Re: Internet access with Debian --long reply
> Hi guys,
>
> I have expected just a problem,
>
> I want to conect on the internet with my Debian.
>
> I have configured the file /etc/ppp.chatscript, so that i have
> writing my provider's phone number, my login and pass
> But when i lauch ppp i don't know what i shall do.
>
> Please help me so that i can reach the internet with Linux and not windows
> :)
> Pierre DUPUIS Cocon
> pdupuis@nordnet.fr cocon@mygale.org
>
This is a very long response.
I have spent hundreds of hours working out network problems
on my home ppp connection.
Such egregious costs in time most sane people would trade with money for a
Microsoft product, even though that choice would lack flexibility.
The Redhat distribution provides very nice network configuration.
I wish Debian had something like it, though Redhat took away some flexibility,
and stuffed some new network configuration files in non-standard places.
In Debian, you can use xisp for ppp connections, though xisp does not
currently fully install in the Debian hamm distribution.
While the use of /etc/ppp.chatscript can work, there is the Debian way
which gets at this file's contents through other files, in particular
/etc/chatscripts/provider.
First, you need to get around your computer a bit.
My comments may refect my installed ppp package, version 2.3.1-6.
1. dpkg -L ppp
shows the files in the ppp distribution.
These include some documentation files.
In particular, as is typical of Debian packages,
there is a file with "debian" that helps, so try
zless /usr/doc/ppp/README.debian.gz #VERY USEFUL
2. Don't bother with suggestions to first try another piece of software
besides ppp; eg, minicom or seyon.
Instead, when you try pon, or "pppd call provider"
["pppd call monumental" or "pppd call pressroom" for me],
watch the log files, which may duplicate the same information,
and which can be actively viewed with; eg, "tail -f /var/log/ppp.log",
/var/log/ppp.log
/var/log/messages
/var/log/syslog
In particular, for the chatscript, you need your ISP's
prompts for "Login:" and "Password:", which for me were
"UserID:" and "Password:". So, in /etc/chatscripts/provider,
I include the lines, with-or-without the first few characters,
ID: jamesonp
ssword: \qZZZZZZZZZZ
Notice the \q which puts ????? in the log files, rather than your
secret password.
This adds some security ---you'll be going out on the internet,
and the paranoid imagine others trying to come in from the internet.
3. IGNORE PPP-HOWTO.
This is one of the few HOWTOs you should ignore.
Reading this HOWTO can get you connected, largely with a one-liner
that in its succinctness instructs.
However, debian installs ppp with certain files intended.
You can run ppp the PPP-HOWTO way, but you will probably benefit by runnning
ppp by your distribution's way, the Debian way.
Still, by connecting the Debian way, then keeping in mind that Debian
does the same as the PPP-HOWTO with files rather than command line options,
or with different files,
you can get very good advice from PPP-HOWTO.
You can find it in /usr/doc/HOWTO/PPP-HOWTO.gz if you installed the package
debian/hamm/hamm/binary-i386/doc/doc-linux-text_97.12-1.deb
or you can get it from many Linux sites in the HOWTO directory.
4. Following README.debian.gz, I altered two files,
/etc/ppp/peers/provider
/etc/chatscripts/provider
[
I might use more than one ISP, so I also have in these directories almost
identical files with variations for my providers. For example, I have the
files
/etc/ppp/peers/monumental
/etc/chatscripts/monumental
/etc/ppp/peers/pressroom
/etc/chatscripts/pressroom
and I link provider to monumental.
]
5. Hints:
a. You probably do not want start ppp on bootup.
b. Repeated use of pon can start multiple pppd daemons,
but each poff turns off but one pppd daemon.
I found this after pondering why my modem connection was often on.
In the middle of the night, I had scripts run "mirror",
"fetchmail", etc over internet.
After two months, I discovered this oddity about pon and poff.
Pon and poff's author designed them to half-way handle multiple
simultaneous ppp connections.
Scarcely a person runs multiple simultaneous ppp connections,
and I altered his code to assure
that pon starts no second pppd daemon and poff stops all pppd daemons.
Essentially, my pon is
if [ -z `/sbin/pidof -s -x pppd` ]; then
exec /usr/sbin/pppd call provider
fi
And essentially my poff is
/usr/bin/killall -q -TERM pppd chat
sleep 1
/usr/bin/killall -q -QUIT pppd chat
If you start pon as root, you cannot stop pppd without
further altering poff; eg, with sudo.
c. You can get at the speed of your connection with
pppstats -w 1
which gives a running number of characters per second received.
