PPPOE Over Wi-Fi

Tunasashimi

Well-Known Member
Joined
Jun 1, 2005
Messages
337
Reaction score
0
Anyone managed to get their PPPOE packets from telkom bridged to a wireless access point to be made accessible to wifi clients - so that they can connect with their ADSL account details and Windows PPPoE as per usual, while only being connected via a wireless adapter? IE the modem/bridge/router does not connect.

I traced the packets and can see XP sending out PADR and it arriving at the adsl modem which is configured as a 1394? LLC Bridge and then can also se a PADO packet returning, all te way to the original XP machine.

Windows then blissfully sends out another PADR packet. What?1? Windows? Are you blind!?!

Why does windows not connect?

Any Ideas? The fragmentaion limit on the wifi ap is 2345 or something.. much bigger than the mtu... so whats the problem?

I cant yet go plug the windows box straight into the bridge, will try that soon to eliminate the software side of things...
 
A very interesting problem.

From http://www.carricksolutions.com/pppoe.php#8

1)The PPPoE Active Discovery Initiation (PADI) packet:
The PPPoE client sends out a PADI packet to the broadcast address. This packet can also populate the "service-name" field if a service name has been entered on the dial-up networking properties of the PPPoE broadband connectoid. If a service name has not been entered, this field cannot be populated.

2) The PPPoE Active Discovery Offer (PADO) packet:
The PPPoE server, or Access Concentrator, should respond to the PADI with a PADO if the Access Concentrator is able to service the "service-name" field that had been listed in the PADI packet. If no "service-name" field had been listed, the Access Concentrator should respond with a PADO packet that has the "service-name" field populated with the service names that the Access Concentrator can service. The PADO packet is sent to the unicast address of the PPPoE client.

3) The PPPoE Active Discovery Request (PADR) packet:
When a PADO packet is received, the PPPoE client responds with a PADR packet. This packet is sent to the unicast address of the Access Concentrator. The client may receive multiple PADO packets, but the client responds to the first valid PADO that the client received. If the initial PADI packet had a blank "service-name" field filed, the client populates the "service-name" field of the PADR packet with the first service name that had been returned in the PADO packet.

4) The PPPoE Active Discovery Session-confirmation (PADS) packet:
When the PADR is received, the Access Concentrator generates a unique session identification (ID) for the Point-to-Point Protocol (PPP) session and returns this ID to the PPPoE client in the PADS packet. This packet is sent to the unicast address of the client.

Do you see a PADS packet coming back from your ISP ???.
 
What wireless router are you using?
I've had this issue with a number of Wireless APs/Routers before.
To the point that I actually took a Linksys WRT54G, loaded OpenWRT on it and made a nice set of scripts to actually initiate the PPPoE over Wireless from the WRT itself. Works great! :)
 
Wow! Its alive...

Hi guys! Great to see some action on this forum!

Here's why it doesn't work!
-> PADI (Inquire)
<- PADO (Offer)
>- PADR (Request)
<- PADS (Session!)

When the ISP's DSLAM responds with it's PADO packet, it contains a "cookie" that is to be used to encrypt the requestee's MAC address. Any request that does not come from that MAC address is ignored. This provides protection against a DoS type attack.

What happens, is the ISP provides this cookie to the AP's MAC address, and not the enduser.

Now my AP has a bridge mode that has an option for 802.11d something bla bla which basically means it duplicates its client MAC. This would work. But unfortunately in bridge mode, only another bridge (or client in Ad-hoc mode) may connect. So, this solution, unfortunately, does not seem viable.

My XP box on the wireless client adapter sends PADR packets and they are received by the ISP, but simply ignored because the MAC address encoded by Windows XP's PPPoE driver mismatches the one that the actual packet is received from (The MAC of the AP. Or any other crap-ass non-promiscious-mode dumb bridge the packet travels through).

Now, Bingo. The solution would be to tell the PPPoE client to use the MAC address that the ISP will eventually get it from (the AP's.)

I doubt XP's PPPoE client will have such a feature, but I shall now set out to see what I can accomplish nevertheless.

Hmm. Now i've confused myself. I just thought that I am wrong, but I am not. Heres what happens. XP gets its offer. (maybe ignores it cuz of the cookie and source mac) whichever way, say it replied with a PADR. It encodes it's own mac address. Now the ap changes it. ISP gets it and sees the two mismatch (AP doesnt know how to fix/relay the pppoe packet correctly) PPPoe packet ignored by ISP. Me unhappy.

Yah, those Linksys Routers are certainly cool. Pity they're only 60mW. (18-19dBm)

Another sidenote. You may or may not have seen pppoe-relay and such utilities. Basically these monsters encapsulates pppoe packets so that the server and client do talk to each other. Totally ridiculously inefficient if you ask me.

