pppd(1) General Commands Manual pppd(1)
NAME
pppd - PPP point to point protocal daemon
SYNOPSIS
[options]...
DESCRIPTION
is a daemon process used in UNIX systems to manage connections to other hosts using PPP (Point to Point Protocol) or SLIP (Serial Line
Internet Protocol). It uses the UNIX host's native serial ports. It communicates with the UNIX kernel's own TCP/IP implementation via the
HP IP tunnel driver.
The functionality supplied by this daemon supersedes that provided by in HP-UX prior to Release 10.30. only supported the SLIP and CSLIP
(Compressed Header SLIP) protocols.
Daemon Management Options
Start in "autocall" mode and detach from the controlling terminal to run as a daemon. Initiate a connection in response to a packet speci-
fied in the "bringup" category in filter-file. Requires the remote address.
When used with
bring the link up immediately rather than waiting for traffic. If the link goes down, attempt to restart it (after the call retry
delay timer expires) without waiting for an outbound packet.
Treat the connection as a dedicated line rather than a demand-dial
connection. This option tells to never give up on the connection; that is, if the peer tries to shut down the link, go ahead and do
so, but then immediately try to reestablish the connection. Similarly, when first trying to connect, will not give up after sending
a fixed number of Configure-Request messages.
Hangup events (LQM failures, loss of Carrier Detect) will still cause the device to be closed, just as with dial-up connections, and
the file will then be checked for alternate entries. If none are available, the connection will be reestablished after the call
retry delay timer expires. Use a short call retry delay timer on dedicated circuits; something like should work well. Implies
Set the delay of
delay seconds between dialing each alternate numbers in the file for the same destination. The default value is 1 second.
Don't detach from the controlling terminal in "autocall" mode.
When used with this can be useful for watching the progress of the PPP session.
Append logging messages to
log-file (default:
Append session accounting messages to
acct-file. If acct-file is the same as log-file, the session accounting messages will be interleaved with other logging informa-
tion.
Look in
filter-file for packet filtering and link management information (default:
Set the log file verbosity to the following debug-level and each debugging
verbosity level also provides the information of all the lower-numbered levels.
0 Daemon start messages
1 Link status messages, calling attempts (the default)
2 Chat script processing, input framing errors
3 LCP, IPCP, IPV6CP, PAP and CHAP negotiation
4 LQM status summaries
5 IP interface changes
6 IP message summaries
7 Full LQM reports
8 All PPP messages (without framing)
9 Characters read or written
10 Procedure call messages
11 Internal timers
Run when the link comes up, and when it goes down; where addr is the IP address of the peer, and args is the list of arguments given to
Run when the link comes up, and when it goes down; where interfac-id is the 64-bit IPv6 interface identifier of the peer, and args is
the list of arguments supplied to
When IPv6 is enabled, the
flag will not be set to IPv6 interface so that the interface is able to forward IPv6 datagrams. Also, this interface will not be
able to receive any router advertisement packets for configuring the IPv6 secondary interface. Instead, use the command or stateful
configuration methods like DHCPv6 to configure the IPv6 secondary interface.
When specified, IPCP negotiation will not take place and no
IPv4 datagrams will pass through the link.
When specified, IPV6CP negotiation will not take place and no
IPv6 datagrams will pass through the link.
Run at a normal user process priority, rather than using the
library routine to elevate scheduling priority to
Communications Options
Set the desired Async Control Character Map to async-map, expressed in C-style hexadecimal notation (default 0xA0000).
Disable LCP Async Control Character Map negotiation.
In addition to those characters specified in the PPP Async Control
Character Map (which can include only 0x00 through 0x1F), also apply the escaping algorithm when transmitting odd-character. The
value of odd-character must be between 0x00 and 0xFF, and cannot be any of 0x5E, 0x7D or 0x7E.
odd-character can be specified as a decimal number, in C-style hexadecimal notation, or as an ASCII character with optional control-
character notation. For example, the XON character could be specified as 17, 0x11, or ^Q.
If a character specified with the argument, when transformed into its escaped form, would be the same as a character contained in
the peer's negotiated Async Control Character Map, a warning will be printed in the log file and the character specified on the com-
mand line will not be escaped.
If a character specified with the argument, when transformed into its escaped form, would be the same as a character specified in
another argument on the daemon's command line, will print an error message and exit.
Communicate over the named device (default
Set communications rate to comm-speed bits per second.
Ignore the state of the CD (Carrier Detect, also called DCD, Data
Carrier Detect) signal. This is useful for systems that don't support CD but want to run PPP over a dedicated line.
