propppctl(1)                    ProL2TP Manual                    propppctl(1)



NAME
       propppctl - Command line control utility for propppd

SYNOPSIS
       propppctl
             create create-args...
             destroy ppp-instance
             show ppp-instance or ultilink-bundle
             status
             list options

DESCRIPTION
       The  propppctl  utility is used to configure and control the propppd(8)
       daemon. PPP instances may be created or destroyed, and  daemon  runtime
       status may be queried.

       The  command name is the first argument. The arguments accepted differs
       for each command.

   CREATE
       Creates a new PPP instance. Each instance is assigned a unique name  of
       the  form  session-N.  This name can be used as an argument to SHOW and
       DESTROY commands to operate on the instance.

   DESTROY
       Destroys the named PPP instance. PPP LCP messages are sent to the  peer
       to terminate the connection.

   SHOW
       Shows information about the named PPP instance or multilink bundle.

   STATUS
       Shows  status  information  about  propppd,  such  as the number of PPP
       instances, RADIUS requests and events.

   LIST
       Prints a summary of all PPP instances. For  each  instance,  its  name,
       connection  state  and  PPP  username (if available) may be listed. The
       user may list only the PPP instances which are up or only  those  which
       are down.

OPTIONS
   CREATE
       The  create command creates a new PPP instance. Arguments are specified
       as a space-separated list. If an argument takes a value, the  value  is
       given in the word following the argument name. e.g.

          propppctl create param1 param1value param2 param3 param3value

       propppd supports PPP over several different link types.

       o Ethernet (PPPoE)

       o L2TP (PPPoL2TP)

       o Serial tty device

       The  following  sections  describe  all  of the options available. Many
       arguments are the same as those used in pppd(8)

   Common Options
       auth   Require the peer to authenticate itself before allowing  network
              packets to be sent or received.

       mru n  Set  the MRU [Maximum Receive Unit] value to n. Propppd will ask
              the peer to send packets of no more than n bytes.  The value  of
              n must be between 128 and 16384; the default is 1500.  Note that
              for the IPv6 protocol, the MRU must be at least 1280.

       mtu n  Set the MTU [Maximum Transmit Unit] value to n.  Unless the peer
              requests  a  smaller  value  via  MRU  negotiation, propppd will
              request that the kernel networking code send data packets of  no
              more  than n bytes through the PPP network interface.  Note that
              for the IPv6 protocol, the MTU must be at least 1280.

       passive
              Enables the "passive" option in  the  LCP.   With  this  option,
              propppd  will  attempt  to initiate a connection; if no reply is
              received from the peer, propppd will then  just  wait  passively
              for a valid LCP packet from the peer, instead of terminating, as
              it would without this option.

       <local_IP_address>:<remote_IP_address>
              Set the local and/or remote interface IP addresses.  Either  one
              may  be  omitted.  The IP addresses can be specified with a host
              name or in  decimal  dot  notation  (e.g.  150.234.56.78).   The
              remote  address  will be obtained from the peer if not specified
              in any option.  If a local and/or remote IP address is specified
              with this option, propppd will not accept a different value from
              the peer in the IPCP negotiation, unless  the  ipcp-accept-local
              and/or ipcp-accept-remote options are given, respectively.

       +ipv6  Enable the IPv6CP and IPv6 protocols.

       ipv6 <local_interface_id>,<remote_interface_id>
              Set  the local and/or remote 64-bit interface identifier. Either
              one may be omitted. The identifier must be specified in standard
              ASCII  notation  of  IPv6  addresses  (e.g. ::dead:beef). If the
              ipv6cp-use-ipaddr option is given, the local identifier  is  the
              local  IPv4  address  (see  above).  On systems which supports a
              unique persistent id, such as EUI-48 derived from  the  Ethernet
              MAC address, ipv6cp-use-persistent option can be used to replace
              the ipv6 <local>,<remote> option. Otherwise  the  identifier  is
              randomized.

       allow-ip address(es)
              Allow  peers  to  use  the  given  IP  address or subnet without
              authenticating themselves.  The parameter is parsed as for  each
              element of the list of allowed IP addresses in the secrets files
              (see the AUTHENTICATION section in propppd.conf(5) ).

       bsdcomp nr,nt
              Request that the peer compress packets that it sends, using  the
              BSD-Compress  scheme,  with  a maximum code size of nr bits, and
              agree to compress packets sent to the peer with a  maximum  code
              size  of  nt  bits.   If nt is not specified, it defaults to the
              value given for nr.  Values in the range 9 to 15 may be used for
              nr  and  nt;  larger  values give better compression but consume
              more kernel memory for compression dictionaries.  Alternatively,
              a  value  of  0  for  nr  or  nt  disables  compression  in  the
              corresponding direction.  Use nobsdcomp or bsdcomp 0 to  disable
              BSD-Compress compression entirely.

