diff options
Diffstat (limited to 'share/doc/handbook/slips.sgml')
| -rw-r--r-- | share/doc/handbook/slips.sgml | 509 |
1 files changed, 0 insertions, 509 deletions
diff --git a/share/doc/handbook/slips.sgml b/share/doc/handbook/slips.sgml deleted file mode 100644 index b93be74..0000000 --- a/share/doc/handbook/slips.sgml +++ /dev/null @@ -1,509 +0,0 @@ -<!-- $Id$ - This is an SGML version in the linuxdoc DTD of the SLIP Server - FAQ by Guy Helmer. - - This guide provides instruction in configuring and preparing - a FreeBSD system to be a dialup SLIP server. - -<title> -Setting up FreeBSD as a SLIP Server -<author>Guy Helmer, <tt/ghelmer@alpha.dsu.edu/ -<date>v1.0, 15 May 1995 - ---> - -<sect><heading>Setting up a SLIP server<label id="slips"></heading> -<p><em>Contributed by &a.ghelmer;.<newline> -v1.0, 15 May 1995.</em> - -This document provides suggestions for setting up SLIP Server services -on a FreeBSD system, which typically means configuring your system to -automatically startup connections upon login for remote SLIP clients. -The author has written this document based on his experience; -however, as your system and needs may be different, this document may -not answer all of your questions, and the author cannot be responsible -if you damage your system or lose data due to attempting to follow the -suggestions here. - -This guide was originally written for SLIP Server services on a -FreeBSD 1.x system. It has been modified to reflect changes in the -pathnames and the removal of the SLIP interface compression flags in -early versions of FreeBSD 2.X, which appear to be the only major -changes between FreeBSD versions. If you do encounter mistakes in -this document, please email the author with enough information to -help correct the problem. - -<sect1><heading>Prerequisites<label id="slips:prereqs"></> - -<p> -This document is very technical in nature, so background knowledge is -required. It is assumed that you are familiar with the TCP/IP network -protocol, and in particular, network and node addressing, network -address masks, subnetting, routing, and routing protocols, such as -RIP. Configuring SLIP services on a dial-up server requires a -knowledge of these concepts, and if you are not familiar with them, -please read a copy of either Craig Hunt's <em>TCP/IP Network -Administration</em> published by O'Reilly & Associates, Inc. (ISBN -Number 0-937175-82-X), or Douglas Comer's books on the TCP/IP -protocol. - -It is further assumed that you have already setup your modem(s) and -configured the appropriate system files to allow logins through your -modems. If you have not prepared your system for this yet, please see -the tutorial for configuring dialup services; if you have a World-Wide -Web browser available, browse the list of tutorials at -<tt>http://www.freebsd.org/</tt>; otherwise, check the place -where you found this document for a document named <tt/dialup.txt/ or -something similar. You may also want to check the manual pages for -<tt/sio(4)/ for information on the serial port device driver and -<tt/ttys(5)/, <tt/gettytab(5)/, <tt/getty(8)/, & <tt/init(8)/ for -information relevant to configuring the system to accept logins on -modems, and perhaps <tt/stty(1)/ for information on setting serial -port parameters [such as <tt/clocal/ for directly-connected -serial interfaces]. - -<sect1><heading>Quick Overview</heading> -<p> - -In its typical configuration, using FreeBSD as a SLIP server works as -follows: a SLIP user dials up your FreeBSD SLIP Server system and logs -in with a special SLIP login ID that uses <tt>/usr/sbin/sliplogin</tt> -as the special user's shell. The <tt/sliplogin/ program browses the -file <tt>/etc/sliphome/slip.hosts</tt> to find a matching line for -the special user, and if it finds a match, connects the serial line to -an available SLIP interface and then runs the shell script -<tt>/etc/sliphome/slip.login</tt> to configure the SLIP interface. - -<sect2><heading>An Example of a SLIP Server Login</heading> -<p> - -For example, if a SLIP user ID were <tt>Shelmerg</tt>, <tt/Shelmerg/'s -entry in <tt>/etc/master.passwd</tt> would look something like this -(except it would be all on one line): - -<tscreen><verb> -Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP: - /usr/users/Shelmerg:/usr/sbin/sliplogin -</verb></tscreen> - -and, when <tt/Shelmerg/ logs in, <tt>sliplogin</tt> will search -<tt>/etc/sliphome/slip.hosts</tt> for a line that had a matching user -ID; for example, there may be a line in -<tt>/etc/sliphome/slip.hosts</tt> that reads: - -<tscreen><verb> -Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp -</verb></tscreen> - -<tt/sliplogin/ will find that matching line, hook the serial line into -the next available SLIP interface, and then execute -<tt>/etc/sliphome/slip.login</tt> like this: - -<tscreen><verb> -/etc/sliphome/slip.login 0 19200 Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp -</verb></tscreen> - -If all goes well, <tt>/etc/sliphome/slip.login</tt> will issue an -<tt>ifconfig</tt> for the SLIP interface to which <tt/sliplogin/ -attached itself (slip interface 0, in the above example, which was the -first parameter in the list given to <tt>slip.login</tt>) to set the -local IP address (<tt>dc-slip</tt>), remote IP address -(<tt>sl-helmer</tt>), network mask for the SLIP interface -(<tt>0xfffffc00</tt>), and any additional flags (<tt>autocomp</tt>). -If something goes wrong, <tt/sliplogin/ usually logs good -informational messages via the daemon syslog facility, which usually -goes into <tt>/var/log/messages</tt> (see the manual pages for -<tt>syslogd(8)</tt> and <tt>syslog.conf(5)</tt>, and perhaps check -<tt>/etc/syslog.conf</tt> to see to which files <tt>syslogd</tt> is -logging). - -OK, enough of the examples -- let us dive into setting up the system. - -<sect1><heading>Kernel Configuration</heading> -<p> -FreeBSD's default kernels usually come with two SLIP interfaces -defined (<tt>sl0</tt> and <tt>sl1</tt>); you can use <tt>netstat --i</tt> to see whether these interfaces are defined in your kernel. - -Sample output from <tt>netstat -i</tt>: - -<tscreen><verb> -Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll -ed0 1500 <Link>0.0.c0.2c.5f.4a 291311 0 174209 0 133 -ed0 1500 138.247.224 ivory 291311 0 174209 0 133 -lo0 65535 <Link> 79 0 79 0 0 -lo0 65535 loop localhost 79 0 79 0 0 -sl0* 296 <Link> 0 0 0 0 0 -sl1* 296 <Link> 0 0 0 0 0 -</verb></tscreen> - -The <tt>sl0</tt> and <tt>sl1</tt> interfaces shown in <tt>netstat --i</tt>'s output indicate that there are two SLIP interfaces built -into the kernel. (The asterisks after the <tt>sl0</tt> and -<tt>sl1</tt> indicate that the interfaces are ``down''.) - -However, FreeBSD's default kernels do not come configured to forward -packets (ie, your FreeBSD machine will not act as a router) due to -Internet RFC requirements for Internet hosts (see RFC's 1009 -[Requirements for Internet Gateways], 1122 -[Requirements for Internet Hosts -- Communication Layers], -and perhaps 1127 [A Perspective on the Host Requirements -RFCs]), so if you want your FreeBSD SLIP Server to act as a -router, you will have to edit the <tt>/etc/sysconfig</tt> file and change -the setting of the <bf>gateway</bf> variable to <tt>YES</tt>. If you -have an older system which does not have the <tt>/etc/sysconfig</tt> -file, then add the following command: -<verb> -sysctl -w net.inet.ip.forwarding = 1 -</verb> -to your <tt>/etc/rc.local</tt> file. - -<p>You will then need to reboot for the new settings to take effect. - -<p>You will notice that near the end of the default kernel configuration -file (<tt>/sys/i386/conf/GENERIC</tt>) is a line that reads: - -<tscreen><verb> -pseudo-device sl 2 -</verb></tscreen> - -which is the line that defines the number of SLIP devices available in -the kernel; the number at the end of the line is the maximum number of -SLIP connections that may be operating simultaneously. - -Please refer to <ref id="kernelconfig" name="Configuring the FreeBSD Kernel"> -for help in reconfiguring your kernel. - -<sect1><heading>Sliplogin Configuration</heading> - -<p> - -As mentioned earlier, there are three files in the -<tt>/etc/sliphome</tt> directory that are part of the configuration -for <tt>/usr/sbin/sliplogin</tt> (see <tt>sliplogin(8)</tt> for the -actual manual page for <tt>sliplogin</tt>): <tt>slip.hosts</tt>, which -defines the SLIP users & their associated IP addresses; -<tt>slip.login</tt>, which usually just configures the SLIP interface; -and (optionally) <tt>slip.logout</tt>, which undoes -<tt>slip.login</tt>'s effects when the serial connection is -terminated. - -<sect2><heading>slip.hosts Configuration</heading> - -<p> - -<tt>/etc/sliphome/slip.hosts</tt> contains lines which have at least -four items, separated by whitespace: - -<itemize> -<item> SLIP user's login ID -<item> Local address (local to the SLIP server) of the SLIP link -<item> Remote address of the SLIP link -<item> Network mask -</itemize> - -The local and remote addresses may be host names (resolved to IP -addresses by <tt>/etc/hosts</tt> or by the domain name service, -depending on your specifications in <tt>/etc/host.conf</tt>), and I -believe the network mask may be a name that can be resolved by a -lookup into <tt>/etc/networks</tt>. On a sample system, -<tt>/etc/sliphome/slip.hosts</tt> looks like this: - -<tscreen><verb> ------ begin /etc/sliphome/slip.hosts ----- -# -# login local-addr remote-addr mask opt1 opt2 -# (normal,compress,noicmp) -# -Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp ------ end /etc/sliphome/slip.hosts ------ -</verb></tscreen> - -At the end of the line is one or more of the options. - -<itemize> -<item> <tt>normal</tt> - no header compression -<item> <tt>compress</tt> - compress headers -<item> <tt>autocomp</tt> - compress headers if the remote end allows it -<item> <tt>noicmp</tt> - disable ICMP packets (so any ``ping'' packets will be - dropped instead of using up your bandwidth) -</itemize> - -Note that <tt/sliplogin/ under early releases of FreeBSD 2 ignored -the options that FreeBSD 1.x recognized, so the options -<tt/normal/, <tt/compress/, <tt/autocomp/, and <tt/noicmp/ had no effect -until support was added in FreeBSD 2.2 (unless your <tt/slip.login/ script -included code to make use of the flags). - -Your choice of local and remote addresses for your SLIP links depends -on whether you are going to dedicate a TCP/IP subnet or if you are -going to use ``proxy ARP'' on your SLIP server (it is not ``true'' -proxy ARP, but that is the terminology used in this document to -describe it). If you are not sure which method to select or how to -assign IP addresses, please refer to the TCP/IP books referenced in -the <ref id="slips:prereqs"> section and/or consult your IP network manager. - -If you are going to use a separate subnet for your SLIP clients, you -will need to allocate the subnet number out of your assigned IP -network number and assign each of your SLIP client's IP numbers out of -that subnet. Then, you will probably either need to configure a -static route to the SLIP subnet via your SLIP server on your nearest -IP router, or install <tt>gated</tt> on your FreeBSD SLIP server and -configure it to talk the appropriate routing protocols to your other -routers to inform them about your SLIP server's route to the SLIP -subnet. - -Otherwise, if you will use the ``proxy ARP'' method, you will need to -assign your SLIP client's IP addresses out of your SLIP server's -Ethernet subnet, and you will also need to adjust your -<tt>/etc/sliphome/slip.login</tt> and -<tt>/etc/sliphome/slip.logout</tt> scripts to use <tt>arp(8)</tt> to -manage the proxy-ARP entries in the SLIP server's ARP table. - -<sect2><heading>slip.login Configuration</heading> - -<p> -The typical <tt>/etc/sliphome/slip.login</tt> file looks like this: - -<tscreen><verb> ------ begin /etc/sliphome/slip.login ----- -#!