Set the line to use in-band ("software") flow control, using the
characters DC3 (^S, XOFF, ASCII 0x13) to stop the flow and DC1 (^Q, XON, ASCII 0x11) to resume. (The default is to use no flow con-
trol.) For an outbound connection, this may be specified either in or on the command line.
When used on an answering
command line, negotiate the telnet binary option and understand telnet escape processing. Not for use with or
Link Management Options
Disable all LCP and IPCP options.
Disable HDLC Address and Control Field compression.
Disable LCP Protocol Field Compression.
Use RFC 1055 SLIP
packet framing rather than PPP packet framing. Disables all option negotiation, and implies and Implies if peer sends a header-com-
pressed TCP packet.
When running in SLIP mode, prepend a SLIP packet framing character
(0xC0) to each frame before transmission, even if this frame immediately follows the previous frame. By default, transmits only one
framing character between adjacent SLIP frames.
When running in PPP mode, prepend a PPP packet framing character
(0x7E) to each frame before transmission, even if this frame immediately follows the previous frame. By default, transmits only one
framing character between adjacent PPP frames.
Disable LCP Magic Number negotiation.
Set LCP Maximum Receive Unit value to mru-size for negotiation.
The default is 1500 for PPP and 1006 for SLIP.
Disable LCP Maximum Receive Unit negotiation, and use 1500 for our interface.
Begin LCP parameter negotiation immediately (the default).
Do not send our first LCP packet until we receive an LCP packet from
the peer.
Set the LCP, IPCP, CCP, PAP, and CHAP option negotiation restart
timers to restart-time (default 3 seconds).
Send Link-Quality-Reports or Echo-Requests every
time seconds (default 10 seconds). If the peer responds with a Protocol-Reject, send LCP Echo-Requests every time seconds instead,
and use the received LCP Echo-Replies for link status policy decisions.
Set a minimum standard for link quality by considering the connection
to have failed if fewer than min out of the last per LQRs we sent have been responded to by the peer (default 1/5).
Use LCP Echo-Requests rather than standard Link-Quality-Report
messages for link quality assessment and policy decisions. The peer can override this if it actively tries to configure Link Qual-
ity Monitoring unless the parameter is also specified.
Don't send or recognize Link-Quality-Report messages.
If is also specified, Echo-Request messages will be used to detect link failures.
Shut down the link when idle-time seconds pass
without receiving or transmitting a packet specified in the "keepup" category in the filter file (default is to never consider the
link idle).
If session-idle-time is specified and any TCP sessions are open, shut down the link when session-idle-time seconds pass without
receiving or transmitting a packet.
Set the PPP Max-Configure counter (the maximum number of
Configure-Requests sent without a response) to tries.
Set the PPP Max-Terminate counter (the maximum number of
Terminate-Requests sent without a response) to tries.
Set the PPP Max-Failure counter (the maximum number of
Configure-Naks sent without a positive response) to tries.
IP Options
The address of this machine, followed by the expected address for the remote machine. Can be specified either as symbolic names or as lit-
eral IP addresses, if their addresses cannot be discovered locally without using the PPP link.
Both addresses are optional, but a colon by itself is not valid, and the remote address is required when running as a daemon in
"autocall" mode. If only local: is specified when receiving an incoming call, the remote address will be discovered during IPCP IP-
Address negotiations.
If either address is followed by a tilde character or if the tilde appears alone, accepts the IP address given by the peer during
IPCP negotiations, whether for the local end or the peer's end of the link (not available in SLIP mode).
Because SLIP cannot perform option negotiations, including IPCP, both addresses should normally be specified, and the tilde option
is unavailable. To obtain a similar "feature", the peer must provide the IP address textually during the login process, and a new
value must be obtained using the Systems file "A" chat script feature (see ppp.Systems(4)).
should be followed by two 64-bit IPv6 interface identifiers namely,
the interface identifier of this machine and the expected interface identifier for the remote machine.
Both interface identifiers are optional, but a comma by itself is not valid, and the remote address is required when running as a
daemon in the "autocall" mode. If only local-ifid: is specified when receiving an incoming call, the remote interface identifier
will be discovered during IPV6CP interface id negotiations.
If either interface identifier is followed by a tilde character or if the tilde appears alone, accepts the interface identifier
given by the peer during IPV6CP negotiations, whether for the local end or the peer's end of the link. Note that, SLIP is not sup-
ported for IPv6 transmission. When this option is specified along with option, will exit with error message.