I would like to hear of another approach to viewing ppp
connection speed.
d. You do not need to tell your computer your ISP's Domain Name Servers
(DNS) servers. There are default, probably far away, DNS servers.
However, for speed, you will want to specify your DNS server
in /etc/resolv.conf, though for most home users I see no need
for any lines other than two lines like
nameserver 199.0.216.222
nameserver 205.177.10.10
For speed, you should use DNS servers from your own ISP.
Still, the DNS servers with which I am familiar will serve anybody,
however remote.
A year from now when you look for something to do,
move your /etc/resolv.conf aside, then install bind_8.1.1-7.deb.
During "bind" installation, or afterwards by running "bindconfig",
I got good results with no need for any
further changes to the "bind" installation by answering
(use DNS servers from your own ISP, the ones you used as a
budding-internet user in /etc/resolv.conf, for speed and propriety)
Forwarder IP addresses? [] 199.164.210.12 206.55.3.11
Enable forward-only mode? [N] Y
Enable localhost entries? [Y]
You probably want to start bind's "named" in /etc/ppp/ip-up
with the command
/usr/sbin/ndc start
and you probably want to stop bind's "named" in /etc/ppp/ip-down
with the command
/usr/sbin/ndc stop
While you're at it, start and stop some more services
in /etc/ppp/ip-up; eg, the following two lines probably
get your computer's date to within 0.1 seconds
of the world's atomic clocks.
/usr/sbin/ntpdate -t 8 -b -s black-ice.cc.vt.edu ntp.css.gov louie.udel.edu
/usr/sbin/xntpd
and the following sends out any waiting mail
/usr/bin/runq
e. I found no need to include my IP number in /etc/hosts.
Both my ISP's take care of this, one gives me the same static IP
each time, the other assigns a dynamic (different) IP address
each time. I use the "defaultroute" option in
/etc/ppp/peers/provider
f. I finally found some uses for static IP addresses.
1. With static IP, with my home computer connected to internet,
I can log into my home computer from my office.
2. With static IP, while probably depending on my remaining connected
for 30 minutes sometime during the day, I can bypass my ISP popmail
service, running my own mail.
Then I am not limited to any number of mail users.
While my ISP alots me one email address, I can use all the addresses
jameson@jameshome.mnsinc.com
polly@jameshome.mnsinc.com
ethica@jameshome.mnsinc.com
and pay my ISP no more.
This probably puts a burden on the worlds' computers, which probably
try to deliver mail to the above addresses every 30 minutes until
my computer turns on at night-time and receives waiting mail.
3. Suppose I have my office run a cron job that every 10 minutes ]
tries to start an xterm on my home computer.
Then, when I turn my home computer,
I can connect to my office computer (perhaps with a 10 minute delay)
despite multiple internet firewall/filters protecting my office.
[Where there is a want, there is a way]
g. I find external modems with several LEDs very useful.
Those flashing lights give much information about a connection
gone bad, high/low speed connection, speed at which data arrives
if you look at how fast the "RD" LED flashes, a modem running
a connection (perhaps by a cron job or a failed poff) when
I expected no connection.
h. Initially, you will probably run pon as root.
To run pon on (pppd actually) as an ordinary user, you need to either
1. put users in /etc/group corresponding to
the /usr/sbin/pppd group "dip"; eg,
dip:*:30:jameson,polly,ethica
and make sure (debian did not do this as installed: a bug)
the parent directories and files are readable by this "dip" group.
