Forums

Resolved
0 votes
Hello everyone!

Recently I have got a new ISP hooked up to my apartment.

I do have a HP Proliant MicroServer GEN8 with 2x10gbe intel x520 NIC and newest version of ClearOS Community version.

At the moment my config is like this:
1gbps ISP -> ISP ONT -> ISP Router -> ClearOS external
500mbps ISP -> ISP Modem -> ClearOS external
LTE ISP -> RJ45 Modem -> ClearOS external

All is connected to my network with 1 port of the 10gbe intel card set up as internal with all of the gateway functions (dhcp, port forwarding, nat etc.) and multi-wan.

However... I would like to eliminate the use of ISP Router in the first case, so I would like to go -> 1gbps ISP -> ISP ONT -> ClearOS external

The problem is that this provider requires both usage of PPOE AND broadcast of VLAN ID.

I have searched the forums wide and found several posts pertaining to this problem (e.g. solution with creating PPOE external connection and VLAN external, then modifying the conf file for one to use the other) however the solutions provided there did not work for me.

Is there any other way I could do this setup properly without the use of ISP Router for 1gbps connection? I am afraid that ISP router in this case might be a huge limiter when it comes to the amount of packets routed.

Would love some insight, thanks!
Thursday, July 18 2019, 01:23 PM
Share this post:

Accepted Answer

Friday, July 19 2019, 03:25 PM - #Permalink
Resolved
1 votes
Which log is showing the errors. You may need to ignore them. The important thing is does it connect? The firewall rule will do nothing and is only needed for kernel mode, but it does not matter having it there when not in kernel mode.

When in kernel mode, the MTU setting is meaningless so the firewall rule becomes very important.
The reply is currently minimized Show
Responses (13)
  • Accepted Answer

    Saturday, July 20 2019, 10:09 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    Odd. Kernel mode massively reduces the resources which is why it can manage such high speeds. Can you check your /etc/sysconfig/network-scripts/ifcfg-ppp0 has the line:
    LINUX_PLUGIN="/usr/lib64/pppd/2.4.5/rp-pppoe.so"
    If it does not, either your edit to Iface.php has not worked or you need to edit the interface in IP Settings and save it so it regenerates the file.


    It does contain that line :)
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 06:53 PM - #Permalink
    Resolved
    0 votes
    Odd. Kernel mode massively reduces the resources which is why it can manage such high speeds. Can you check your /etc/sysconfig/network-scripts/ifcfg-ppp0 has the line:
    LINUX_PLUGIN="/usr/lib64/pppd/2.4.5/rp-pppoe.so"
    If it does not, either your edit to Iface.php has not worked or you need to edit the interface in IP Settings and save it so it regenerates the file.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 05:16 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    Unfortunately you are at the limit of my knowledge and I don't have any set up to test with. If a connection is made but unstable, it suggests a parameter mis-match somewhere which means sniffing PPPoE packets which I know nothing about, and I would not know how to tweak the connection either. Perhaps you could try googling.


    Ah, sorry! I think that you might have misunderstood me :)

    The connection is now stable. It works across all of the machines in my LAN.

    The quirks are:
    - If I run SpeedTest through the ClearOS WebGUI then that brings the connection down
    - It uses a lot of resources

    But as long as I don't touch the SpeedTest button in IP Settings part of ClearOS WebGUI then I'm fine :)


    Thank you for your time and all your help :)
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 04:27 PM - #Permalink
    Resolved
    0 votes
    Unfortunately you are at the limit of my knowledge and I don't have any set up to test with. If a connection is made but unstable, it suggests a parameter mis-match somewhere which means sniffing PPPoE packets which I know nothing about, and I would not know how to tweak the connection either. Perhaps you could try googling.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 04:12 PM - #Permalink
    Resolved
    0 votes
    After enabling the kernel mode the connection is possible, however not stable.

    After enabling the firewall rule the connection is not possible :(

    The log I mentioned previously was system log

    Ok. Got it working, just did a solid reboot.

    Funny enough: Connection is stable unless I try to do a speedtest from the COS webui, if I do, then the connection drops.

