Mlppp hack for pfsense 2.0
-
Success here on the nano image. 8)
Some bugginess in the setup, which may be in the mlppp files, or it could just be the pfsense beta.
-
Can you give me details of bugginess, and post your mpd_wan.conf file (located in /var/etc/ directory)?
Thanks,
GB -
Two or three times while setting things up I was not able to get any IP functionality into or through pfsense, other than dhcp. I could ping LAN and internet hosts from pfsense (on the console) and get a response–with one exception, where I couldn't get any ping response even from the console--but when pinging pfsense from a LAN client I got no response, even though arp resolution was happening. I hadn't touched the firewall rules, so the antilockout rule definitely should have been in effect. I think this happened after changing the IP address of an interface from the webUI, but I'm not sure. The only way I found to correct this situation was to use the console option to restore default settings. I did this 2 or 3 times.
The other thing I noticed is that sometimes on the interfaces_assign.php page the network port for LAN and OPT1 would show up as "()" instead of vr2 or vr2_vlan1 as the case may be. Despite this, I was still able to interact with pfsense on the webUI.
And finally, on the interfaces_ppps.php page, before adding any entry, there was already a blank entry, which when I tried to delete it I got some message, like I can't delete it because it's in use. After I created an mlppp entry on this page and assiged it to the WAN I was then able to delete the blank entry. I think deleting the blank entry may have corrected the () issue I described in the previous paragraph, as I'm not seeing it now.
I've attached the file you requested, although I'm not seeing any of these problems at the moment.
-
I'm not sure what was happening with respect to the pinging issues.
You're guess is correct. The network port showing up as "()" was related to the blank entry on interfaces_ppps.php. That blank entry was an empty tag in your config.xml file that resulted from bugs that should be fixed in that latest file set I just emailed you. You were still able to interact with the box when seeing these because the error was in the GUI, and the actual configuration of the LAN port hadn't changed.
GB
-
i was all set to try this out tonight but ran into some problems: vmware server no longer gives me console access to any of my VMs (pfsense is running in vmware). i have to carefully fix this first without screwing up anything (otherwise i won't be able to fix it) before the pfsense 2.0 testing.
-
I'm not sure what was happening with respect to the pinging issues.
I think I may have been trying to do setup on the WAN using the standard interfaces.php?if=wan page before creating my multilink pppoe interface on interfaces_ppps.php. I had to play with it a bit and set it up a few times to really grok the new pages. It seems to me the interfaces.php?if=wan page is redundant (except for the RFC1918 and Bogon buttons) and potentially dangerous if settings there could conflict with or overwrite settings made to the ppps page.
I'll try the updated files and report back. Thanks for the quick response.
-
Ok, I used console option 4 (Reset to factory defaults) then uploaded and untarred the new package. All the old problems are gone, but I experienced a couple new problems.
1. After assigning my interfaces, including a couple vlans for LAN and OP1, I chose option 2 (Set interface IP address) and gave an IP address to the LAN and enable dhcp. Then the console reloaded and showed no IP address for the LAN, only "NONE" where it should have showed the IP address. So then I chose option 8 (Shell) and used ifconfig to discover that the vlan did not exist, although I had set it up and it was showing in the main console view. A reboot fixed this. My first thought was that it wasn't getting renamed from pppoe0, but ifconfig didn't show any vlan interface at all, so that wouldn't be it I guess.
2. This is minor, but when connecting to the webUI the first time after getting an IP address on the LAN, I chose pppoe for the WAN. I know this is the wrong choice, as I hadn't been on the ppps page to set up my pppoe bundle yet, but it's what I did the first time trying the new package because I didn't know better, and I wanted to recreate the ignorant user's first attempt. When the wizard finished my dashboard and Status>Interfaces page both showed the WAN was connected, but didn't display any connection information, such as an IP address.
I then proceeded to Interfaces>Assign and created my pppoe bundle. From this point I had no problems. So the fact that the wizard asks you to configure the WAN before a mlppp bundle is created does not really cause any problem, except that it could confuse the first-time user. If your package could be made to exclude that step from the wizard, or redirect the user to the ppps page I think that would be better.
All in all the package is quite good.
I'm using nanoBSD build from May 25.
-
Aw geez. . . . :-)
I didn't even touch the code in the wizard that creates pppoe connections. That's the second problem you mentioned. It's still creating the pppoe config in the usual way instead of being compatible with the new code and data storage scheme. I'll have a look at that.
For your first comment I think that's probably unrelated to the new code since I didn't really touch anything related to vlans or static IP addresses.
I'm not sure what was happening with respect to the pinging issues.
I think I may have been trying to do setup on the WAN using the standard interfaces.php?if=wan page before creating my multilink pppoe interface on interfaces_ppps.php. I had to play with it a bit and set it up a few times to really grok the new pages. It seems to me the interfaces.php?if=wan page is redundant (except for the RFC1918 and Bogon buttons) and potentially dangerous if settings there could conflict with or overwrite settings made to the ppps page.