In particular, you might try
chown root.dip /etc/chatscripts /etc/ppp
chmod 750 /etc/chatscripts /etc/ppp
but do an "ls -alR /etc/chatscripts /etc/ppp" to see the
default settings. For crucial files/directories, I have
drwx--x--- root dip 1024 Jan 7 23:25 /etc/ppp
-rwxr--r-- root root 891 Jan 7 22:59 /etc/ppp/ip-down
-rwxr--r-- root root 4610 Jan 6 22:16 /etc/ppp/ip-up
-rw-r--r-- root root 10033 Nov 5 19:25 /etc/ppp/options
drwxr-xr-x root root 1024 Jan 7 13:22 /etc/ppp/peers/
-rw-r----- root dip 2283 Jan 7 13:22 /etc/ppp/provider
drwxr-x--- root dip 1024 Jan 6 00:07 /etc/chatscripts
-rw-r----- root dip 202 Mar 1 1997 /etc/chatscripts/provider
or
2. give super user (sudo) permissions by editing /etc/sudoers
with visudo, putting in this file something like, eg,
User_Alias PRIVILEDGED_USERS=root,jameson,polly,ethica
Cmnd_Alias PPP=/usr/sbin/pppd,/bin/cat /etc/ppp/options, /bin/cat
/etc/ppp/provider
Cmnd_Alias KILL=/usr/bin/killall * pppd,/usr/bin/killall * pppd chat
PRIVILEDGED_USERS rabbit=NOPASSWD:PPP,NOPASSWD:KILL
then altering pon with something like
/usr/bin/sudo /usr/sbin/pppd `/usr/sbin/sudo \
/bin/cat /etc/ppp/peers/provider` `/usr/bin/sudo \
/bin/cat /etc/ppp/options`
and similarly also altering poff.
Even this falls short since /etc/ppp/peers/provider uses
the file /etc/chatscripts/provider which has no
read permissions by the ordinary user, so another
`/usr/sbin/sudo /bin/cat /etc/chatscripts/provider` must be
used in that file.
Obviously, while you could use sudo, it gets too involved
to seriously consider, so use the "/etc/groups" approach above.
The sudo approach works well for some simpler tasks like
shutdown or lpc, and here it would save using chown and chmod
when upgrading packages like ppp.
Hopefully, one day, ppp will install without needing to use
chown and chmod for some group like "dip".
i. Once connected, the tools ifconfig and route can be informative.
j. I once spent hundreds of hours resolving my home computer's network
problems, primarily originating through smail.
Smail has a couple hundred pages of documentation and the debian package
smail_3.2.0.100-1.deb gives no help file with the package.
I feel debian needs much more documentation for the ppp user.
Running ppp is more complicate than running full-time ethernet,
yet the ppp home user has much less experience than the ethernet user.
I also feel Debian needs to sanction more software, particularly
networking software, so that the beginning debian user does not wade
so much through less useful software.
Debian sanctions Smail and INN, though I don't believe the ppp user
should use INN.
The network tools I use are smail, exmh for a mail-user-agent
(which is X based and user friendly to use, but monstrous to configure
since it requires configuring the mh or nmh package it depends upon;
I suspect many use netscape's mail and
I would really like to see a Debian recommendation for a
mail-user-agent),
the X-based "knews" for the news-reader though "pine" is more transparent
and netscape works well.
My problems resided in /etc/hosts.
In this file, you can set and I did set my domain name and
static ip address, which was improper when I was unconnected.
I now have the sole /etc/hosts entry
127.0.0.1 rabbit localhost
and never change it.
I handle all my "From:" problems in mail and news by setting them
within my mail-user-agent or news-user-agent.
This way you can also use a "From:" address that corresponds
to an office address, not your ISP's address.
HERE IS MY /etc/ppp/peers/provider:
# The original file came with the following two lines.
# connect "/usr/sbin/chat -v -f /etc/chatscripts/provider"
# defaultroute /dev/modem 38400 persist
# The file /etc/ppp/options leaves the following uncommented,
# so I presume sets these before alterations in this
# /etc/ppp/peers/provider file.
# ayncmap 0
# auth #"options" documentation says do not disable since this is now a
standard, but I could not connect without "noauth".
# crtscts
# lock #ensures exclusive access to device
# modem #use modem control lines (default anyway?)
# proxyarp #This always produces in ppp.log "Cannot determine ethernet
address for proxy ARP".
# lcp-echo-interval 30 #I believe I see my modem flash every 30 seconds.
# lcp-echo-failure 4 #To terminate connection when physical connection
breaks. Use if no hardware modem control lines.