       chap-interval n
              If this option is given, propppd will rechallenge the peer every
              n seconds.

       chap-max-challenge n
              Set the maximum number of  CHAP  challenge  transmissions  to  n
              (default 10).

       chap-restart n
              Set  the  CHAP  restart  interval  (retransmission  timeout  for
              challenges) to n seconds (default 3).

       debug  Enables connection debugging  facilities.   If  this  option  is
              given,  propppd  will enable debug messages for the PPP instance
              which may be useful to diagnose connection problems.

       loglevel level
              Sets the PPP instance debug log level.  level  must  be  one  of
              "error",  "warning",  "notice",  "info"  or  "debug".  "loglevel
              debug" is equivalent to the debug option.

       default-mru
              Disable MRU  [Maximum  Receive  Unit]  negotiation.   With  this
              option, propppd will use the default MRU value of 1500 bytes for
              both the transmit and receive direction.

       deflate nr,nt
              Request that the peer compress packets that it sends, using  the
              Deflate  scheme,  with a maximum window size of 2**nr bytes, and
              agree to compress packets sent to the peer with a maximum window
              size of 2**nt bytes.  If nt is not specified, it defaults to the
              value given for nr.  Values in the range 9 to 15 may be used for
              nr  and  nt;  larger  values give better compression but consume
              more kernel memory for compression dictionaries.  Alternatively,
              a  value  of  0  for  nr  or  nt  disables  compression  in  the
              corresponding direction.  Use nodeflate or deflate 0 to  disable
              Deflate  compression  entirely.  (Note: propppd requests Deflate
              compression in preference to BSD-Compress if  the  peer  can  do
              either.)

       domain d
              Append   the   domain   name  d  to  the  local  host  name  for
              authentication purposes.  For example, if gethostname()  returns
              the  name  porsche,  but  the  fully  qualified  domain  name is
              porsche.Quotron.COM,  you  could  specify  domain   Quotron.COM.
              Propppd  would then use the name porsche.Quotron.COM for looking
              up secrets in the secrets file, and as the default name to  send
              to the peer when authenticating itself to the peer.  This option
              is privileged.

       enable-session
              Enables session accounting via PAM.  When PAM  is  enabled,  the
              PAM  "account"  and  "session" module stacks determine behavior,
              and are enabled for all PPP authentication protocols.   PAM  may
              be  configured  separately to record wtmp/wtmpx entries for each
              login, making peers visible in the last(1) log.  See pam.conf(5)
              for  more  information.   This  feature is automatically enabled
              when the propppd login option is used.   Session  accounting  is
              disabled by default.

       endpoint <epdisc>
              Sets the endpoint discriminator sent by the local machine to the
              peer during multilink negotiation to <epdisc>.  The  default  is
              to  use  the  MAC address of the first ethernet interface on the
              system.  The endpoint discriminator can be the string null or of
              the  form  type:value,  where type is a decimal number or one of
              the strings local, IP, MAC, magic, or phone.  The value is an IP
              address  in dotted-decimal notation for the IP type, or a string
              of bytes in hexadecimal, separated by periods or colons for  the
              other  types.   For the MAC type, the value may also be the name
              of an ethernet or similar network interface.

       eap-interval n
              If this option is given and propppd authenticates the peer  with
              EAP   (i.e.,   is   the   server),   propppd  will  restart  EAP
              authentication every n seconds.

       eap-max-rreq n
              Set the maximum number of EAP Requests  to  which  propppd  will
              respond  (as  a  client) without hearing EAP Success or Failure.
              (Default is 20.)

       eap-max-sreq n
              Set the maximum number of EAP Requests that propppd  will  issue
              (as a server) while attempting authentication.  (Default is 10.)

       eap-restart n
              Set  the  retransmit  timeout  for EAP Requests when acting as a
              server (authenticator).  (Default is 3 seconds.)

       eap-timeout n
              Set the maximum time to wait for the peer to send an EAP Request
              when  acting  as  a  client  (authenticatee).   (Default  is  20
              seconds.)

       ifname name
              Sets the interface name to be assigned to the PPP interface when
              it  is  established.  The  default name is assigned by the Linux
              kernel using the 'pppN' naming convention.

       holdoff n
              Specifies how many seconds to wait before re-initiating the link
              after  it  terminates.   This  option only has any effect if the
              persist option is used.  The holdoff period is  not  applied  if
              the link was terminated because it was idle.

       idle n Specifies that propppd should disconnect if the link is idle for
              n seconds.  The link is idle  when  no  data  packets  (i.e.  IP
              packets)  are being sent or received.  Note: it is not advisable
              to use this option with the persist option.

