Solaris & PPP

This document describes how to get PPP (point-to-point protocol)
running between a PC running Windows and a Sun workstation running
Solaris 2.x (I use Solaris 2.4).

These instructions describe a basic "point-to-point" static IP setup.
More advanced configurations are available, but I've found this to be
adequate. I've only included the Sun workstation side in this document,
but I plan to add the PC side sometime this week or next.

dAVE bRillhart
UNIX Systems Group
(407) 729-5430
David.Brillhart@harris.com


                              Cookbook
                          ===============

Sun Workstation Side (22 steps)
---------------------------------
(Note: these instructions assume the modem is on serial port "a")

1.) Be sure the PPP and UUCP software (part of Solaris) is
    installed. Install if necessary using either pkgadd or swmtool.

       # pkginfo | egrep "PPP|UUCP"
       (should return: pppk, apppr, apppu, bnuu, and bnur)

2.) Make sure the EEPROM settings are correct. The ignore-cd parameter
    setting must be "true" for bi-directional modem connections
    (although it seems incorrect I verified it with Sun tech support).

       # eeprom | grep ttya
       # eeprom ttya-mode=38400,8,n,1,h
       # eeprom ttya-ignore-cd=true
       # eeprom ttya-rts-dtr-off=false

3.) Reboot the system to enact the EEPROM changes (if they changed).

4.) Remove the following entries to make room for the new values.
    This assumes the modem will be on port "a".

       # sacadm -r -p zsmon0 2> /dev/null
       # sttydefs -r conttyH8hi 2> /dev/null
       # pmadm -r -p zsmon -s ttya 2> /dev/null
       # pmadm -r -p zsmon0 -s ttya 2> /dev/null

5.) Hook up the modem (I use a Hayes Optima 28.8K). Use a 25-wire
    straight-through RS-232 cable. Don't attempt to use a cable with
    only a few wires... Turn on the modem. You should see the following
    LEDs lit: "TR", "MS" and "HS".

6.) Create a new port monitor. Verify it.

       # sacadm -a -p zsmon0 -t ttymon -c /usr/lib/saf/ttymon \
           -v `ttyadm -V` -y "Dial in/out on serial port a"
       # sacadm -l

7.) Create an 8-bit clean, HW flow control, 38400 locked, modem entry.
    Verify it.

       # echo "conttyH8hi:38400 -parenb cs8 ignpar opost onlcr:38400 hupcl \
           -clocal -parenb ignpar cs8 -istrip -ixon ixany \
           crtscts::conttyH8hi" >> /etc/ttydefs
       # sttydefs -l conttyH8hi

8.) Create a port listener. Verify it.

       # pmadm -a -p zsmon0 -s ttya -i root -f u -v `ttyadm -V` \
           -m "`ttyadm -b -S n -d /dev/term/a -l conttyH8hi -s /usr/bin/login \
           -m ldterm,ttcompat -T vt100 -i 'Terminal Disabled.' \
           -p 'modem login: '`" -y " Modem port ttya"
       # pmadm -l

9.) Add a line to /etc/remote to support "tip".

       # echo "cuaa:dv=/dev/cua/a:br#38400" >> /etc/remote

10.) Ensure the devices are setup properly. Verify them.

       # chown uucp /devices/obio/zs*:a*
       # chgrp sys /devices/obio/zs*:a*
       # chmod 666 /devices/obio/zs*:a*
       # ls -las /devices/obio/zs*:a*

11.) Remove any processes (and lock files) attached to term/a. These
     cause the dreaded "All ports busy" message.

       # ps -elf | grep "term/a" | awk '{ print $4 }' | xargs -i -t kill -9 {}
       # rm /var/spool/locks/LK*

12.) Talk to the modem and set it up (modify as necessary for your 
     particular modem). Note the two at&w steps which help if the
     at&c1 command kicks you out of tip. If it does, get back in and
     issue the remaining commands.