/bin/sh - -# -# @(#)slip.login 5.1 (Berkeley) 7/1/90 - -# -# generic login file for a slip line. sliplogin invokes this with -# the parameters: -# 1 2 3 4 5 6 7-n -# slipunit ttyspeed loginname local-addr remote-addr mask opt-args -# -/sbin/ifconfig sl$1 inet $4 $5 netmask $6 ------ end /etc/sliphome/slip.login ----- -</verb></tscreen> - -This <tt>slip.login</tt> file merely ifconfig's the appropriate SLIP -interface with the local and remote addresses and network mask of the -SLIP interface. - -If you have decided to use the ``proxy ARP'' method (instead of using -a separate subnet for your SLIP clients), your -<tt>/etc/sliphome/slip.login</tt> file will need to look something -like this: - -<tscreen><verb> ------ begin /etc/sliphome/slip.login for "proxy ARP" ----- -#!/bin/sh - -# -# @(#)slip.login 5.1 (Berkeley) 7/1/90 - -# -# generic login file for a slip line. sliplogin invokes this with -# the parameters: -# 1 2 3 4 5 6 7-n -# slipunit ttyspeed loginname local-addr remote-addr mask opt-args -# -/sbin/ifconfig sl$1 inet $4 $5 netmask $6 -# Answer ARP requests for the SLIP client with our Ethernet addr -/usr/sbin/arp -s $5 00:11:22:33:44:55 pub ------ end /etc/sliphome/slip.login for "proxy ARP" ----- -</verb></tscreen> - -The additional line in this <tt>slip.login</tt>, <tt>arp -s $5 -00:11:22:33:44:55 pub</tt>, creates an ARP entry in the SLIP server's -ARP table. This ARP entry causes the SLIP server to respond with the -SLIP server's Ethernet MAC address whenever a another IP node on the -Ethernet asks to speak to the SLIP client's IP address. - -When using the example above, be sure to replace the Ethernet MAC -address (<tt>00:11:22:33:44:55</tt>) with the MAC address of your -system's Ethernet card, or your ``proxy ARP'' will definitely not work! -You can discover your SLIP server's Ethernet MAC address by looking at -the results of running <tt>netstat -i</tt>; the second line of the output -should look something like: - -<tscreen><verb> -ed0 1500 <Link>0.2.c1.28.5f.4a 191923 0 129457 0 116 - ^^^^^^^^^^^^^^^ -</verb></tscreen> - -which indicates that this particular system's Ethernet MAC address is -<tt>00:02:c1:28:5f:4a</tt> -- the periods in the Ethernet MAC address -given by <tt>netstat -i</tt> must be changed to colons and leading zeros -should be added to each single-digit hexadecimal number to convert the -address into the form that <tt>arp(8)</tt> desires; see the manual page on -<tt>arp(8)</tt> for complete information on usage. - -Note that when you create <tt>/etc/sliphome/slip.login</tt> and -<tt>/etc/sliphome/slip.logout</tt>, the ``execute'' bit (ie, -<tt>chmod 755 /etc/sliphome/slip.login -/etc/sliphome/slip.logout</tt>) must be set, or <tt>sliplogin</tt> -will be unable to execute it. - -<sect2><heading>slip.logout Configuration</heading> - -<p> - -<tt>/etc/sliphome/slip.logout</tt> is not strictly needed (unless you -are implementing ``proxy ARP''), but if you decide to create it, this -is an example of a basic <tt>slip.logout</tt> script: - -<tscreen><verb> ------ begin /etc/sliphome/slip.logout ----- -#!/bin/sh - -# -# slip.logout - -# -# logout file for a slip line. sliplogin invokes this with -# the parameters: -# 1 2 3 4 5 6 7-n -# slipunit ttyspeed loginname local-addr remote-addr mask opt-args -# -/sbin/ifconfig sl$1 down ------ end /etc/sliphome/slip.logout ----- -</verb></tscreen> - -If you are using ``proxy ARP'', you will want to have -<tt>/etc/sliphome/slip.logout</tt> remove the ARP entry for the SLIP -client: - -<tscreen><verb> ------ begin /etc/sliphome/slip.logout for "proxy ARP" ----- -#!/bin/sh - -# -# @(#)slip.logout - -# -# logout file for a slip line. sliplogin invokes this with -# the parameters: -# 1 2 3 4 5 6 7-n -# slipunit ttyspeed loginname local-addr remote-addr mask opt-args -# -/sbin/ifconfig sl$1 down -# Quit answering ARP requests for the SLIP client -/usr/sbin/arp -d $5 ------ end /etc/sliphome/slip.logout for "proxy ARP" ----- -</verb></tscreen> - -The <tt>arp -d $5</tt> removes the ARP entry that the ``proxy ARP'' -<tt>slip.login</tt> added when the SLIP client logged in. - -It bears repeating: make sure <tt>/etc/sliphome/slip.logout</tt> has -the execute bit set for after you create it (ie, <tt>chmod 755 -/etc/sliphome/slip.logout</tt>). - -<sect1><heading>Routing Considerations</heading> - -<p> -If you are not using the ``proxy ARP'' method for routing packets -between your SLIP