       ipcp-accept-local
              With this option, propppd will accept the  peer's  idea  of  our
              local  IP address, even if the local IP address was specified in
              an option.

       ipcp-accept-remote
              With this option, propppd will accept the  peer's  idea  of  its
              (remote) IP address, even if the remote IP address was specified
              in an option.

       ipcp-max-configure n
              Set the maximum number of IPCP  configure-request  transmissions
              to n (default 10).

       ipcp-max-failure n
              Set  the  maximum  number of IPCP configure-NAKs returned before
              starting to send configure-Rejects instead to n (default 10).

       ipcp-max-terminate n
              Set the maximum number of IPCP  terminate-request  transmissions
              to n (default 3).

       ipcp-restart n
              Set  the  IPCP  restart  interval  (retransmission timeout) to n
              seconds (default 3).

       ipv6cp-accept-local
              With this option, propppd will accept the  peer's  idea  of  our
              local   IPv6  interface  identifier,  even  if  the  local  IPv6
              interface identifier was specified in an option.

       ipv6cp-max-configure n
              Set the maximum number of IPv6CP configure-request transmissions
              to n (default 10).

       ipv6cp-max-failure n
              Set  the maximum number of IPv6CP configure-NAKs returned before
              starting to send configure-Rejects instead to n (default 10).

       ipv6cp-max-terminate n
              Set the maximum number of IPv6CP terminate-request transmissions
              to n (default 3).

       ipv6cp-restart n
              Set  the  IPv6CP  restart interval (retransmission timeout) to n
              seconds (default 3).

       kdebug n
              Enable debugging code  in  the  kernel-level  PPP  driver.   The
              argument  values  depend  on  the specific kernel driver, but in
              general a value of 1 will enable general kernel debug  messages.
              (Note  that these messages are usually only useful for debugging
              the kernel driver itself.)  On most systems, messages printed by
              the  kernel are logged by syslog(1) to a file as directed in the
              /etc/syslog.conf configuration file.

       lcp-echo-failure n
              If this option is given, propppd will presume  the  peer  to  be
              dead  if  n LCP echo-requests are sent without receiving a valid
              LCP echo-reply.  If this happens,  propppd  will  terminate  the
              connection.   Use  of  this option requires a non-zero value for
              the lcp-echo-interval parameter.  This option  can  be  used  to
              enable  propppd  to  terminate after the physical connection has
              been broken (e.g., the modem has hung up) in situations where no
              hardware modem control lines are available.

       lcp-echo-interval n
              If  this  option is given, propppd will send an LCP echo-request
              frame to the peer every n seconds.   Normally  the  peer  should
              respond  to  the  echo-request  by  sending an echo-reply.  This
              option can be used with the lcp-echo-failure  option  to  detect
              that the peer is no longer connected.

       lcp-max-configure n
              Set the maximum number of LCP configure-request transmissions to
              n (default 10).

       lcp-max-failure n
              Set the maximum number of  LCP  configure-NAKs  returned  before
              starting to send configure-Rejects instead to n (default 10).

       lcp-max-terminate n
              Set the maximum number of LCP terminate-request transmissions to
              n (default 3).

       lcp-restart n
              Set the LCP  restart  interval  (retransmission  timeout)  to  n
              seconds (default 3).

       login  Use  the  system  password  database for authenticating the peer
              using PAP.  Note that  the  peer  must  have  an  entry  in  the
              /etc/proppp/pap-secrets  file  as  well  as  the system password
              database to  be  allowed  access.   If  the  password  given  in
              /etc/proppp/pap-secrets   is   the  special  value  @login,  the
              password  is  obtained   from   the   system's   password   file
              /etc/passwd.  See also the enable-session option.

       maxconnect n
              Terminate  the connection when it has been available for network
              traffic for n seconds (i.e. n seconds after  the  first  network
              control protocol comes up).

       maxfail n
              Terminate  after  n  consecutive  failed connection attempts.  A
              value of 0 means no limit.  The default value is 10.

       mpshortseq
              Enables the use of short (12-bit) sequence numbers in  multilink
              headers,  as  opposed  to  24-bit sequence numbers.  This option
              only has any effect if multilink is enabled (see  the  multilink
              option).

       mrru n Sets  the  Maximum Reconstructed Receive Unit to n.  The MRRU is
              the maximum size for a received packet on  a  multilink  bundle,
              and  is  analogous  to  the  MRU for the individual links.  This
              option only has any effect if  multilink  is  enabled  (see  the
              multilink option).

       ms-dns <addr>
              If  propppd is acting as a server for Microsoft Windows clients,
              this option allows propppd to supply one or two DNS (Domain Name
              Server)  addresses  to  the clients.  The first instance of this
              option specifies the primary DNS address;  the  second  instance
              (if given) specifies the secondary DNS address.

       ms-wins <addr>
              If  propppd  is  acting  as  a  server  for Microsoft Windows or
              "Samba" clients, this option allows propppd to supply one or two
              WINS  (Windows  Internet  Name Services) server addresses to the
              clients.  The  first  instance  of  this  option  specifies  the
              primary  WINS  address; the second instance (if given) specifies
              the secondary WINS address.

       multilink
              Enables the use of the PPP multilink protocol.  If the peer also
              supports  multilink,  then this link can become part of a bundle
              between the local system and the peer.  If there is an  existing
              bundle  to the peer, propppd will join this link to that bundle,
              otherwise propppd will create a new bundle.  See  the  MULTILINK
              section below.

       name name
              Set  the name of the local system for authentication purposes to
              name. With this option, propppd will use lines  in  the  secrets
              files  which  have  name  as the second field when looking for a
              secret to use in authenticating the peer.  In  addition,  unless
              overridden  with  the user option, name will be used as the name
              to send to the peer when authenticating the local system to  the
              peer.   (Note  that  propppd  does not append the domain name to
              name.)

       noaccomp
              Disable Address/Control compression in both directions (send and
              receive).

       noauth Do not require the peer to authenticate itself.

       nobsdcomp
              Disables  BSD-Compress  compression; propppd will not request or
              agree to compress packets using the BSD-Compress scheme.

       noccp  Disable CCP (Compression Control  Protocol)  negotiation.   This
              option  should  only  be  required if the peer is buggy and gets
              confused by requests from propppd for CCP negotiation.

       nodeflate
              Disables Deflate compression; propppd will not request or  agree
              to compress packets using the Deflate scheme.

       noendpoint
              Disables  propppd  from sending an endpoint discriminator to the
              peer or accepting one from the peer (see the  MULTILINK  section
              below).   This  option  should  only  be required if the peer is
              buggy.

       noip   Disable IPCP negotiation  and  IP  communication.   This  option
              should  only  be required if the peer is buggy and gets confused
              by requests from propppd for IPCP negotiation.

       noipv6 Disable IPv6CP negotiation and IPv6 communication.  This  option
              should  only  be required if the peer is buggy and gets confused
              by requests from propppd for IPv6CP negotiation.

       noipdefault
              Disables the default behaviour  when  no  local  IP  address  is
              specified,  which  is  to  determine  (if possible) the local IP
              address from the hostname.  With this option, the peer will have
              to  supply  the local IP address during IPCP negotiation (unless
              it specified explicitly on the command line).

       nomagic
              Disable magic number negotiation.   With  this  option,  propppd
              cannot  detect  a  looped-back line.  This option should only be
              needed if the peer is buggy.

       nompshortseq
              Disables the use of short (12-bit) sequence numbers in  the  PPP
              multilink  protocol, forcing the use of 24-bit sequence numbers.
              This option only has any effect if multilink is enabled.

       nomultilink
              Disables the use of PPP multilink.

       nopcomp
              Disable protocol  field  compression  negotiation  in  both  the
              receive and the transmit direction.

       nopredictor1
              Do not accept or agree to Predictor-1 compression.

       novj   Disable Van Jacobson style TCP/IP header compression in both the
              transmit and the receive direction.

       novjccomp
              Disable the connection-ID compression  option  in  Van  Jacobson
              style TCP/IP header compression.  With this option, propppd will
              not omit the connection-ID byte  from  Van  Jacobson  compressed
              TCP/IP headers, nor ask the peer to do so.

       papcrypt
              Indicates  that  all secrets in the /etc/proppp/pap-secrets file
              which are used  for  checking  the  identity  of  the  peer  are
              encrypted,  and thus propppd should not accept a password which,
              before  encryption,  is  identical  to  the  secret   from   the
              /etc/proppp/pap-secrets file.

       pap-max-authreq n
              Set the maximum number of PAP authenticate-request transmissions
              to n (default 10).

       pap-restart n
              Set the PAP  restart  interval  (retransmission  timeout)  to  n
              seconds (default 3).

       pap-timeout n
              Set  the  maximum  time  that  propppd will wait for the peer to
              authenticate itself with PAP to n seconds (0 means no limit).

       password password-string
              Specifies the password to use for authenticating to the peer.

       persist
              If the connection is terminated, try to reopen  the  connection.
              The   maxfail   option   still   has  an  effect  on  persistent
              connections.

