[OpenIndiana-discuss] set up PPPoE
James Carlson
carlsonj at workingcode.com
Wed Dec 14 22:55:08 UTC 2011
Jerry Kemp wrote:
> I have archived several dozen PPPoE on Solaris threads from misc. Solaris
> mailing lists over the years.
>
> Most of my archived emails contained URL's to howto sites, and following up on
> those sites, probably half are dead. But typically, you can still find the
> archived sites on the Wayback machine and still get the data.
What you're referring to here is the horrible PPPoE MTU problem.
PPPoE's MTU is 1492, but most of the Internet uses 1500. And although
PMTUD was supposed to fix things, it often doesn't work because lame
network administrators have broken it by filtering out ICMP messages for
"security" reasons.
And then when you through NAT on top, you've got a real mess. The NAT
solutions that "work" here actually break other protocols -- they do it
by modifying the TCP MSS on the fly, by fragmenting packets marked "do
not fragment" and so on. With some things, such as IPsec protection,
you end up with broken bits.
I agree that it doesn't work terribly well here. I'd go a bit further,
though, and say that PPPoE has just plain intrinsic problems. Protocols
that are designed in secret tend to be like that.
> Most of these threads I follow typically end with the end user going out and
> purchasing a Linksys/D-Link/some-other-generic-brand NAT box with PPPoE
> capabilities.
Probably so. I think they'd be better served, though, by getting rid of
PPPoE entirely and getting a real Internet connection from someone who
doesn't use trashy protocols.
> I would also add, that the end users who did get PPPoE working never seemed
> happy with the throughput they received and if they use it (PPPoE on Solaris)
> for any length of time, they seem to move into a phase 2 where once PPPoE is
> working, they need to fine tune it to get any network performance out of it.
Unless you're referring to the MTU problem, that doesn't sound right at
all. The testing we did at Sun showed that we had line performance at
least at the 100Mbps level on cheap commodity hardware. If you're
seeing something else, then I think you probably have other problems.
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the OpenIndiana-discuss
mailing list