    Another thing: PPPoE is playing major role in CPU utilisation, even if I run several threads speed test on one of the machines in LAN then 1 of the cores can easiely get 100% usage. Adding ubuntu torrents to qBittorent results in maxing out at around 1,5Gbps with full 100% load across all cores. Is this to be expected? Should I be considering getting a more powerful machine as a router?
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 02:52 PM - #Permalink
    Resolved
    0 votes
    Ok, So I have taken it step by step:

    remove config from eno1 - All good
    add VLAN on eno1 with VLAN ID: 35 and External/DHCP - All good
    Change VLAN (eno1.35) to PPPoE with correct login/pass and MTU - errors start to accumulate

    /etc/sysconfig/network-scripts/ifcfg-eno1.35:
    DEVICE=eno1.35
    BOOTPROTO="none"
    ONBOOT="no"


    /etc/sysconfig/network-scripts/ifcfg-ppp0:
    DEVICE=ppp0
    TYPE="xDSL"
    USERCTL="no"
    BOOTPROTO="dialup"
    NAME="DSLppp0"
    ONBOOT="yes"
    PIDFILE="/var/run/pppoe-ppp0.pid"
    FIREWALL="NONE"
    PING="."
    PPPOE_TIMEOUT="80"
    LCP_FAILURE="5"
    LCP_INTERVAL="20"
    CLAMPMSS="1412"
    CONNECT_POLL="6"
    CONNECT_TIMEOUT="80"
    DEFROUTE="yes"
    SYNCHRONOUS="no"
    ETH="eno1.35"
    PROVIDER="DSLppp0"
    LCP_FAILURE="5"
    LCP_INTERVAL="20"
    CLAMPMSS="1412"
    CONNECT_POLL="6"
    CONNECT_TIMEOUT="80"
    DEFROUTE="yes"
    SYNCHRONOUS="no"
    ETH="eno1.35"
    PROVIDER="DSLppp0"
    PEERDNS="no"
    USER="xxx"
    MTU="1492"



    EDIT: The custom firewall rule was added sucessfuly :) however there's no difference between it having the rule or not

    EDIT2: The contents above are after changing vlan to pppoe, I have also tried to change eno1.35 conf file afterwards to what it was before swapping it with PPPOE type, however to no avail

    ifcfg-eno1.35 before changing its type to pppoe:
    DEVICE=eno1.35
    TYPE="VLAN"
    ONBOOT="yes"
    USERCTL="no"
    BOOTPROTO="dhcp"
    PEERDNS="no"
    VLAN="yes"


    EDIT3: HA! I was able to get connection, not the prettiest of ways but still a way:

    leave eno1 as is, without config
    Create vlan with vlan id: 35 on eno1
    Change eno1.35 vlan to PPPOE with correct settings
    Now again create vlan with vlan id: 35 on eno1

    v'oila.

    However.... The connection is not stable it's loosing IP address all the time, I have done the mod mentioned in the link you provided - should firewall rule be used with the mod to ifcfg/iface file?
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 10:25 AM - #Permalink
    Resolved
    0 votes
    I don't think it matters how eno1 is set up. You may even be able to set it to something if your ONT supports it so you can access the ONT, but make sure you do not get a subnet clash with your other NICs.

    You should create your VLAN interface, selecting eno1 from the Interface dropdown and give it a VLAN ID of 35. Set the Role to external and the Type to Static or DHCP and save it. This will create an interface eno1.35. Edit the new interface and change the Type to PPPoE and enter your connection username and password. Save it. It should now connect (slowly compared to DHCP!).

    When you edit Iface.php, note there was a minor typo in the developer comment which I have just corrected. The example code block was correct. Only try this when you have got the basic PPPoE working. You can put in the firewall rule whenever you want but must use it when you go to kernel mode. Once you make the edit to Iface.php for kernel mode, edit your interface and save it to force it to add the new line to the configuration.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 19 2019, 09:34 AM - #Permalink
    Resolved
    0 votes
    So to sum this up:

    eno1 where the connection is placed should NOT be set up (button ADD available in the GUI)
    VLAN ID35 should be created on eno1

    VLAN should be set up as PPOE, is that correct?

