  Dial-On-Demand mini-HOWTO
  Rodney van den Oever, Rodney.van.den.Oever@tip.nl
  Version 1.0, 28 July 1996
  ɍ  N, isaji@mxu.meshnet.or.jp
  8 Jan 1998

  HOWTO͂ǂ̂悤ɂă_CAIf}h(dial-on-demand)_CA
  O邩A܂ǂ̂悤ɂă_CAIf}hPPP[^Ƃăv
  Cx[g[Jlbg[NڑꂽLinuxgɂĉ
  ܂B (󒍁F_CAIf}hlbg[NɂĂkerneld
  mini-HOWTO ({)A Y(k_ogawa@oyna.cc.muroran-
  it.ac.jp)A ^Ⴓ(sfujii@super.win.or.jp) ɂĂ
  ̂ŎQƂĉB܂PPP̐ݒ肪݂܂K؂łȂ̂
  ̂ŁuNetworking Linuxv܂ 炳A͂ Ђł₳(AXL
  [o)Qlɂق悢ӏ܂)B
  ______________________________________________________________________

  ڎ

  1. Cg_NV
  2. J[lݒ
  3. W[̃CXg[
  4. PPPCXg[
  5. VA|[gƃf̐ݒ
  6. pppݒ
  7. _CAIf}h(Dial-on-Demand)
  8. lbg[N̐ݒ
  9. }XJ[h̐ݒ
  10. [NXe[V̐ݒ
  11. Ɛӎ

  ______________________________________________________________________

  1.  Cg_NV

  kerneld-mini-HOWTOɂ͂łɁCǂ̂悤ɂkerneldrequest-route X
  Nvgs邩Ă܂Błł͓ݒɂďڂ
  qׂƎv܂Bŏȃlbg[Ngłꍇɂ
  āCQ̃}V (ߓI)C^[lbgANZXsGKg
  ȕ@܂B

   ______________________________
   __|__                  ___|___
  |     | [J        |       |    ______  voC_ւPPP-N
  | PC  |  lbg[N   | Linux |---|f|-------------------------->
  |     |  192.168.1.0    | [^|   |______|      x.x.x.x
  |_____|                 |_______|          (_Ci~bNIP-AhX)
                           named
                           pppd

  ňȉ̊Ă̂ƂĘbi߂܂B

  o  Kernel 2.0.0 ȍ~

  o  ppp-2.2.0f.tar.gz ȍ~

  o  modules-2.0.0.tar.gz ȍ~

  o  ipfwadm-2.3.tar.gz (http://www.xos.nl/linux/ipfwadm)

     ܂ȉ̏ԂōƂi߂܂B

  1. Kernel ݒ

  2. Modules CXg[

  3. PPP CXg[

  4. VA|[gƃf̐ݒ

  5. PPP ݒ

  6. Dial-On-Demand

  7. lbg[N̐ݒ

  8. Masquerading ݒ

  9. Workstation ݒ

  2.  J[lݒ

  ͂߂kerneld, ppp  IP-}XJ[h(masquerading)T|[g
  悤ɃJ[lRpC܂B̃ZbgAbvŕKvȃIvV
  ɂ܂B̑̃IvV[t@CAEH[(firewall)A
  OC(logging)AߓIvLV(transparent proxying)] ɂĂ͂
  w肵Ă܂KKvƂ킯ł͂܂B

  ______________________________________________________________________
  cd /usr/src/linux
  make config (or make menuconfig)

  * Code maturity level options
  *
  Prompt for development and/or incomplete code/drivers (CONFIG_EXPERIMENTAL)

  [Y/n/?]

  * Loadable module support ([hW[̃T|[g)
  *
  Enable loadable module support (CONFIG_MODULES) [Y/n/?]
  Set version information on all symbols for modules (CONFIG_MODVERSIONS)
  [N/y/?]
  Kernel daemon support (e.g. autoload of modules) (CONFIG_KERNELD) [Y/n/?]
  *
  Networking support (CONFIG_NET) [Y/n/?]
  *
  * Networking options (lbg[NIvV)
  *
  Network firewalls (CONFIG_FIREWALL) [Y/n/?]
  TCP/IP networking (CONFIG_INET) [Y/n/?]
  IP: forwarding/gatewaying (CONFIG_IP_FORWARD) [Y/n/?]
  IP: firewalling (CONFIG_IP_FIREWALL) [Y/n/?]
  IP: masquerading (EXPERIMENTAL) (CONFIG_IP_MASQUERADE) [Y/n/?]
  *
  * Protocol-specific masquerading support will be built as modules.
  * (}XJ[hvgRT|[g̓W[Ƃč܂)
  IP: always defragment (CONFIG_IP_ALWAYS_DEFRAG) [Y/n/?]
  IP: optimize as router not host (CONFIG_IP_ROUTER) [Y/n/?]
  *
  * Network device support (lbg[NfoCX̃T|[g)
  *
  Network device support (CONFIG_NETDEVICES) [Y/n/?]
  *
  PPP (point-to-point) support (CONFIG_PPP) [M/n/y/?]
  *
  * CCP compressors for PPP are only built as modules.
  * (CCP  PPPRvbT̓W[ƂĂ܂)
  Ethernet (10 or 100Mbit) (CONFIG_NET_ETHERNET) [Y/n/?]
  NE2000/NE1000 support (CONFIG_NE2000) [Y/m/n/?]
  ______________________________________________________________________

  㔼̃IvV͎gĂlbg[NJ[hɈˑ܂I

  ăRpC܂B

  make zlilo
  make modules
  make modules_install

  LILOgȂȂ/usr/src/linux/arch/i386/boot/zImageKȏꏊ
  ɃRs[܂BW[/lib/modules/x.x.xɃCXg[Ă
  Bx.x.x̓J[l̃o[W\Ă܂B

  3.  W[̃CXg[

  ȉ̃W[[eBeBKvłF

  o  /sbin/insmode vꂽW[ǂݍ

  o  /sbin/rmmod sKvȃW[폜

  o  /sbin/depmod MakefileCNȈˑ(depedencies)t@C

  o  /sbin/kerneld IɃW[ǂݍނ߂̃J[lf[
     (Kerneld)

     ܂L̂CXg[ĂȂ΁CĂ܂傤B

     cd /usr/src
     tar zxf modules-2.0.0.tar.gz
     make install

  Nkerneld[h邽߂ɁC/etc/rc.d/rc.SҏW邩 rc.S
  Ă΂镪XNvg rc.modulesĂ܂Bȉ̍ŝ悤ɕ
  X邩ǉ邩ĉB

  /etc/rc.d/rc.modules:

  ______________________________________________________________________
  if [ ! -f /lib/modules/`uname -r`/modules.dep ] ; then
          echo "Updating module dependencies for Linux `uname -r`:"
          /sbin/depmod -a
  fi

  [ -x /sbin/kerneld ] && /sbin/kerneld
  ______________________________________________________________________

  ͂߂̉ӏł̓W[ˑ`FbNāArc.modules݂
  ꍇ͂Abvf[g܂B

  4.  PPPCXg[

  PPPNݒ肷邽߂Ɉȉ̃vOQKvłB

  o  /usr/sbin/pppd            PPP-f[

  o  /usr/sbin/pppstats        PPP-Ԃ̕\

  o  /usr/sbin/chat            sXNvg

     ȉ̂悤ɂăCXg[܂B

     cd /usr/src
     tar zxf ppp-2.2.0f.tar.gz
     cd ppp-2.2.0f
     ./configure
     make kernel

  ŐṼJ[lPPPR[h܂ł̂'make kernel'͉u
  B (̃zXgւ̃_CACsvȂ)VhEpX[h
  ̑̃IvVREADMEMakefile`FbNĉB

  make
  make install

  Ǝs܂B

  5.  VA|[gƃf̐ݒ

  ̃ZbgAbvł̓fRKvłB܂VA|[g̃Zbg
  Abv /etc/rc.d/rc.serialōs܂F

  ______________________________________________________________________
  ${SETSERIAL} /dev/cua0 uart 16450 port 0x3F8 irq 4
  ${SETSERIAL} /dev/cua1 uart 16550A port 0x2F8 irq 3 spd_vhi
  ______________________________________________________________________