       predictor1
              Request that the  peer  compress  frames  that  it  sends  using
              Predictor-1  compression,  and  agree  to  compress  transmitted
              frames with Predictor-1 if requested.  This option has no effect
              unless the kernel driver supports Predictor-1 compression.

       profile
              Tells  propppd  to  fetch  additional  arguments  from the named
              profile defined in propppd.conf(5).   The  profile  must  exist.
              This option may be specified multiple times.

       proxyarp
              Add  an entry to this system's ARP [Address Resolution Protocol]
              table with the IP address of the peer and the  Ethernet  address
              of  this  system.   This will have the effect of making the peer
              appear to other systems to be on the local ethernet.

       receive-all
              With this option, propppd will  accept  all  control  characters
              from  the  peer, including those marked in the receive asyncmap.
              Without this option, propppd will discard  those  characters  as
              specified  in RFC1662.  This option should only be needed if the
              peer is buggy.

       remotename name
              Set the assumed name of the  remote  system  for  authentication
              purposes to name.

       remotenumber number
              Set  the  assumed  telephone  number  of  the  remote system for
              authentication purposes to number.

       refuse-chap
              With this option, propppd will not agree to authenticate  itself
              to the peer using CHAP.

       refuse-eap
              With  this option, propppd will not agree to authenticate itself
              to the peer using EAP.

       refuse-pap
              With this option, propppd will not agree to authenticate  itself
              to the peer using PAP.

       require-chap
              Require  the  peer  to authenticate itself using CHAP [Challenge
              Handshake Authentication Protocol] authentication.

       require-eap
              Require the peer to authenticate itself  using  EAP  [Extensible
              Authentication Protocol] authentication.

       require-pap
              Require  the  peer  to  authenticate  itself using PAP [Password
              Authentication Protocol] authentication.

       scope string
              This option is ignored if not using multilink. It adds a  string
              to the key used to match multilink links with bundles. It may be
              useful to associate links with specific multilink  bundles  when
              there is more than one multilink bundle to a peer.

       set name=value
              Set  a variable for use by external applications that listen for
              and receive events from propppd. The variables  and  values  are
              included  in  the  PPP  event  data  sent  by propppd when a PPP
              instance is destroyed or changes state.

       silent With this option, propppd  will  not  transmit  LCP  packets  to
              initiate  a connection until a valid LCP packet is received from
              the peer.

       sync   Use synchronous HDLC serial encoding  instead  of  asynchronous.
              The  device  used  by  propppd  with  this option must have sync
              support.

       user name
              Sets the name used for authenticating the local  system  to  the
              peer to name.

       vj-max-slots n
              Sets  the  number  of  connection  slots  to  be used by the Van
              Jacobson TCP/IP header compression and decompression code to  n,
              which must be between 2 and 16 (inclusive).

       radius Enables  RADIUS  authentication. propppd will contact the RADIUS
              servers  specified  in  propppd.conf(5)  when  establishing  and
              managing  the  PPP instance if RADIUS operations are enabled for
              the PPP instance.

       rad-nas-ip-addr ip-address
              Sets the value set in the RADIUS NAS-IP-Address  AVP  in  RADIUS
              messages  sent  to  the  RADIUS  server.  By default, no NAS-IP-
              Address data is sent.

       rad-nas-id string
              Sets the value set in the RADIUS NAS-Id AVP in  RADIUS  messages
              sent to the RADIUS server. By default, no NAS-Id data is sent.

       rad-calling-station-id string
              Sets  the  value  set  in  the  RADIUS Calling-Station-ID AVP in
              RADIUS messages sent  to  the  RADIUS  server.  By  default,  no
              Calling-Station-ID data is sent.

       rad-nas-port-type number
              Sets  the  value  set  in the RADIUS NAS-Port-Type AVP in RADIUS
              messages sent to the RADIUS server. By default, no NAS-Port-Type
              data is sent.

       rad-nas-port number
              Sets the value set in the RADIUS NAS-Port AVP in RADIUS messages
              sent to the RADIUS server. By default, no NAS-Port data is sent.

       rad-acct
              Indicates that RADIUS accounting messages should be  sent  to  a
              RADIUS  Accounting  server  when the PPP instance is established
              and when it closes. The default is  that  no  RADIUS  Accounting
              messages are sent.

       rad-acct-interim-interval number
              Specifies  the  periodic  interval (as a number of seconds) with
              which propppd will send RADIUS Interim Accounting updates to the
              RADIUS Accounting server. Such messages are used to gather usage
              statistics of a PPP instance over time. The  default  is  0  (no
              interim updates are sent).