# noipx
# /dev/modem
/dev/ttyS0
115200
crtscts #use hardware flow control
# bsdcomp 15 #Use BSD-Compress scheme 15 in place of weak modem hardware
compression. In debug mode, I saw no response from my ISP. pppd tries bsdcomp
by default.
deflate 15 #Preferred to bsdcomp, though I haven't seen if it is used. For
40ms better response, now disable the modem's V.42 compression.
noauth #don't require the ISP to authenticate itself. "options" recommends
"auth". I needed "noauth" to connect.
defaultroute #use the ISP as rabbit's default route
persist
connect "/usr/sbin/chat -v -f /etc/chatscripts/provider"
#The following unecessary "noipdefault" asks the remote end (ISP)
# for the IP address, rather than looking it up in /etc/hosts.
# This is how dynamic IP addresses work and this works fine for
# my static IP address, which I no longer put in /etc/hosts anyway.
noipdefault
# holdoff 20 #I believe this is the default seconds for "persist" to retry.
holdoff 10
# debug #if ever want syslog to record messages daemon.debug or local2.debug
(if pppd so compiled).
HERE IS MY /etc/chatscripts/provider:
# This file is used by /etc/ppp/peers/provider,
# which calls "chat -f this-file-name".
# Comments begin with "#" IN THE FIRST COLUMN, otherwise they become text.
# I have seen a non-first column's "#" become text;
# eg, do not use "AT DT ... #Hayes...",which will respond "expect (#Hayes)".
# Here are some modem options from my modem-user's-manual.
# AT #Attention
# D #Data
# T #Tone rather than pulse
# &F #Factory defaults reset
# \V #Respond with computer to modem speed (I must enter as \\V) (factory
default)
# \V4 #Respond with modem-to-modem speed, error-correction, data-compression
information (I must enter as \\V4)
# M #Mute, speaker off
# M1 #Mute, speaker off when carrier is present (factory default)
# M3 #Mute, speaker off when dialing and carrier is present
# L1 #Speaker volume low
# L2 #Speaker volume medium (factory default)
# L3 #Speaker volume high
# Do not use these the following %L** codes; unless rather than connect at a
slow speed, you prefer to not connect.
# %L13 #21600 bps min; without using %L14, ppp.log indicated a 21600 rate
chosen.
# %L14 #24000 bps min; this worked with one monumental line, with ppp.log
showing 24000 and often higher; this also prevented a later connection.
# %L15 #26400 bps min
# %L16 #28800 bps min
# %L17 #31200 bps min
# %L18 #33600 bps min
# The string
# "OK" 'AT M DT 631-3601'
# expects "OK" from my ISP (or is it my modem) before continuing.
# Some ISP's give this "OK", but my ISP does not so I should use "".
ABORT BUSY
ABORT ERROR
ABORT "NO CARRIER"
ABORT "NO DIALTONE"
# ABORT "NO ANSWER" #Not from my modem, page 34.
# ABORT VOICE #Not from my modem, page 34.
ABORT VOICE
#
#
# The following TIMEOUT's can be placed anywhere for the ensuing part
# of the connection.
# The default TIMEOUT of 45 seconds will wait 45 seconds for the next response.
# If chat sees a timeout, you will get the response "alarm", then "Failed".
TIMEOUT 30
# -v #Would use verbose mode, though I already started chat
# with "chat -v ...".
# In the following, all you need is something like.
# "" 'AT DT 631-3601'
# Be sure to use a phone number for your own ISP.
# Also, be very wary of including too many digits, since a wrong
# number and curious cron jobs could result in a phone bill for hundreds
# of dollars.
# Luckily, I pay my phone company no extra for a typical 200 hours
# of internet connections per month and I pay my ISP but
# a flat $10 US per month.
# The "M" below mutes the phone connections.
"" 'AT &F \\V4 M DT 631-9539'
# November 29, 1997: This script worked well enough without
# the following CONNECT.
# Supposedly CONNECT waits for an answer (the answer "CONNECT"?).
# I won't use CONNECT, since I wait anyway for "ID:" the stream of characters
# from my ISP.
# CONNECT ''
# YOU DEFINITELY MUST CHANGE THE FOLLOWING LINE; FOR EXAMPLE, TO
# assword: Johann
ID: jamesonp
# In the following, \q stands for quiet, which puts ????? in the log files.
# Be sure to enter your ISP's password in place of ZZZZZZZZZZZ.
ssword: \qZZZZZZZZZZZ
# CONNECT #This prevented connection to my ISP, probably because my modem
responded "CONNECT 115200".
--
Jim Burt, NJ9L, Fairfax, Virginia, USA
jameson@mnsinc.com http://www.mnsinc.com/jameson
jameson@pressroom.com
"If merely 'feeling good' could decide, drunkenness would be the supremely
valid human experience." --William James, Varieties of Religious
Experience
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: