Creating an IP Addressing Scheme for Callers
Consider creating one or more IP addresses for all incoming calls instead of assigning
a unique IP address to each remote user. Dedicated IP addresses are particularly important if
the number of potential callers exceeds the number of serial ports and modems on
the dial-in server. You can implement a number of different scenarios, depending on your
site's needs. Moreover, the scenarios are not mutually exclusive.
Assigning Dynamic IP Addresses to Callers
Dynamic addressing involves the assignment to each caller of the IP address that is
defined in /etc/ppp/options.ttyname. Dynamic addressing occurs on a per-serial port basis. When a call
arrives over a serial line, the caller receives the IP address in the
/etc/ppp/options.ttyname file for the call's serial interface.
For example, suppose a dial-in server has four serial interfaces that provide dial-up service
to incoming calls:
For serial port term/a, create the file /etc/ppp/options.term.a with the following entry:
:10.1.1.1
For serial port term/b, create the file /etc/ppp/options.term.b with the following entry:
:10.1.1.2
For serial port term/c, create the file /etc/ppp/options.term.c with the following entry:
:10.1.1.3
For serial port term/d, create the file /etc/ppp/options.term.d with the following entry:
:10.1.1.4
With the previous addressing scheme, an incoming call on serial interface /dev/term/c is given the
IP address 10.1.1.3 for the duration of the call. After the first caller hangs
up, a later call that comes in over serial interface /dev/term/c is also
given the IP address 10.1.1.3.
The advantages of dynamic addressing include the following:
You can track PPP network usage down to the serial port.
You can assign a minimum number of IP addresses for PPP use.
You can administer IP filtering in a more simplified fashion.
Assigning Static IP Addresses to Callers
If your site implements PPP authentication, you can assign specific, static IP addresses to individual
callers. In this scenario, every time a dial-out machine calls the dial-in server, the caller
receives the same IP address.
You implement static addresses in either the pap-secrets or chap-secrets database. Here is a
example of an /etc/ppp/pap-secrets file that defines static IP addresses.
joe myserver joepasswd 10.10.111.240
sally myserver sallypasswd 10.10.111.241
sue myserver suepasswd 10.10.111.242
- Caller
joe, sally, and sue are the names of the authorized callers.
- Server
myserver indicates the name of the server.
- Password
joepasswd, sallypasswd, and suepasswd indicate the passwords for each caller.
- IP Addresses
10.10.111.240 and 10.10.111.241 and 10.10.111.242 are the IP addresses assigned to each caller.
Here is a example of an /etc/ppp/chap-secrets file that defines static IP addresses.
account1 myserver secret5748 10.10.111.244
account2 myserver secret91011 10.10.111.245
- Caller
account1 and account2 indicate the names of the callers.
- Server
myserver indicates the name of the server for each caller.
- Password
secret5748 and secret91011 indicates the CHAP secret for each caller.
- IP Addresses
10.10.111.244 and 10.10.111.245 are the IP addresses for each caller.
Assigning IP Addresses by sppp Unit Number
If you are using either PAP or CHAP authentication, you can assign IP addresses
to callers by the sppp unit number. The following shows an example of
this usage.
myclient ISP-server mypassword 10.10.111.240/28+
The plus sign (+) indicates that the unit number is added to the IP
address. Note the following:
Addresses 10.10.111.240 through 10.10.111.255 are assigned to remote users.
sppp0 gets IP address 10.10.111.240.
sppp1 gets IP address 10.10.111.241 and so on.