I'll try the updated files and report back. Thanks for the quick response.
As far as this goes, the interfaces.php page shows a subset of the same fields in the ppps page and doesn't conflict or overwrite anything in the config that can be entered only on the ppps page.
Yes, it's redundant to have the config fields in two places, but the dev team felt it was important to maintain continuity and simplicity for the majority of PPPoE users that just need to enter <username>and <password>for their configuration. So you mlppp guys have to put up with some more complexity for your multi link connectivity. :-)
GB</password></username>
-
Yes, it's redundant to have the config fields in two places, but the dev team felt it was important to maintain continuity and simplicity for the majority of PPPoE users that just need to enter <username>and <password>for their configuration. So you mlppp guys have to put up with some more complexity for your multi link connectivity. :-)</password></username>
If the settings on interfaces.php aren't going to cause actual conflicts with the overlapping settings on interfaces_ppps.php then it's not such a big deal. Maybe the devs would be amenable to a footnote on interfaces.php that would read something like "if you're using the mlppp package you can safely ignore this page and configure your wan using the PPPs subtab of the Interfaces>Assign page instead".
As for the wizard, I realized after my last post that if you're going to distribute the mlppp files as a standard package, the wizard will be over and done with by the time users install the package anyway, so my previous point is probably moot.
-
Actually, the plan is to merge the new code into the normal distribution. I'm waiting for review and approval.
And I'll put that footnote in the interfaces.php page too. Actually, there is already a footnote, with a link that takes you to the correct configuration in the PPPs page, but I'll make it more explicit.
GB
-
Great news. It's pretty dummy-proof at this point, by my experince. I look forward to having it integrated. If you have any more updates I'll be happy to test them and give feedback.
-
Okay, thanks.
-
Couple more things. The first may not surprise you: I updated to the latest snapshot and the PPPs tab disappeared from the webUI and I had no WAN connection, even though it looked right for a single link pppoe. I put the mlppp.tgz file back into / and untarred it and my bundle was still in the ppps tab when it reappeared. I only had to hit the "Connect" button on the interfaces page to get reconnected. I suppose the implicated php files will not get overwritten on an upgraded once your package is integrated into the base release.
The other thing I noticed before and after my firmware update is that instead of seeing interface names on the Status>Interfaces page, such as "LAN interface (vr2_vlan1)", I see no name, ie, "LAN interface ()". This is true for all interfaces.
-
I suppose the implicated php files will not get overwritten on an upgraded once your package is integrated into the base release.
Yes, you're right. Once these files are integrated you won't see this behavior.
The other thing I noticed before and after my firmware update is that instead of seeing interface names on the Status>Interfaces page, such as "LAN interface (vr2_vlan1)", I see no name, ie, "LAN interface ()". This is true for all interfaces.
I'm not sure about the cause of this. The code that displays the interface info was modified recently by other devs. I'm running an image from May 12th on my two test boxes with my new changes and those "()" parentheses are displaying all the proper interface names. I'll check the newer code behind Status -> Interfaces soon.
GB
-
vmware 2.0 only works well with firefox 2.0… sigh. ah well, i'll test this sunday.
-
I suspect that the WAN traffic graph is reporting approximately double the actual traffic being passed, for outbound traffic only.
-
Hi,
Is this going to be in the 2.0 release? I can definitely use this with TekSavvy and stop thinking about moving to Tomato because of this shortcoming. However, I don't have the luxury to test this and it should be a 100% stable feature before I can get to it.
Thanks
-
Seeing that it's in the betas I can't see why it would get pulled.
I've been using it since it before it was in the builds (with TekSavvy) and haven't had any issue with it.
pfsense 2.0 isn't quite release-ready yet, but it's getting there, and the mlppp component is not really in question, as far as I can tell.
-
1- Sorry, I didn't get what you said. "It's not in question" ??? Is it going to BE or NOT TO BE in the 2.0 stable release?
I am assuming you are using this with a beta of 2.0 right as it's not supported in 1.2.3.2- Doesn't TekSavvy send you another router which takes two Rj-11 jacks? or do they send you two DSL modem for mlpp? If one mode only, do you put it in Bridge mode? If two modems, do you put both in bridge mode to use pfsense?
Thanks
-
I'm using 2.0 betas, and as far as I know I was the first one using the mlppp functionality from before it went into the snapshots. I haven't had a single problem with it and it's been in the snapshots for months now. I would be surprised if it was taken out at this point. There's no reason to. You may as well take out the traffic shaper or openvpn.
You will need a modem for every DSL connection. I don't buy my modems from TekSavvy, although you can if you want. They're cheaper through ncix.com, speedtouch.ca, and some other retailers.
Each modem then has to plug into pfsense, so your pfsense box needs either a physical port for each line, or you use a vlan-capable switch between the modems and your WAN port. This is what I do, as when adding more lines, you reach a point where having a whole bunch of NICs in your firewall box gets silly.