But the solution on the linksys would be to run a pppoe relay server, should you want to offer your clients to do pppoe instead of your router (I wonder how much Mbit of traffic that ~150-200Mhz CPU can handle!) Well, then again, PPPoE is pretty damn straightforward....

Usually

Well, happy frying your braincells with weak microwaves...
Later


NO WAIT!! THIS IS ALL WRONG!!

****, how dumb can I be.
Lets analyse this whole thing:

Client mac (abbreviated from xx:xx:xx:xx:cc) to CC
AP mac AA
Router mac RR
ISP mac II

As you can see my networking knowledge is severely lacking/rusty.

If a lan device sees a packet with it's mac address on it, it processes it.
So in order to receive the packets from the router/isp, the AP sticks its
mac on those packets (Windows XP software bridging does the same). **Where is the original MAC address now?**

Anyway, when the AP sees this packet with its mac address on, which is meant for the client, it finds this mac either a) at another field in the packet or b)in a table from which it can somehow track this specific conversation

Now well this seems silly. Because I know it keeps a list of associated mac addresses, so I would presume that it's just gobbling up all packets with mac's that match either of these, and sending them to the appropriate clients.

So tell me, anyone who may know.

What the hell is going on here? Please only try if you are 100% sure. I've asked too many clueless wankers and just confused myself more in the process.

Buttom line is, my ISP responds with the PADO. And XP sends back PADR. But thats where it ends. Isp doesnt give a ****.

Heres a packet cap:

03:34:17.667867 PPPoE PADI [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [TAG-0xe319 00000 **snipped 4k of hex digits**]

3:34:17.690397 PPPoE PADO [Relay-Session-ID 0x00000000000C853F76AA] [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [AC-Name "wblv-ip-esr-1"] [AC-Cookie 0x2810B18C3A0CE0984789671600003100]


03:34:22.667196 PPPoE PADI [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [TAG-0xb080 "..............wblv-ip-esr-1....(...:...G.g...1...ether proto 0x8863 || ether pr"]

03:34:22.686970 PPPoE PADO [Relay-Session-ID 0x00000000000C853F76AA] [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [AC-Name "wblv-ip-esr-1"] [AC-Cookie 0x2810B18C3A0CE0984789671600003100]
03:34:27.667021 PPPoE PADI [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [TAG-0xe305 "<.....u.......wblv-ip-esr-1....(...:...G.g...1...ether proto 0x8863 || ether pr"]


03:34:27.686877 PPPoE PADO [Relay-Session-ID 0x00000000000C853F76AA] [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [AC-Name "wblv-ip-esr-1"] [AC-Cookie 0x2810B18C3A0CE0984789671600003100]


03:34:32.667402 PPPoE PADI [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [TAG-0xb80 ".....DU.......wblv-ip-esr-1....(...:...G.g...1...ether proto 0x8863 || ether pr"]
03:34:32.686168 PPPoE PADO [Relay-Session-ID 0x00000000000C853F76AA] [Service-Name "wblv-ip-esr-1"] [Host-Uniq 0x2C0000002C000000] [AC-Name "wblv-ip-esr-1"] [AC-Cookie 0x2810B18C3A0CE0984789671600003100]



*** BEEP ***
I AM TOTALLY WRONG AGAIN. XP Never replies with the PADR packet.
****, i'm sure I saw it. I must've been imagining things.

I apologise for the excruciating pain you must be experiencing for seeing by obvious stupidity. PLEASE SAVE ME FROM IT!!!!


I am using an ADSL router with conexant chipset (like all of them out there) in bridge mode, so I get the raw PPPoE packets on the linux box. Linux pppoe works like a dream. To the linux box, is connected a Senao SL2511 DX 802.11b AP. Very basic. Incredible range on it's little dipole antenna.
 
HAH! Heres the thing. I dont think my XP box sees the PADO packet. Theory: PADO is sent to the AP's mac. So it never reaches the client.

Let me trace....
 
tcpdump -i eth0 ether proto 0x8863 || ether proto 0x8864
on the client box yields:

** drumroll ***
 
Okay. I was a total idiot about the Mac address being changed. That just does not happen.

I've just got one question! WHY DOES WINDOWS NOT ANSWER WITH PADR?!?!!??!


No. Time Source Destination Protocol Info
3 10.001268 SenaoInt_35:29:b9 Broadcast PPPoED Active Discovery Initiation (PADI)

Frame 3 (49 bytes on wire, 49 bytes captured)
Ethernet II, Src: 00:02:6f:35:29:b9, Dst: ff:ff:ff:ff:ff:ff
Destination: ff:ff:ff:ff:ff:ff (Broadcast)
Source: 00:02:6f:35:29:b9 (SenaoInt_35:29:b9)
Type: PPPoE Discovery (0x8863)
PPP-over-Ethernet Discovery
Version: 1
Type: 1
Code: Active Discovery Initiation (PADI)
Session ID: 0000
Payload Length: 29
PPPoE Tags
Tag: Service-Name
String Data: wblv-ip-esr-1
Tag: Host-Uniq
Binary Data: (8 bytes)

No. Time Source Destination Protocol Info
4 10.025242 Cisco_3f:76:aa SenaoInt_35:29:b9 PPPoED Active Discovery Offer (PADO)

Frame 4 (86 bytes on wire, 86 bytes captured)
Ethernet II, Src: 00:0c:85:3f:76:aa, Dst: 00:02:6f:35:29:b9
Destination: 00:02:6f:35:29:b9 (SenaoInt_35:29:b9)
Source: 00:0c:85:3f:76:aa (Cisco_3f:76:aa)
Type: PPPoE Discovery (0x8863)
PPP-over-Ethernet Discovery
Version: 1
Type: 1
Code: Active Discovery Offer (PADO)
Session ID: 0000
Payload Length: 66
PPPoE Tags
Tag: Service-Name
String Data: wblv-ip-esr-1
Tag: Host-Uniq
Binary Data: (8 bytes)
Tag: AC-Name
String Data: wblv-ip-esr-1
Tag: AC-Cookie
Binary Data: (16 bytes)

No. Time Source Destination Protocol Info
5 18.296569 SenaoInt_35:29:b9 Broadcast PPPoED Active Discovery Initiation (PADI)

Frame 5 (49 bytes on wire, 49 bytes captured)
Ethernet II, Src: 00:02:6f:35:29:b9, Dst: ff:ff:ff:ff:ff:ff
Destination: ff:ff:ff:ff:ff:ff (Broadcast)
Source: 00:02:6f:35:29:b9 (SenaoInt_35:29:b9)
Type: PPPoE Discovery (0x8863)
PPP-over-Ethernet Discovery
Version: 1
Type: 1
Code: Active Discovery Initiation (PADI)
Session ID: 0000
Payload Length: 29
PPPoE Tags
Tag: Service-Name
String Data: wblv-ip-esr-1
Tag: Host-Uniq
Binary Data: (8 bytes)

No. Time Source Destination Protocol Info
6 19.199412 Cisco_3f:76:aa SenaoInt_35:29:b9 PPPoED Active Discovery Offer (PADO)

Frame 6 (86 bytes on wire, 86 bytes captured)
Ethernet II, Src: 00:0c:85:3f:76:aa, Dst: 00:02:6f:35:29:b9
Destination: 00:02:6f:35:29:b9 (SenaoInt_35:29:b9)
Source: 00:0c:85:3f:76:aa (Cisco_3f:76:aa)
Type: PPPoE Discovery (0x8863)
PPP-over-Ethernet Discovery
Version: 1
Type: 1
Code: Active Discovery Offer (PADO)
Session ID: 0000
Payload Length: 66
PPPoE Tags
Tag: Service-Name
String Data: wblv-ip-esr-1
Tag: Host-Uniq
Binary Data: (8 bytes)
Tag: AC-Name
String Data: wblv-ip-esr-1
Tag: AC-Cookie
Binary Data: (16 bytes)

No. Time Source Destination Protocol Info
7 23.297217 SenaoInt_35:29:b9 Broadcast PPPoED Active Discovery Initiation (PADI)

Frame 7 (49 bytes on wire, 49 bytes captured)
Ethernet II, Src: 00:02:6f:35:29:b9, Dst: ff:ff:ff:ff:ff:ff
Destination: ff:ff:ff:ff:ff:ff (Broadcast)
Source: 00:02:6f:35:29:b9 (SenaoInt_35:29:b9)
Type: PPPoE Discovery (0x8863)
PPP-over-Ethernet Discovery
Version: 1
Type: 1
Code: Active Discovery Initiation (PADI)
Session ID: 0000
Payload Length: 29
PPPoE Tags
Tag: Service-Name
String Data: wblv-ip-esr-1
Tag: Host-Uniq
Binary Data: (8 bytes)

No. Time Source Destination Protocol Info
8 23.508948 Cisco_3f:76:aa SenaoInt_35:29:b9 PPPoED Active Discovery Offer (PADO)

Frame 8 (86 bytes on wire, 86 bytes captured)
Ethernet II, Src: 00:0c:85:3f:76:aa, Dst: 00:02:6f:35:29:b9
Destination: 00:02:6f:35:29:b9 (SenaoInt_35:29:b9)
Source: 00:0c:85:3f:76:aa (Cisco_3f:76:aa)
Type: PPPoE Discovery (0x8863)
PPP-over-Ethernet Discovery
Version: 1
Type: 1
Code: Active Discovery Offer (PADO)
Session ID: 0000
Payload Length: 66
PPPoE Tags
Tag: Service-Name
String Data: wblv-ip-esr-1
Tag: Host-Uniq
Binary Data: (8 bytes)
Tag: AC-Name
String Data: wblv-ip-esr-1
Tag: AC-Cookie
Binary Data: (16 bytes)
 
daffy said:
What wireless router are you using?
I've had this issue with a number of Wireless APs/Routers before.
I have this issue also using Dlink, Linksys and 3Com boxes. I have also read that some Surecom, Lucent/Avaya (EC converter), Osbridge (old firmware) and Planet Wap 1950 (old one) works fine.

daffy said:
To the point that I actually took a Linksys WRT54G, loaded OpenWRT on it and made a nice set of scripts to actually initiate the PPPoE over Wireless from the WRT itself. Works great! :)
I am tying to set it up but I stucked... There is some PPPoE traffic on my radio interface. My box broadcasts Active Discovery Initiation - PADI using own MAC, there is Active Discovery Offer - PADO from PPP server (from it's IP to my MAC) and some Active Discovery Request (PADR) from my MAC to PPP server. Using Ethereal I can find four "Service-Name" fields in PADO and one "AC-Name" (I have no idea what it stans for, but from my Widnows pppoe driver I am using something like AC-Name\Service-Name). What is worring me there is an empty Service-Name field in PADR packet from my box. We can find some NVRAM ppp_service and pppoe_service setting, I have supplied it with some settings but I have no idea how to use it in pppoe script?

I am not linux expert and I am every advice and comment about pppoe over wifi would be very helpful for me.
 
Thats a nice lot of technical garble about why it wont work, but since when does a bridge rewrite the MAC address on a frame?

Can you also not PPPoE through a daisy-chained switch then? Infact, why can you then PPPoE through your ADSL router at all?

Oh... "Okay. I was a total idiot about the Mac address being changed. That just does not happen.". I see you already worked it out :P
 
Karnaugh said:
Can you also not PPPoE through a daisy-chained switch then? Infact, why can you then PPPoE through your ADSL router at all?
Coul You explain that question a little bit please? My english is not so good and I didn't get the idea?

What I didn't mention is output from OpenWRT logread command:
Jan 2 05:36:35 (none) kern.notice pppd[8478]: pppd 2.4.3 started by root, uid 0
Jan 2 05:36:35 (none) kern.info pppd[8478]: PPP session is 143
Jan 2 05:36:35 (none) user.info : PPP session is 143
Jan 2 05:36:35 (none) kern.err pppd[8478]: Failed to create PPPoE socket: Protocol not supported
Jan 2 05:36:35 (none) user.info : Failed to create PPPoE socket: Protocol not supported
Jan 2 05:36:35 (none) kern.info pppd[8478]: Exit.
Jan 2 05:36:36 (none) kern.info pppd[8498]: Plugin rp-pppoe.so loaded.
Jan 2 05:36:36 (none) user.info : Plugin rp-pppoe.so loaded.


"Protocol not supported" - that makes me nervous!
 
Try using the pppoecd package instead of pppd with the pppoe plugin.
 
daffy said:
Try using the pppoecd package instead of pppd with the pppoe plugin.
Before I have read your advice I have upgraded my OpenWRT to RC2 and I am a little bit closer to sucess! Using built in pppd it makes PPPoE call and brings up PPP0 interface with IP adress assigned by PPP server at ISP side.
After my first smile I have discovered my next PPPoE problem:

Remote message: Auth failed
PAP authentication failed
Couldn't increase MTU to 1500
Couldn't increase MRU to 1500
Connection terminated.


Using tcpdump I can find few PPP PAP Authentication-Requests one by oen, but then PPP PAP Authentication-NAK. Proper username and password is transmited in request packets and I have no idea what is going on?!

I have also installed some PPP DUMP ipkg, but I have to learn how to use it.
 
daffy said:
Try using the pppoecd package instead of pppd with the pppoe plugin.

I have just tried pppoecd but without success...
I am using "pppoecd eth1 -u username -p password -i 0 -I 30 -T 5 -N 3 -k" command - ppp0 don't com up. When ifup.pppoe is used, ppp0 interface coms up with proper IP supplied by ISP.

Tcpdump shows me the same sequence for pppoecd and for pppoe plugin. There is some proper pppoe session (PADI, PADO, PADR, PADS) and after that there is PPP LCP Configuration Request from ISP gateway (for few times one by one) but there is no answer (Configuration Ack) from my box. I suppose my router should reply to PPP magic numbers, but it do nothing! That means PPP PAP conversation don't even starts - LCP Configuration has to be sent before PAP. I am stucked again and I am going to lost intrest. I am closer than ever and so far away to success... From my Windows it works fine and that makes me creazy!!
 
Top
Sign up to the MyBroadband newsletter
X