    Apologies, it's always hard for me to think at the end of the week :)
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 18 2019, 05:13 PM - #Permalink
    Resolved
    0 votes
    Can you take one step at a time, perhaps. Undo the change to Iface.php because it may have gone wrong. Delete the PPPoE interface. This should show your VLAN interface again. Please can you post the contents of /etc/sysconfig/network-scripts/ifcfg-{your_vlan_interface}.

    Then change the interface to PPPoE and see if you can connect. Only if you can connect try and modify Iface.php.

    It can take me up to 2 minutes to connect at times (with or without the mod) and I wonder if syswatch is getting in the way. If it does not connect, try:
    ifdown ppp0 && ifup ppp0
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 18 2019, 02:06 PM - #Permalink
    Resolved
    0 votes
    EDIT: Apologies for multiposting, I am used to forums joining posts added in sequence :)
    I have applied the fix you mentioned for the ppoe speeds, however I still can't get a connection :)

    I see from the logs I am getting a lot of errors like this:

    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/controllers/network.php (100): get_interface_details
    Jul 18 16:38:34 router engine: exception: debug backtrace: GUI (0): get_all_info
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (535): call_user_func_array
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (224): require_once
    Jul 18 16:38:34 router engine: exception: error: /usr/clearos/apps/base/libraries/Shell.php (227): Cannot get device settings: No such device
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface.php (674): execute
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface.php (516): get_link_status
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface_Manager.php (646): get_info
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface_Manager.php (236): _get_interface_details
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/controllers/network.php (100): get_interface_details
    Jul 18 16:38:34 router engine: exception: debug backtrace: GUI (0): get_all_info
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (535): call_user_func_array
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (224): require_once
    Jul 18 16:38:34 router engine: exception: error: /usr/clearos/apps/base/libraries/Shell.php (227): Cannot get device settings: No such device
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface.php (946): execute
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface.php (522): get_speed
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface_Manager.php (646): get_info
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/libraries/Iface_Manager.php (236): _get_interface_details
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/apps/network/controllers/network.php (100): get_interface_details
    Jul 18 16:38:34 router engine: exception: debug backtrace: GUI (0): get_all_info
    Jul 18 16:38:34 router engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (535): call_user_func_array
    Jul 18 16:38:37 router firewall: Starting firewall...
    Jul 18 16:38:37 router firewall: Loading environment
    Jul 18 16:38:37 router firewall: Detected WAN role for interface: eno2
    Jul 18 16:38:37 router firewall: Detected WAN role for interface: ens1f1
    Jul 18 16:38:37 router firewall: Detected WAN role for interface: ppp0
    Jul 18 16:38:37 router firewall: Detected LAN role for interface: ens1f0
    Jul 18 16:38:37 router firewall: Warning: WAN interface doesn't exist: ppp0


    Also tried that config:
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 18 2019, 01:53 PM - #Permalink
    Resolved
    0 votes
    The ONT does not add the VLAN tag by itself, sorry missed this question.

    It does not seem to be able to get IP address:
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 18 2019, 01:48 PM - #Permalink
    Resolved
    0 votes
    Thank you for the answer,

    So my steps should be as follow:
    On the external interface create VLAN with corrrect ID, set it as DHCP and external
    Then go back to the interface and change it to PPOE?

    I want to focus on getting the connection first :)))
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 18 2019, 01:43 PM - #Permalink
    Resolved
    0 votes
    Can you check your ISP ONT first that it does not add the VLAN tag for you? If it does, you can create a normal PPPoE connection. If it does not, create a VLAN interface on your WAN interface. Because of a bug, you cannot create it as PPPoE, so create it as DHCP. Then go back in and edit it. You will then be able to change it to PPPoE.

    There is another issue with your speeds. At the moment ClearOS uses a connection method which does not support that sort of speed, but it is a simple fix to change that. I hope to release a patch as soon as app-network becomes unblocked for code changes. Please have a look at this post or the whole thread. You need to do a one line change to one file and add a Custom Firewall rule.
    The reply is currently minimized Show
Your Reply