   Ethernet
       The following arguments may be used for PPP instances which use PPPoE.

       pppoe devicename
              Indicates  that the PPP instance will use PPPoE on the indicated
              device.  The PPPoE session must already be established with  the
              PPPoE server.

       pppoe-session-id number
              The  PPPoE  session ID to be used for the instance.  This is the
              ID provided by the PPPoE server when establishing the session.

       pppoe-peer-mac mac-address
              The MAC address of the interface to  direct  PPPoE  packets  to.
              This  is  the MAC of the PPPoE server the session is established
              with.

   L2TP
       The following arguments may be used for PPP instances which  use  L2TP.
       The  L2TP  tunnel  and  session must already be established. Since L2TP
       sessions are created by an external  L2TP  application,  these  options
       would probably only be used by the L2TP application.

       pppol2tp
              Indicates that the PPP instance will use L2TP.

       pppol2tp_fd number
              The  file  descriptor  of the L2TP tunnel. This is usually a UDP
              socket, but may also be an L2TPIP  socket  if  the  tunnel  uses
              L2TPv3 IP encapsulation.

       pppol2tp_protocol_version number
              The  L2TP  protocol  version.  Must be 2 or 3 and must match the
              L2TP  protocol  version  of  the  tunnel   identified   by   the
              pppol2tp_tunnel_id parameter.

       pppol2tp_lns_mode
              Indicates  that  this  side  of the PPP connection is at an L2TP
              LNS. This enables L2TP-specific behaviour where LCP packets  are
              checked  for ACCM settings. The default is that propppd does not
              snoop LCP packets.

       pppol2tp_send_seq
              Indicates  that  L2TP  sequence  numbers  should  be  added   to
              transmitted  L2TP  data packets. Sequence numbers may be used by
              the peer to reorder packets. The default is off.

       pppol2tp_recv_seq
              Indicates that  L2TP  sequence  numbers  should  be  checked  in
              received L2TP data packets and packets optionally reordered. The
              default is off.

       pppol2tp_reorderto number
              If pppol2tp_recv_seq is specified, this parameter sets the  time
              which  out-of-sequence  packets  should  be held while trying to
              reorder them. The default is 0 (reordering disabled).

       pppol2tp_debug_mask mask
              This option may be used to enable debug messages in the L2TP PPP
              implementation.  The  mask is a bitmask of debug options: bit0 -
              verbose, bit1 - control API, bit2 -  sequence  numbers,  bit3  -
              data packets. The default is 0 (no debug).

       pppol2tp_ifname name
              This  option  is  deprecated.  Use  the equivalent ifname option
              instead.

       pppol2tp_tunnel_id number
              Specifies the L2TP tunnel-id. This identifies  the  L2TP  tunnel
              instance  over  which  the new PPP instance will be established.
              The tunnel must already exist.

       pppol2tp_session_id number
              Specifies the L2TP session-id. This identifies the L2TP  session
              instance  within the L2TP tunnel over which the new PPP instance
              will be established. The session must already exist.

       pppol2tp_peer_tunnel_id number
              Specifies the L2TP peer  tunnel-id.  This  identifies  the  L2TP
              tunnel  instance  over  which  the  new  PPP  instance  will  be
              established. The tunnel must already exist.

       pppol2tp_peer_session_id number
              Specifies the L2TP peer session-id.  This  identifies  the  L2TP
              session  instance  over  which  the  new  PPP  instance  will be
              established. The session must already exist.

   Serial tty device
       The following arguments may be used  for  PPP  instances  which  use  a
       serial device.

       allow-number number
              Allow  peers  to  connect  from  the  given telephone number.  A
              trailing `*' character will match all numbers beginning with the
              leading part.

       local  If  using  serial terminal devices, this option tells propppd to
              not use the modem control lines.  With this option, propppd will
              ignore  the  state  of  the  CD (Carrier Detect) signal from the
              modem and will not change the state of the  DTR  (Data  Terminal
              Ready) signal.  This is the opposite of the modem option.

       ttyname
              Use the serial port called ttyname to communicate with the peer.
              If ttyname does not begin with a slash (/), the  string  "/dev/"
              is prepended to ttyname to form the name of the device to open.

       speed  This option sets the desired baud rate for the serial device.

       asyncmap map
              This option sets the Async-Control-Character-Map (ACCM) for this
              end of the link.  The ACCM is a set of 32 bits, one for each  of
              the ASCII control characters with values from 0 to 31, where a 1
              bit indicates that the corresponding  control  character  should
              not  be  used  in  PPP  packets sent to this system.  The map is
              encoded as a hexadecimal number (without a leading 0x) where the
              least  significant bit (00000001) represents character 0 and the
              most  significant  bit  (80000000)  represents   character   31.
              Propppd  will  ask the peer to send these characters as a 2-byte
              escape sequence.  If multiple asyncmap options  are  given,  the
              values  are  ORed together.  If no asyncmap option is given, the
              default is zero, so propppd will ask the peer not to escape  any
              control  characters.   To escape transmitted characters, use the
              escape option.

       crtscts
              Specifies that  propppd  should  set  the  serial  port  to  use
              hardware  flow  control  using  the  RTS  and CTS signals in the
              RS-232 interface.  If neither the crtscts,  the  nocrtscts,  the
              cdtrcts  nor  the  nocdtrcts  option is given, the hardware flow
              control setting for the serial port  is  left  unchanged.   Some
              serial  ports  (such  as Macintosh serial ports) lack a true RTS
              output.  Such  serial  ports  use   this   mode   to   implement
              unidirectional  flow  control.  The  serial  port  will  suspend
              transmission when requested by the modem (via CTS) but  will  be
              unable  to  request  the  modem to stop sending to the computer.
              This mode retains the ability to use  DTR  as  a  modem  control
              line.

       escape xx,yy,...
              Specifies   that   certain   characters  should  be  escaped  on
              transmission (regardless of whether the peer requests them to be
              escaped  with  its async control character map).  The characters
              to be escaped are specified as a list of hex  numbers  separated
              by  commas.  Note that almost any character can be specified for
              the escape option, unlike the asyncmap option which only  allows
              control  characters  to  be specified.  The characters which may
              not be escaped are those with hex values 0x20 - 0x3f or 0x5e.

       modem  Use the modem control lines.  This option is the default.   With
              this  option,  propppd  will  wait  for  the CD (Carrier Detect)
              signal from the modem to be asserted  when  opening  the  serial
              device  and  it  will  drop the DTR (Data Terminal Ready) signal
              briefly when the connection is terminated. and before  executing
              This is the opposite of the local option.

       nocrtscts
              Disable hardware flow control (i.e. RTS/CTS) on the serial port.
              If neither the crtscts nor the nocrtscts nor the cdtrcts nor the
              nocdtrcts option is given, the hardware flow control setting for
              the serial port is left unchanged.

       nocdtrcts
              This option is a synonym for nocrtscts. Either of these  options
              will disable both forms of hardware flow control.

       xonxoff
              Use software flow control (i.e. XON/XOFF) to control the flow of
              data on the serial port.

   DESTROY
       The destroy command destroys a PPP instance. The instance is identified
       by its name, e.g. "session-42" which must be given as a parameter. When
       a PPP instance is destroyed, propppd will send LCP Term packets to  the
       peer.  The  instance  is  destroyed  when the peer acknowledges the LCP
       messages, or after a timeout.

   SHOW
       The show command displays detailed information about  a  PPP  instance.
       The instance is identified by its name, e.g. "session-42" which must be
       given as a parameter.

   LIST
       The list command is useful to show a summary of all PPP instances or  a
       subset  of  them.  The  following  parameters may be used to filter the
       output:

              up     list only PPP instances which are up.

              down   list only PPP instances which are down.

              brief  list only the PPP instance names, one per line.  This may
                     be most useful for external scripting.

              session-N
                     list  only  information  for  the specified PPP instance,
                     e.g. "session-101".

MULTILINK
       Multilink PPP provides the capability to combine two or more PPP  links
       between  a  pair of machines into a single `bundle', which appears as a
       single virtual PPP  link  which  has  the  combined  bandwidth  of  the
       individual links.

       Propppd  detects  that  the  link it is controlling is connected to the
       same peer as another link using the peer's endpoint  discriminator  and
       the  authenticated identity of the peer.  The endpoint discriminator is
       a block of data which is hopefully unique for each peer.  Several types
       of  data  can  be used, including locally-assigned strings of bytes, IP
       addresses, MAC addresses, randomly strings of  bytes,  or  E-164  phone
       numbers.  The endpoint discriminator sent to the peer by propppd can be
       set using the endpoint option.

       In some circumstances the peer may send no endpoint discriminator or  a
       non-unique value.  The scope option adds an extra string which is added
       to the peer's endpoint discriminator and  authenticated  identity  when
       matching  up links to be joined together in a bundle.  The scope option
       can also be used to allow the establishment of multiple bundles between
       the local system and the peer.

       Assuming that multilink is enabled and the peer is willing to negotiate
       multilink, then when propppd is invoked to bring up the first  link  to
       the  peer,  it  will detect that no other link is connected to the peer
       and create a new bundle, that is, another ppp network  interface  unit.
       When  another  link  is  brought  up  to  the  peer, it will detect the
       existing bundle and join its link to it.

       If the first link terminates (for example, because of  a  received  LCP
       terminate-request)  the  bundle  is  not  destroyed unless there are no
       other links remaining in the bundle.   The  first  ppp  instance  of  a
       bundle  remains  after  its link terminates, until all the links in the
       bundle have terminated.