  COM1̓}EXɎgĂāACOM2͓28k8(28,800)fɎgĂ
  B spd_vhip[^̓Xs[he[u38400bpsGg[
  11520bpsɒu܂Bspd_hiɂ57600bpsɐݒ肳܂(
  Ffɂ鈳kēIɃVAfoCXǂݏ̑x
  ܂)B 28k8fłspd_vhiIvVg14k4f
  spd_hiIvVg܂AŜ߂38400ŃX^[g܂B
  Ă܂)⑼̃^[~ivOg(seyonȂ)f̃Zbg
  Abv`FbNł܂f͓͂GR[Ȃ΂Ȃ܂
  BCtrl-A  PŒʐMp[^(󒍁Fminicomł"Comm Parameters"ƕ\
  )̕ύXł܂B57600  115200 bpsœ삵Ă悤
  `FbNĉB

  minicom̓voC_Ɏ蓮Ń_CA鎞A[gT[ỏ
  ݒO̊mFȂǂɎg܂BvoC_papchapgĂȂ
  ꍇPPP[hŃNݒ̃R}h͂C[U^pX[
  h͂Kv邩܂B

  6.  pppݒ

  pppd/etc/pppŃXNvgT܂B

  /etc/ppp/options:

  ______________________________________________________________________
  /dev/modem 38400 crtscts modem noipdefault defaultroute idle-disconnect
  120
  ______________________________________________________________________

  ӖF

  o  /dev/modem foCX/dev/cua1ɃN͂Ă܂B

  o  38400           (/etc/rc.d/rc.serialt@Cspd_vhip[^
     )115200ɒu܂B

  o  crtscts         n[ht[(hardware handshake)Arts/ctsB
     Xon-Xofft[ ͎gȂŉB

  o  noipdefault IIPAhXATC(PPPlSVG[V
     IP)B

  o  defaultroute    ̓NmƂftHg[gpppC
     ^[tF[XɃZbg܂B

  o  idle-disconnect 120bɃAChNIɐؒf(PPP-2.2.0f)B

     ɃXNvg'default'(ʏgvoC_ISP)܂B̐ڑ
     sꍇ́CeTCgp̃XNvgʁXɍ܂B

  /etc/ppp/default:

  "" ats11=55dtXXXXXXXX CONNECT "" rname: UUUUU sword: PPPPP > ppp

  ӖF

  o  ats11=55 _CAg[ƃ_CAXs[h̎wB

  o  XXXXXXXX voC_̓dbԍ́B

  o  CONNECT chat̓f'CONNECT'ԂĂ̂҂܂B

  o  rname: chat'rname'҂A'UUUUU'͂܂B

  o  sword: chat'sword'҂A'PPPPP'͂܂B

     ł 'rname''sword'g܂B͂߂̕啶
     /茾ɂĈႤ̂ł̂悤ɂ܂(󒍁Fe
     voC_ɍ킹ĕύX܂B'rname'ł͂Ȃ'ogin:'Ȃǂ̏ꍇ
     ܂)BvoC_ɂă[U[ƃpX[h͂
     'ppp'͂KvƂƂ܂BŃ[^vv
     g('>')̃XgLN^҂ɂ܂B "serial line looped
     back""serial line not 8-bit clean "ƂG[oA
     PPP[hɂ͂ȂĂ܂B

  /etc/ppp/ppp:

  ______________________________________________________________________
  #!/bin/sh
  /usr/sbin/pppd connect '/usr/sbin/chat -v -f /etc/ppp/default'
  ______________________________________________________________________

  ̃R}h͒ZXNvgɏx̒łBŃvoC_
  ڑł܂B/etc/ppp/optionsɃfobOp[^Ƃł܂B

  /etc/syslog.conf

  *.debug                                 /var/log/messages

  syslog.confҏW炱̕ύXsyslogd(syslogf[)ɔF
  B PIDt@C̈ʒu͓KȃfBNgĉB

  kill -1 `cat /var/run/syslog.pid`

  邢

  kill -1 `cat /etc/syslog.pid`

  ڑ'ppp0'C^[tF[X邩'ifconfig'ŁA܂ftHg[
  g 'netstat -r'Ń`FbN܂(voC_ɐڑĂ܂)B[
  gT[opingĂ݂܂(Ⴆ΃voC_̃l[T[o)BȏŖ
  肪Ȃ΁Al[T[o/etc/resolv.confɓo^܂B

  search your.isp.domain
  nameserver x.x.x.x

  (󒍁FPsڂ̓hC̕⊮p̃AhXŁAQsڂ̓l[T[o
  IPAhXł)B

  7.  _CAIf}h(Dial-on-Demand)