clients and the rest of your network (and perhaps -the Internet), you will probably either have to add static routes to -your closest default router(s) to route your SLIP client subnet via -your SLIP server, or you will probably need to install and configure -<tt>gated</tt> on your FreeBSD SLIP server so that it will tell your -routers via appropriate routing protocols about your SLIP subnet. - -<sect2><heading>Static Routes</heading> - -<p> -Adding static routes to your nearest default routers can be -troublesome (or impossible, if you do not have authority to do so...). -If you have a multiple-router network in your organization, some -routers, such as Cisco and Proteon, may not only need to be configured -with the static route to the SLIP subnet, but also need to be told -which static routes to tell other routers about, so some expertise and -troubleshooting/tweaking may be necessary to get static-route-based -routing to work. - -<sect2><heading>Running gated</heading> - -<p> -An alternative to the headaches of static routes is to install -<tt>gated</tt> on your FreeBSD SLIP server and configure it to use the -appropriate routing protocols (RIP/OSPF/BGP/EGP) to tell other routers -about your SLIP subnet. <tt/gated/ is available via anonymous ftp -from <tt>ftp.gated.cornell.edu</tt> in the directory -<tt>/pub/gated</tt>; I believe the current version as of this writing -is <tt>gated-R3_5Alpha_8.tar.Z</tt>, which includes support for -FreeBSD ``out-of-the-box''. Complete information and documentation on -<tt>gated</tt> is available on the Web starting at -<tt>http://www.gated.cornell.edu/</tt>. Compile and install it, and -then write a <tt>/etc/gated.conf</tt> file to configure your gated; -here is a sample, similar to what the author used on a FreeBSD SLIP -server: - -<tscreen><verb> ------ begin sample /etc/gated.conf for gated version 3.5Alpha5 ----- -# -# gated configuration file for dc.dsu.edu; for gated version 3.5alpha5 -# Only broadcast RIP information for xxx.xxx.yy out the ed Ethernet interface -# -# -# tracing options -# -traceoptions "/var/tmp/gated.output" replace size 100k files 2 general ; - -rip yes { - interface sl noripout noripin ; - interface ed ripin ripout version 1 ; - traceoptions route ; -} ; - -# -# Turn on a bunch of tracing info for the interface to the kernel: -kernel { - traceoptions remnants request routes info interface ; -} ; - -# -# Propagate the route to xxx.xxx.yy out the Ethernet interface via RIP -# - -export proto rip interface ed { - proto direct { - xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections - } ; -} ; - -# -# Accept routes from RIP via ed Ethernet interfaces - -import proto rip interface ed { - all ; -} ; - ------ end sample /etc/gated.conf ----- -</verb></tscreen> - -The above sample <tt>gated.conf</tt> file broadcasts routing -information regarding the SLIP subnet <tt>xxx.xxx.yy</tt> via RIP onto -the Ethernet; if you are using a different Ethernet driver than the -<tt/ed/ driver, you will need to change the references to the <tt/ed/ -interface appropriately. This sample file also sets up tracing to -<tt>/var/tmp/gated.output</tt> for debugging <tt>gated</tt>'s -activity; you can certainly turn off the tracing options if -<tt>gated</tt> works OK for you. You will need to change the -<tt>xxx.xxx.yy</tt>'s into the network address of your own SLIP subnet -(be sure to change the net mask in the <tt>proto direct</tt> clause as -well). - -When you get <tt>gated</tt> built and installed and create a -configuration file for it, you will need to run <tt>gated</tt> in place -of <tt>routed</tt> on your FreeBSD system; change the -<tt>routed/gated</tt> startup parameters in <tt>/etc/netstart</tt> as -appropriate for your system. Please see the manual page for -<tt>gated</tt> for information on <tt>gated</tt>'s command-line -parameters. - -<sect1><heading>Acknowledgments</heading> - -<p> -Thanks to these people for comments and advice regarding this tutorial: - -<descrip> -<tag/&a.wilko;/ - -<tag/Piero Serini/ <Piero@Strider.Inet.IT> -</descrip> - -<!-- </article> --> |