EXAMPLES
       # propppctl create /dev/ttyS3 local 10.1.1.254: passive persist maxfail 0 \
               require-pap refuse-chap refuse-eap \
               radius rad-acct rad-acct-interim-interval 600

       # propppctl list
       Name             Interface     Multilink    Duration State  User
       session-1        ppp0          -             0:02:21 UP     dave
       session-2        ppp1          -             0:02:21 UP     bob
       session-3        ppp2          multilink-1   0:00:18 UP     alfie
       session-4        ppp2          multilink-1   0:00:18 UP     alfie

       # propppctl list session-2
       session-3        ppp2          -             0:02:23 UP     bob

       # propppctl list up
       Name             Interface     Multilink    Duration State  User
       session-1        ppp0          -             0:02:55 UP     dave
       session-2        ppp1          -             0:02:55 UP     bob
       session-3        ppp2          multilink-1   0:00:52 UP     alfie
       session-4        ppp2          multilink-1   0:00:52 UP     alfie

       # propppctl list down
       Name             Interface     Multilink    Duration State  User

       # propppctl list up brief
       4 contexts
       session-1
       session-2
       session-3
       session-4

       # propppctl list brief down
       0 contexts

       # propppctl show session-3
         interface name: ppp2
         created: 2021-03-04 16:11:16
         type: tty
         debug: 7
         connect delay: 1000
         state: RUNNING
         connect time: 0.1 minutes
         link mtu: 1500, peer mru: 1500
         run count: 20
        tty:
         baud: 38400, hardware flow control: no
         sync: no, stop bits: 1
        lcp:
         echo interval: 0, max echo failures: 0
         want: pap asyncmap magic mru mrru pcomp accomp epdisc
         got: pap asyncmap magic mru mrru pcomp accomp epdisc
         allow: asyncmap magic mru mrru pcomp accomp epdisc
         his: asyncmap magic mrru pcomp accomp epdisc
         state: OPENED
         timeout: 3
         max confreqs: 10, max termreqs: 2
         retransmits: 10, naks: 0
         naks since last ack: 0
        ccp:
         want: bsd deflate
         got: bsd deflate
         allow: bsd deflate predictor1
         his: bsd deflate
         state: OPENED
         timeout: 3
         max confreqs: 10, max termreqs: 2
         retransmits: 10, naks: 0
         naks since last ack: 0
        ipcp:
         want: negaddr reqaddr
         got: negaddr reqaddr
         allow: negaddr proxyarp
         his: negaddr
         state: OPENED
         timeout: 3
         max confreqs: 10, max termreqs: 2
         retransmits: 10, naks: 0
         naks since last ack: 0
         local ip: 10.1.1.254
         peer ip: 10.1.1.2
        pap:
         auth timeout: 30, retransmit interval: 3
         our state: OPEN, peer state: CLOSED
        chap:
         timeout: 3, rechallenge time: 0
         local state:  lowerup
         transmits: 0
         peer state:  lowerup
        eap:
         local:
         state: Closed
          requests: 0, responses: 0
          timeout: 3, max requests: 10
         peer:
         state: Closed
          requests: 0, responses: 0
          timeout: 20, max requests: 20
        auth:
         remote name: 'alfie'
         config: local: , peer:
         done: local:  pap, peer:
        multilink:
         bundle: multilink-1
         endpoint: 'MAC:00:1b:21:6a:7e:96'
         mrru: 1500, mtru:1500
         short-seq-tx: 0, short-seq-rx: 0

       # propppctl show multilink-1
       multilink-1:
         key: 'test/MAC:00:1b:21:6a:7e:96/'
         interface: ppp2
         links: session-3 session-4

       # propppctl status
       ProPPP v2.2.0
         support: support@prol2tp.com
       License:
         product: proppp
         licensed to: Katalix Systems Ltd
       PPP:
         ppp instance count: 4
         create requests: 4, failures: 0
         destroy requests: 0, failures: 0
       RADIUS:
         access requests: 0, accepts: 0, rejects: 0, challenges: 0
         accounting starts: 0, stops: 0, updates: 0, responses: 0
         disconnect requests: 0, responses: 0
         retransmits: 0, timeouts: 0
         auth requests in progress: 0, accounting requests in progress: 0
       Events:
         created: 4, destroyed: 0, up: 4, down: 0
       Config:
         config updates: 1, failures: 0


SEE ALSO
       propppd(8), propppwatch(1)


COPYRIGHT
       propppctl is proprietary software developed and maintained  by  Katalix
       Systems Limited, and is part of its ProPPP software.



ProL2TP 2.5.4                    January 2024                     propppctl(1)