arguments may be used for PPP instances which use PPPoE.

       pppoe devicename
              Indicates  that the PPP instance will use PPPoE on the indicated
              device.  The PPPoE session must already be established with  the
              PPPoE server.

       pppoe-session-id number
              The  PPPoE  session ID to be used for the instance.  This is the
              ID provided by the PPPoE server when establishing the session.

       pppoe-peer-mac mac-address
              The MAC address of the interface to  direct  PPPoE  packets  to.
              This  is  the MAC of the PPPoE server the session is established
              with.

   L2TP
       The following arguments may be used for PPP instances which  use  L2TP.
       The  L2TP  tunnel  and  session must already be established. Since L2TP
       sessions are created by an external  L2TP  application,  these  options
       would probably only be used by the L2TP application.

       pppol2tp
              Indicates that the PPP instance will use L2TP.

       pppol2tp_fd number
              The  file  descriptor  of the L2TP tunnel. This is usually a UDP
              socket, but may also be an L2TPIP  socket  if  the  tunnel  uses
              L2TPv3 IP encapsulation.

       pppol2tp_protocol_version number
              The  L2TP  protocol  version.  Must be 2 or 3 and must match the
              L2TP protocol version  of  the  tunnel  identified  by  the  pp-
              pol2tp_tunnel_id parameter.

       pppol2tp_lns_mode
              Indicates  that  this  side  of the PPP connection is at an L2TP
              LNS. This enables L2TP-specific behaviour where LCP packets  are
              checked  for ACCM settings. The default is that propppd does not
              snoop LCP packets.

       pppol2tp_send_seq
              Indicates that L2TP sequence numbers should be added  to  trans-
              mitted  L2TP  data  packets. Sequence numbers may be used by the
              peer to reorder packets. The default is off.

       pppol2tp_recv_seq
              Indicates that L2TP sequence numbers should be  checked  in  re-
              ceived  L2TP  data packets and packets optionally reordered. The
              default is off.

       pppol2tp_reorderto number
              If pppol2tp_recv_seq is specified, this parameter sets the  time
              which out-of-sequence packets should be held while trying to re-
              order them. The default is 0 (reordering disabled).

       pppol2tp_debug_mask mask
              This option may be used to enable debug messages in the L2TP PPP
              implementation.  The  mask is a bitmask of debug options: bit0 -
              verbose, bit1 - control API, bit2 - sequence numbers, bit3 - da-
              ta packets. The default is 0 (no debug).

       pppol2tp_ifname name
              This  option is deprecated. Use the equivalent ifname option in-
              stead.

       pppol2tp_tunnel_id number
              Specifies the L2TP tunnel-id. This identifies  the  L2TP  tunnel
              instance  over  which  the new PPP instance will be established.
              The tunnel must already exist.

       pppol2tp_session_id number
              Specifies the L2TP session-id. This identifies the L2TP  session
              instance  within the L2TP tunnel over which the new PPP instance
              will be established. The session must already exist.

       pppol2tp_peer_tunnel_id number
              Specifies the L2TP peer tunnel-id. This identifies the L2TP tun-
              nel  instance  over  which  the  new PPP instance will be estab-
              lished. The tunnel must already exist.

       pppol2tp_peer_session_id number
              Specifies the L2TP peer session-id.  This  identifies  the  L2TP
              session  instance over which the new PPP instance will be estab-
              lished. The session must already exist.

   Serial tty device
       The following arguments may be used for PPP instances which use a seri-
       al device.

       allow-number number
              Allow  peers  to  connect  from  the  given telephone number.  A
              trailing `*' character will match all numbers beginning with the
              leading part.

       local  If  using  serial terminal devices, this option tells propppd to
              not use the modem control lines.  With this option, propppd will
              ignore  the state of the CD (Carrier Detect) signal from the mo-
              dem and will not change the state  of  the  DTR  (Data  Terminal
              Ready) signal.  This is the opposite of the modem option.

       ttyname
              Use the serial port called ttyname to communicate with the peer.
              If ttyname does not begin with a slash (/), the  string  "/dev/"
              is prepended to ttyname to form the name of the device to open.

       speed  This option sets the desired baud rate for the serial device.

       asyncmap map
              This option sets the Async-Control-Character-Map (ACCM) for this
              end of the link.  The ACCM is a set of 32 bits, one for each  of
              the ASCII control characters with values from 0 to 31, where a 1
              bit indicates that the corresponding  control  character  should
              not  be used in PPP packets sent to this system.  The map is en-
              coded as a hexadecimal number (without a leading 0x)  where  the
              least  significant bit (00000001) represents character 0 and the
              most significant bit (80000000) represents character 31.  Propp-
              pd will ask the peer to send these characters as a 2-byte escape
              sequence.  If multiple asyncmap options are  given,  the  values
              are  ORed together.  If no asyncmap option is given, the default
              is zero, so propppd will ask the peer not to escape any  control
              characters.   To  escape  transmitted characters, use the escape
              option.