Set the subnet mask of the interface to subnet-mask, expressed either
in C-style hexadecimal (for example, 0xffffff00) or in decimal dotted-quad notation (for example, 255.255.255.0). The default sub-
net mask will be appropriate for the network (class A, B, or C), assuming no subnetting.
Ask the peer to assign us an IP address.
Get a 64-bit IPv6 interface identifier assigned by the peer.
Disable IPCP IP-Address negotiation.
Disable IPV6CP interface identifier negotiation.
Enable RFC 1144 "VJ" Van Jacobson TCP header compression
negotiation with 16 slots and slot ID compression (this is the default with PPP framing). "VJ" compression is enabled by default
for async connections, and disabled by default for sync connections.
Disable RFC 1144 "VJ" Van Jacobson TCP header compression (this is the
default with SLIP framing, until the peer sends a header-compressed TCP packet).
Set the number of VJ compression slots
(min 3, max 256, default 16).
Disable VJ compression slot ID compression (enabled by default).
Backwards compatibility with older PPP implementations (4-byte VJ
configuration option), but with the correct option negotiation value of 0x002d.
Backwards compatibility with older PPP implementations (4-byte VJ
configuration option) that conform to the typographical error in RFC 1172 section 5.2 (Compression-Type value 0x0037).
Backwards compatibility with older PPP implementations that conform to
RFC 1172 section 5.1 (IP-Addresses, IPCP configuration option 1) and not with the newer RFC 1332 (IP-Address, IPCP configuration
option 3), but that respond with something besides a Configure-Reject when they receive an IPCP Configure-Request containing an
option 3.
Do not send nak (negative acknowledgement) if the IPV6CP
interface identifier option has already been sent negative acknowledgements during previous replies.
Authentication Options
Require either PAP or CHAP authentication.
Require CHAP authentication as described in RFC 1334.
Require MS-CHAP authentication.
Require PAP authentication.
Demand that the peer re-authenticate itself (using CHAP) every
interval seconds. If the peer fails the new challenge, the link is terminated.
Provide the
identifier used during PAP or CHAP negotiation. This option is necessary if the PPP peer requires authentication. The default
value is the value returned by the gethostname(2) system call or the hostname(1) command.
MicroSoft Compatibility Options
Set the MS DNS address to provide to the peer. First occurrence of this option on the command line sets the primary address; the second
occurrence sets the secondary address.
Set the MS NBNS address to provide to the peer.
First occurrence of this option on the command line sets the primary address; the second occurrence sets the secondary address.
Encryption Options
Encryption is not currently available in software exported from the USA. However, customer may contact sales@progressive-systems.com to
obtain encryption functionality.
Link Compression Options
Offer all supported link compression types (currently only Predictor-1) when negotiating. The default is to propose and accept no link
compression type.
Accept any supported compression type, but prefer Predictor type 1
compression.
Never use Predictor-1 compression.
LOG FILE
Status information is recorded in the log file by default) by each copy of running on a single machine. Each line in the file consists of
a message preceded by the date, the time, and the process ID number of the daemon writing the message. The quantity and verbosity of mes-
sages are controlled with the option and with the filter (see ppp.Filter(4)).
Each packet that brings up the link (at debug level 1 or more), each packet that matches the filter (at any debug level), or any packet
when the debug level is 7 or more writes a one-line description of the packet to the log file. The first item of the message is the proto-
col or a numeric protocol value).
For ICMP packets, the keyword is followed by the ICMP message type and sub code, separated by slashes. After the protocol comes an IP
address and optionally a TCP or UDP port number, followed by an arrow indicating whether the packet was sent or received followed by
another address and port number, followed by the length of the packet in bytes before VJ TCP header compression, followed by zero or more
keywords.
For transmitted packets, the first IP address is the source address, while for received packets, the first IP address is the destination
address. Well known TCP and UDP port numbers will be replaced by the name returned by the library function. The keywords and their mean-
ings are:
The packet is a middle or later part of a fragmented IP frame.
The packet has the TCP SYN bit set.
The packet has the TCP FIN bit set.
The transmitted packet matches the
filter and is bringing up the link.
the packet has been rejected by the
filter.
The packet has been rejected by the
filter.
The packet was dropped because
is waiting for the call retry timer to expire.
The received packet is VJ TCP header compressed.
The received packet is VJ TCP header uncompressed.
