:lastproofread: 2022-08-26 .. _pppoe-interface: ##### PPPoE ##### :abbr:`PPPoE (Point-to-Point Protocol over Ethernet)` is a network protocol for encapsulating PPP frames inside Ethernet frames. It appeared in 1999, in the context of the boom of DSL as the solution for tunneling packets over the DSL connection to the :abbr:`ISPs (Internet Service Providers)` IP network, and from there to the rest of the Internet. A 2005 networking book noted that "Most DSL providers use PPPoE, which provides authentication, encryption, and compression." Typical use of PPPoE involves leveraging the PPP facilities for authenticating the user with a username and password, predominately via the PAP protocol and less often via CHAP. *************** Operating Modes *************** VyOS supports setting up PPPoE in two different ways to a PPPoE internet connection. This is because most ISPs provide a modem that is also a wireless router. Home Users ========== In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default. For a simple home network using just the ISP's equipment, this is usually desirable. But if you want to run VyOS as your firewall and router, this will result in having a double NAT and firewall setup. This results in a few extra layers of complexity, particularly if you use some NAT or tunnel features. Business Users ============== In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way. Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands. ************* Configuration ************* Common interface configuration ============================== .. cmdinclude:: /_include/interface-description.txt :var0: pppoe :var1: pppoe0 .. cmdinclude:: /_include/interface-disable.txt :var0: pppoe :var1: pppoe0 .. cmdinclude:: /_include/interface-vrf.txt :var0: pppoe :var1: pppoe0 PPPoE options ============= .. cfgcmd:: set interfaces pppoe access-concentrator Use this command to restrict the PPPoE session on a given access concentrator. Normally, a host sends a PPPoE initiation packet to start the PPPoE discovery process, a number of access concentrators respond with offer packets and the host selects one of the responding access concentrators to serve this session. This command allows you to select a specific access concentrator when you know the access concentrators ``. .. cfgcmd:: set interfaces pppoe authentication user Use this command to set the username for authenticating with a remote PPPoE endpoint. Authentication is optional from the system's point of view but most service providers require it. .. cfgcmd:: set interfaces pppoe authentication password Use this command to set the password for authenticating with a remote PPPoE endpoint. Authentication is optional from the system's point of view but most service providers require it. .. cfgcmd:: set interfaces pppoe connect-on-demand When set the interface is enabled for "dial-on-demand". Use this command to instruct the system to establish a PPPoE connection automatically once traffic passes through the interface. A disabled on-demand connection is established at boot time and remains up. If the link fails for any reason, the link is brought back up immediately. Enabled on-demand PPPoE connections bring up the link only when traffic needs to pass this link. If the link fails for any reason, the link is brought back up automatically once traffic passes the interface again. If you configure an on-demand PPPoE connection, you must also configure the idle timeout period, after which an idle PPPoE link will be disconnected. A non-zero idle timeout will never disconnect the link after it first came up. .. cfgcmd:: set interfaces pppoe default-route [auto | force | none] Use this command to specify whether to automatically add a default route pointing to the endpoint of the PPPoE when the link comes up. The default route is only added if no other default route already exists in the system. **default:** A default route to the remote endpoint is automatically added when the link comes up (i.e. auto). * auto: A default route is added if no other default route (From any source) already exists. * force: A default route is added after removing *all* existing default routes. * none: No default route is installed. .. note:: In all modes except 'none', all default routes using this interface will be removed when the interface is torn down - even manually installed static interface-routes. .. cfgcmd:: set interfaces pppoe mru Set the :abbr:`MRU (Maximum Receive Unit)` to `mru`. PPPd will ask the peer to send packets of no more than `mru` bytes. The value of `mru` must be between 128 and 16384. A value of 296 works well on very slow links (40 bytes for TCP/IP header + 256 bytes of data). The default is 1492. .. note:: When using the IPv6 protocol, MRU must be at least 1280 bytes. .. cfgcmd:: set interfaces pppoe idle-timeout