       crtscts
              Specifies that propppd should set the serial port to  use  hard-
              ware  flow  control  using the RTS and CTS signals in the RS-232
              interface.  If neither the crtscts, the nocrtscts,  the  cdtrcts
              nor  the  nocdtrcts  option  is given, the hardware flow control
              setting for the serial port  is  left  unchanged.   Some  serial
              ports  (such  as Macintosh serial ports) lack a true RTS output.
              Such serial ports use this mode to implement unidirectional flow
              control. The serial port will suspend transmission when request-
              ed by the modem (via CTS) but will be unable to request the  mo-
              dem to stop sending to the computer. This mode retains the abil-
              ity to use DTR as a modem control line.

       escape xx,yy,...
              Specifies that certain characters should be escaped on transmis-
              sion (regardless of whether the peer requests them to be escaped
              with its async control character map).  The characters to be es-
              caped  are  specified as a list of hex numbers separated by com-
              mas.  Note that almost any character can be  specified  for  the
              escape option, unlike the asyncmap option which only allows con-
              trol characters to be specified.  The characters which  may  not
              be escaped are those with hex values 0x20 - 0x3f or 0x5e.

       modem  Use  the modem control lines.  This option is the default.  With
              this option, propppd will wait for the CD (Carrier Detect)  sig-
              nal from the modem to be asserted when opening the serial device
              and it will drop the DTR (Data Terminal  Ready)  signal  briefly
              when  the connection is terminated. and before executing This is
              the opposite of the local option.

       nocrtscts
              Disable hardware flow control (i.e. RTS/CTS) on the serial port.
              If neither the crtscts nor the nocrtscts nor the cdtrcts nor the
              nocdtrcts option is given, the hardware flow control setting for
              the serial port is left unchanged.

       nocdtrcts
              This  option is a synonym for nocrtscts. Either of these options
              will disable both forms of hardware flow control.

       xonxoff
              Use software flow control (i.e. XON/XOFF) to control the flow of
              data on the serial port.

   DESTROY
       The destroy command destroys a PPP instance. The instance is identified
       by its name, e.g. "session-42" which must be given as a parameter. When
       a  PPP instance is destroyed, propppd will send LCP Term packets to the
       peer. The instance is destroyed when the peer acknowledges the LCP mes-
       sages, or after a timeout.

   SHOW
       The  show  command  displays detailed information about a PPP instance.
       The instance is identified by its name, e.g. "session-42" which must be
       given as a parameter.

   LIST
       The  list command is useful to show a summary of all PPP instances or a
       subset of them. The following parameters may be used to filter the out-
       put:

              up     list only PPP instances which are up.

              down   list only PPP instances which are down.

              brief  list only the PPP instance names, one per line.  This may
                     be most useful for external scripting.

              session-N
                     list only information for  the  specified  PPP  instance,
                     e.g. "session-101".

MULTILINK
       Multilink  PPP provides the capability to combine two or more PPP links
       between a pair of machines into a single `bundle', which appears  as  a
       single  virtual  PPP link which has the combined bandwidth of the indi-
       vidual links.

       Propppd detects that the link it is controlling  is  connected  to  the
       same  peer  as another link using the peer's endpoint discriminator and
       the authenticated identity of the peer.  The endpoint discriminator  is
       a block of data which is hopefully unique for each peer.  Several types
       of data can be used, including locally-assigned strings  of  bytes,  IP
       addresses,  MAC  addresses,  randomly  strings of bytes, or E-164 phone
       numbers.  The endpoint discriminator sent to the peer by propppd can be
       set using the endpoint option.

       In  some circumstances the peer may send no endpoint discriminator or a
       non-unique value.  The scope option adds an extra string which is added
       to  the  peer's  endpoint discriminator and authenticated identity when
       matching up links to be joined together in a bundle.  The scope  option
       can also be used to allow the establishment of multiple bundles between
       the local system and the peer.

       Assuming that multilink is enabled and the peer is willing to negotiate
       multilink,  then  when propppd is invoked to bring up the first link to
       the peer, it will detect that no other link is connected  to  the  peer
       and  create  a new bundle, that is, another ppp network interface unit.
       When another link is brought up to the peer, it will detect the  exist-
       ing bundle and join its link to it.

       If  the  first  link terminates (for example, because of a received LCP
       terminate-request) the bundle is not destroyed unless there are no oth-
       er  links  remaining in the bundle.  The first ppp instance of a bundle
       remains after its link terminates, until all the links  in  the  bundle
       have terminated.