For example, the following log file line
9/6-14:06:26-83 tcp 63.1.6.3/1050 -> 8.1.1.9/smtp 44 syn
indicates that at 2:06:26 PM on September 6, process ID 83 sent a 44-byte TCP packet with the SYN bit set from port 1050 on 63.1.6.3 to the
SMTP port on 8.1.1.9.
SIGNALS
Upon reception of the following signals, closes and reopens the log file, re-reads the filter and key files, then takes the indicated
actions:
Don't use this.
Never, never use this. Since won't be able to shut down gracefully, it will leave your serial interfaces (whether and your
IP tunnel driver in some unknown state. Use SIGTERM instead, so will shut down cleanly, and leave the system in a well-
defined state.
Disconnect gracefully from an active session.
If in "autocall" mode, reset the call retry delay timer and call retry backoff interval. If was specified, attempt to re-
establish the link. Exit if not in "autocall" mode. If is specified, disconnect gracefully from an active session, clean
up the state of any serial and IP interfaces that are open, and then exit.
Disconnect abruptly from an active session.
If was specified, attempt to re-establish the link. Exit if not in "autocall" mode.
Disconnect gracefully from an active session, clean up the state of
any serial and IP interfaces that are open, then exit.
Increment the verbosity level for
debugging information written to the log file.
Reset the debugging verbosity level to
the base value (1 unless was supplied on the command line).
Take no action except to re-read the filter and key files.
EXAMPLES
To run a pair of daemons on "oursystem", one maintaining a constant link with "backbonesystem" and the other prepared to initiate outbound
calls to a neighboring machine named "theirsystem", add the following to
if [ -f /etc/ppp/Autostart ]; then
/etc/ppp/Autostart
fi
Then make look like this:
#!/bin/sh
PATH=/usr/etc:/bin:/usr/bin
if [ -f /var/adm/pppd.log ]; then
mv /var/adm/pppd.log /var/adm/OLDpppd.log
fi
echo -n "Starting PPP daemons:" >/dev/console
pppd oursystem:backbonesystem auto noipv6 up
(echo -n ' backbonesystem') >/dev/console
pppd oursystem:backbonesystem ipv6 <local-ifid>,<remote-ifid> auto up
<echo -n ' backbonesystem') >/dev/console
pppd oursystem:theirsystem auto noipv6 idle 120
(echo -n ' theirsystem') >/dev/console
pppd oursystem:theirsystem ipv6 <local-ifid>,<remote-ifid> auto idle 120
<echo -n ' theirsystem'> >/dev/console
To allow a PPP implementation running on "theirsystem" to dial into "oursystem", insert the following into on "oursystem":
Pthem:?:105:20:Their PPP:/etc/ppp:/etc/ppp/Login
where group 20 is the gid of the ppp group which owns and is an executable shell script that looks something like
#!/bin/sh
PATH=/usr/bin:/usr/etc:/bin
mesg n
stty -tostop
exec pppd noipv6 `hostname`:
To enable IPV6CP negotiation, insert the following:
#!/bin/sh
PATH=/usr/bin:/usr/etc:/bin
mesg n
stty -tostop
exec pppd ipv6 <local-ifid>,<remote-ifid> `hostname`:
RECOMMENDATIONS
Use host names when running from only if they are known locally. If a PPP connection to a DNS server would be required to resolve a host
name, use its literal IP address instead.
EXTERNAL INFLUENCES
Environment Variables
The environment variable if present, specifies the directory in which looks for its configuration files and for all connections, along with
and if the connection is "outbound"). You can specify either in the script or in an incoming connection's script. If is not present, will
expect to find its configuration files in
SECURITY CONCERNS
should be mode 4750, owned by root, and executable only by the members of the group containing all the incoming PPP login "users".
AUTHOR
was developed by the Progressive Systems.
SEE ALSO
ppp.Auth(4), ppp.Devices(4), ppp.Dialers(4), ppp.Filter(4), ppp.Keys(4), ppp.Systems(4).
RFC 1055, RFC 1144, RFC 1172, RFC 1332, RFC 1333, RFC 1334, RFC 1548, RFC 1549, RFC 1962.
STANDARDS CONFORMANCE
HP PPP implements the IETF Proposed Standard Point-to-Point Protocol and many of its options and extensions, in conformance with RFCs 1548,
1549, 1332, 1333, 1334, and 1144.
It can be configured to be conformant with earlier specifications of the PPP protocol, as described in RFCs 1134, 1171, and 1172.
It implements the nonstandard SLIP protocol as described in RFCs 1055 and 1144.
pppd(1)