       # tip cuaa
       [connected]
       at&f           reset active to factory defaults for a clean slate

       ate1           echo characters in command state
       atq2           do not return result codes when answering
       atw1           return negotiation progress messages

       ats0=1         auto answer after 1 rings.
       ats37=15       set max modulation speed to 28.8K.
       ats11=60       speed up dialing by shortening inter-DTMF delays
       ats70=32       increase max # frame retransmissions (default is 10)

       at&k3          use hardware flow control instead of XON/XOFF
       at&q5          Error control mode
       at&d3          Monitor DTR signal, hangup & reset if on->off.
       at&s0          assert DSR always
       at&w           save these custom settings in the user profile

       at&c1          track presence of carrier detect signal.
       at&w           save these custom settings in the user profile

       ~.             exit out of tip

13.) Find TWO free IP addresses on the SAME (sub)net as the Sun
     workstation. One will be used for the serial port "network
     interface" and the other will be assigned to the remote PC.

     You can do this by asking your network folks, or by using
     ping (to detect non-registered devices) AND nslookup (to detect
     registered but unavailable devices). Here is a quick little
     sh script to find open slots on a "class C" or 8-bit subnetted
     Class B net. This works for Solaris. Modify the ping and
     nslookup statements as necessary for your OS.

       #!/bin/sh
       # Dave Brillhart - (c) 1995
       net=132.158.62
       ip=0
       while [ $ip -lt 256 ]
       do
         ping $net.$ip 2 > /dev/null
         if [ $? -eq 1 ]
         then
           nslookup $net.$ip | grep -i find
         fi
         ip=`expr $ip + 1`
       done

14.) Once you find two free IP addresses - come up with unique names
     and ask your DNS folks to register the addresses. Be sure to
     request both forward ("A" or name-to-IP) and reverse ("PTR" or
     IP-to-name) mappings. The reverse mappings are required to
     satisfy some services which employee domain filtering.

     For example, my addresses are:

       132.158.62.200 unix_ppp.mis.semi.harris.com
       132.158.62.205 pc_ppp.mis.semi.harris.com

15.) Now enter the two new addresses in your /etc/hosts file. Do this
     even if you use DNS - since PPP starts up prior to the name
     service.

       132.158.62.200 unix_ppp
       132.158.62.205 pc_ppp

16.) Create the "PPP" user account by editing the /etc/passwd and
     /etc/shadow files. Here are my entries. Change the password for
     the ppp_user account using the "passwd" command. 

       /etc/passwd
       ------------
       ppp_user:x:1115:10:PPP User:/:/usr/sbin/aspppls

       /etc/shadow
       ------------
       ppp_user:e465dfvf2sqwi:9119::::::

17.) Add the following to the bottom of the /etc/asppp.cf file. Modify
     the names of your two IP addresses.

       ifconfig ipdptp0 plumb unix_ppp pc_ppp up netmask +
       path
         ipcp_async_map 0
         inactivity_timeout 90000
         interface ipdptp0
         peer_system_name ppp_user


18.) Add a published "arp" entry for the new interface. First find the
     Physical address (ethernet address) of the network adapter attached
     to the ethernet (mine is le0). Substitute your ethernet address and
     the DNS name of your remote PC. 

       ifconfig -a | grep ether
       /usr/sbin/arp -s pc_ppp 8:0:20:11:e4:2d pub
       /usr/sbin/arp -a

19.) Create a file so that the arp entry is added at boot time. I called
     the file "/etc/rc3.d/S99arp_ppp". Owner: root. Perm: 755. It
     contains the following line.

       # echo "/usr/sbin/arp -s pc_ppp 8:0:20:11:e4:2d pub" > /etc/rc3.d/S99arp_ppp
       # chown root /etc/rc3.d/S99arp_ppp
       # chmod 755 /etc/rc3.d/S99arp_ppp

20.) Create (or append to) the file /etc/gateways and add the following
     line. Kill and restart in.routed.

       norip ipdptp0

21.) Create a defaultrouter entry in the file /etc/defaultreouter. This
     will eliminate the possibility of RIP packets and IP forwarding
     down the PPP pipe. This also disables Solaris' dynamic routing.
     Determine which router to put in by running "netstat -r" and
     using the most common "gateway" entry. The file should contain
     a single line such as the following (use the IP address for your
     router). I had to reboot for this to take effect. HUPing
     in.routed did not do the trick.

       132.158.62.254

21.) Manually start the PPP process. This is not normally needed since
     it will start at boot time.

       /etc/init.d/asppp start   (replace start with stop to stop it)

22.) Verify things are working:

       a.) ps -e | grep asppp
       b.) tail /var/adm/log/asppp.log
       c.) arp -a  (verify arp entry)
       d.) ifconfig -a  (verify ipdptp0 entry)
       e.) netstat -rn | egrep "default|ipdptp0"
              verify only one default pointed to router and
              that there is an ipdptp0 entry. 

       132.158.62.205  132.158.62.200     UH     2     76  ipdptp0
       default         132.158.62.254     UG     0   1796  

At this point, you can fire up your PC software. I use both Trumpet
Winsock and Netmanage's Chameleon_Sampler. They both work great. I've
been on for days, using Netscape, telnet, finger, FTP, and other
clients simultaneously. I've even got NCD's PC-Xware to work as an
X-server over the PPP link, but that only works with  Chameleon.

Good Luck... Let me know if you have any other questions.




From harish@holmes.ece.orst.edu Mon May 29 14:08:37 EDT 1995
Article: 44669 of comp.unix.solaris
Path: babbage.ece.uc.edu!news.cs.indiana.edu!rutgers!engr.orst.edu!holmes.ece.orst.edu!harish
From: harish@holmes.ece.orst.edu (Harish Pillay)
Newsgroups: comp.unix.solaris,comp.sys.sun.managers
Subject: Mini How-to: Sol 2.4 With Asynch PPP and Leased Lines
Date: 29 May 1995 04:37:17 GMT
Organization: Electrical and Computer Engineering Department, Oregon State University
Lines: 205
Distribution: world
Message-ID: <3qbj1t$cf@engr.orst.edu>
NNTP-Posting-Host: holmes.ece.orst.edu
X-Newsreader: TIN [version 1.2 PL2]

Here is a simple How-to to connect a Sun Solaris 2.4 Asynchronous 
PPP (bundled into the OS) with a leased line connection.

These are the files you need to edit:

	a) /etc/uucp/Devices
	b) /etc/uucp/Systems
	c) /etc/asppp.cf
	d) /etc/hosts
	e) /etc/init.d/asppp
	f) /etc/defaultrouter

Also, if you can, get hold of the following from SunSoft:

	TCP/IP Network Administration Guide (250 pages)
	Part No: 801-6632-10 

	SunSoft,
	2550 Garcia Avenue,
	Mountain View,
	CA 94043, USA.
	+1-415-960-1300, fax: +1-415-969-9131

My setup:
                               _____
  ===internal LAN===||===|     | M | 9600 leased line
                    ||         |___|================(remote-end)==>Internet
                    ||le0        || ipdptp0
                   -||-----------||----
                   | Sun IPC          |
                   | with Solaris 2.4 |
                   --------------------
The IP numbers (fictitious here, use real ones for your config) are as 
follows:

	le0: 1.2.3.4
	ipdptp0: 5.6.7.2
	remote-end: 5.6.7.1

Modem (M above) is a Racal 14.4 modem but strapped to run at 9600.

Here is the contents of the 6 files mentioned above:

a) /etc/uucp/Devices
#-----------------------------------------------------------
remote-end	term/b,M	-	Any	direct
ACU		term/b,M	-	Any	direct	 
#-----------------------------------------------------------

	Note: the 2nd serial port is being used here.  If you are using the
	first serial port, change "term/b" to "term/a" above.

b) /etc/uucp/Systems
#-----------------------------------------------------------
remote-end	Any	ACU	9600	remote-end	""	
#-----------------------------------------------------------

	Note: There is no send-expect string at the end.  It is always up
	and no login is needed.

c) /etc/asppp.cf
#-----------------------------------------------------------
#
ifconfig ipdptp0 plumb 5.6.7.2 5.6.7.1 netmask 255.255.255.252 up
#
path
        inactivity_timeout 0 	   # Don't timeout at all
	interface ipdptp0
	peer_system_name remote-end    # The name we log in with 
				       # (also in /etc/uucp/Systems)
	peer_ip_address remote-end
	debug_level 3	   # upto 9.  Output in /var/adm/log/asppp.log 
	default_route
	ipcp_async_map	0x000a0000
#	ipcp_async_map	0xFFFFFFFF # asynch map default if not specified
#	ipcp_compress vj   # specifies VJ compression on (default)
#	ipcp_compress off
#	lcp_compression on  # specifies whether PPP address, control and 
#	lcp_compression off # protocol field compression is enabled. def=on
	lcp_mru	1500	    # max receive unit packet size, in octets
			    # 1500 being the default
#-----------------------------------------------------------

	Note:  Change the netmask number above to whatever your internet
	access provider suggests.

d) /etc/hosts
#-----------------------------------------------------------
# Internet host table
#
127.0.0.1	localhost 
1.2.3.4		gateway gateway.mydomain.com mailhost mydomain.com
5.6.7.2		gateway.mydomain.com gateway loghost
5.6.7.1		remote-end remote-end.internetaccessprovider.net
#-----------------------------------------------------------

e) /etc/init.d/asppp  (Should have been provided by Sun)
#-----------------------------------------------------------
#!/bin/sh
#
#ident	"@(#)asppp	1.14	94/02/01 SMI"
#
# Copyright (c) 1993 by Sun Microsystems, Inc.
#
# Asynchronous PPP start/stop script
#

PATH=/sbin:/usr/bin:/usr/sbin
export PATH
REQ_FILES="/usr/sbin/aspppd \
	   /usr/sbin/aspppls"

mode=$1

set `id`
if [ $1 != "uid=0(root)" ]; then
	echo "$0: this script must be run as root ... fatal error"
	exit 1
fi

for FILE in $REQ_FILES; do
	if [ ! -f $FILE ]; then
		echo "$0: Asynchronous PPP has been installed but"
		echo "not configured correctly"
		echo "$0: $FILE not found"
		echo "$0: please refer to the PPP documentation"
		exit 1
	fi
done

case "$mode" in
'start')
	# Start aspppd
	
	if test -f /etc/asppp.cf
	then
		#  execute the ifconfig lines.
        	nawk '/^[ \t]*ifconfig/ { system($0) }' < /etc/asppp.cf

		/usr/sbin/aspppd -d 3
		if [ $? -ne 0 ]; then
			echo "aspppd not started, see /var/adm/log/asppp.log"
		fi
	fi
       	;; 
           
'stop')
       	# Stop aspppd
	id=`ps -e | grep aspppd | awk '{print $1}'`
	if test -n "$id"
	then
		kill $id
	fi

	if test -f /etc/asppp.cf
	then
		# use ifconfig to make the interfaces down just in case
        	nawk '/^[ \t]*ifconfig/ { system("ifconfig " $2 " down") 
				}' < /etc/asppp.cf
	fi
       	;; 


*)	# usage
	echo "usage: $0 start|stop"
	exit 1
	;;

esac  
#-----------------------------------------------------------

f) /etc/defaultrouter
#-----------------------------------------------------------
5.6.7.1
#-----------------------------------------------------------

Observations on the operation of the connection:

First, all the logging of the PPP activity is in /var/adm/log/asppp.log.  It
is a very useful log file and the amount of info logged is controlled by the 
debug_level parameter in /etc/asppp.cf file.  The most amount of info (down 
to the packet itself) is level 9.

I experienced some problems with the link.  It turned out to be a problem
with the leased line itself.  This problem manifests in the following manner:
	a) The line drops and the asynchronous PPP link terminates.
	b) The log file says that "Error 62" occurred and that the "timer
	expired".  There is no clue anywhere as to why the "timer expired"
	and no idea what "Error 62" is.

The problem was solved when it was determined that the transmit and receive
levels of the leased lines were too low.  By upping the signal level (in
my case to about 300mV AC), the link was stablized.  The problems occurred
when the signal level was half of what it was to have been.

The aspppd is started when the system is booted up, and since my setup says
that the timeout is 0 seconds, it will stay up all the time.

I hope someone will find this information useful.

Enjoy.
--
Harish Pillay						h.pillay@ieee.org
Singapore			
This document will be available at the web site above.