EXAMPLES
       # propppctl create /dev/ttyS3 local 10.1.1.254: passive persist maxfail 0 \
               require-pap refuse-chap refuse-eap \
               radius rad-acct rad-acct-interim-interval 600

       # propppctl list
       Name             Interface     Multilink    Duration State  User
       session-1        ppp0          -             0:02:21 UP     dave
       session-2        ppp1          -             0:02:21 UP     bob
       session-3        ppp2          multilink-1   0:00:18 UP     alfie
       session-4        ppp2          multilink-1   0:00:18 UP     alfie

       # propppctl list session-2
       session-3        ppp2          -             0:02:23 UP     bob

       # propppctl list up
       Name             Interface     Multilink    Duration State  User
       session-1        ppp0          -             0:02:55 UP     dave
       session-2        ppp1          -             0:02:55 UP     bob
       session-3        ppp2          multilink-1   0:00:52 UP     alfie
       session-4        ppp2          multilink-1   0:00:52 UP     alfie

       # propppctl list down
       Name             Interface     Multilink    Duration State  User

       # propppctl list up brief
       4 contexts
       session-1
       session-2
       session-3
       session-4

       # propppctl list brief down
       0 contexts

       # propppctl show session-3
         interface name: ppp2
         created: 2021-03-04 16:11:16
         type: tty
         debug: 7
         connect delay: 1000
         state: RUNNING
         connect time: 0.1 minutes
         link mtu: 1500, peer mru: 1500
         run count: 20
        tty:
         baud: 38400, hardware flow control: no
         sync: no, stop bits: 1
        lcp:
         echo interval: 0, max echo failures: 0
         want: pap asyncmap magic mru mrru pcomp accomp epdisc
         got: pap asyncmap magic mru mrru pcomp accomp epdisc
         allow: asyncmap magic mru mrru pcomp accomp epdisc
         his: asyncmap magic mrru pcomp accomp epdisc
         state: OPENED
         timeout: 3
         max confreqs: 10, max termreqs: 2
         retransmits: 10, naks: 0
         naks since last ack: 0
        ccp:
         want: bsd deflate
         got: bsd deflate
         allow: bsd deflate predictor1
         his: bsd deflate
         state: OPENED
         timeout: 3
         max confreqs: 10, max termreqs: 2
         retransmits: 10, naks: 0
         naks since last ack: 0
        ipcp:
         want: negaddr reqaddr
         got: negaddr reqaddr
         allow: negaddr proxyarp
         his: negaddr
         state: OPENED
         timeout: 3
         max confreqs: 10, max termreqs: 2
         retransmits: 10, naks: 0
         naks since last ack: 0
         local ip: 10.1.1.254
         peer ip: 10.1.1.2
        pap:
         auth timeout: 30, retransmit interval: 3
         our state: OPEN, peer state: CLOSED
        chap:
         timeout: 3, rechallenge time: 0
         local state:  lowerup
         transmits: 0
         peer state:  lowerup
        eap:
         local:
         state: Closed
          requests: 0, responses: 0
          timeout: 3, max requests: 10
         peer:
         state: Closed
          requests: 0, responses: 0
          timeout: 20, max requests: 20
        auth:
         remote name: 'alfie'
         config: local: , peer:
         done: local:  pap, peer:
        multilink:
         bundle: multilink-1
         endpoint: 'MAC:00:1b:21:6a:7e:96'
         mrru: 1500, mtru:1500
         short-seq-tx: 0, short-seq-rx: 0

       # propppctl show multilink-1
       multilink-1:
         key: 'test/MAC:00:1b:21:6a:7e:96/'
         interface: ppp2
         links: session-3 session-4

       # propppctl status
       ProPPP v2.2.0
         support: support@prol2tp.com
       License:
         product: proppp
         licensed to: Katalix Systems Ltd
       PPP:
         ppp instance count: 4
         create requests: 4, failures: 0
         destroy requests: 0, failures: 0
       RADIUS:
         access requests: 0, accepts: 0, rejects: 0, challenges: 0
         accounting starts: 0, stops: 0, updates: 0, responses: 0
         disconnect requests: 0, responses: 0
         retransmits: 0, timeouts: 0
         auth requests in progress: 0, accounting requests in progress: 0
       Events:
         created: 4, destroyed: 0, up: 4, down: 0
       Config:
         config updates: 1, failures: 0


SEE ALSO
       propppd(8), propppwatch(1)


COPYRIGHT
       propppctl  is  proprietary software developed and maintained by Katalix
       Systems Limited, and is part of its ProPPP software.



ProL2TP 2.3.0                      May 2021                       propppctl(1)