  KerneldPPPƂW[Kvɉă[h܂Bkerneld-
  HOWTO ɏĂǉ@\́C̃[gꂽXNvg
  яoƂ@\Ƃ̂łBKerneld̓VFXNv
  g/sbin/request-routeT܂Bȉ̃XNvg
  modules-2.0.0.tar.gzɂXNvg̃Rs[łB

  /sbin/request-route:

  ______________________________________________________________________
  #!/bin/sh
  LOCK=/var/run/request-route.pid
  export PATH=/usr/sbin:$PATH     # for ppp-2.2*

  # This script will be called from kerneld with the requested route as $1
  # $1Ƃėv郋[gŁÃXNvgkerneldĂяo܂B

  chatfile=/etc/ppp/$1

  # If no chatscript exists use a default value (symlink to preferred script):
  # chatXNvgȂ΃ftHglg܂
  # (QƂXNvgւ̃V{bNN)F

  [ ! -f $chatfile ] && chatfile=/etc/ppp/default

  # Check if we're already running:
  # sĂ邩ǂ`FbNF
  if [ ! -f $LOCK ] ; then
          pppd connect "chat -f $chatfile" &

          # Timer to be killed by ip-up, tunable! Check kerneld delay as well
          # ip-upɂkill^C}BύXł܂Ikerneld`FbNB
          sleep 60 &
          sleepid=$!
          echo $sleepid > $LOCK
          wait $sleepid
          rm -f $LOCK
          exit 0
  fi
  exit 1
  ______________________________________________________________________

  Kerneld͈ƂĖȂ[gg̃XNvgs
  B

  /sbin/request-route x.x.x.x

  XNvg'request-route'-v(instances)̏dh߂ɃbN
  t@C (lock-file)g܂(󒍁FbNt@CfoCX͑
  gpłȂ悤ɂȂ܂)Bŏ̓l[T[oւ̎QƂ
  ɃXNvgN悤ɂĂ܂BA[J(=̃}
  V)(LbVp)l[T[o𑖂点悤ƂƁA(ŏ)Q
  LbV邽߁A2 x(ȍ~)̎QƂł(OփANZX
  )ڑm܂B

  قȂ郊Np̃`bgXNvg(chat-scripts)𕡐邩ftH
  g̃`bgXNvgISP(voC_)ɐڑ悤ɂ܂B

  Nmꂽpppd/etc/ppp/ip-upXNvgs܂B
  bNt@C폜̂łBsendmail̃L[s(queue-run)̂
  ɁANm鎞͂łsR}hǉ܂B
  ______________________________________________________________________
  #!/bin/ash
  LOCK=/var/run/request-route.pid
  [ -f $LOCK ] && kill `cat $LOCK`

  # Execute these commands after connecting:
  # ڑsR}hF
  #/usr/sbin/sendmail -q
  ______________________________________________________________________

  PPPؒfƂ'ppp-off'XNvgs܂B

  /usr/sbin/ppp-off:

  ______________________________________________________________________
  #!/bin/sh
  LOCK=/var/run/request-route.pid
  DEVICE=ppp0

  rm -f $LOCK
  #
  # If the ppp0 pid file is present then the program is running. Stop it.
  # ppp0 PIDt@CkillB
  if [ -r /var/run/$DEVICE.pid ]; then
          kill -INT `cat /var/run/$DEVICE.pid`
  #
  # If unsuccessful, ensure that the pid file is removed.
  # sȂAPIDt@C폜Ă邱ƂmFB
          if [ ! "$?" = "0" ]; then
                  echo "removing stale $DEVICE pid file."
                  rm -f /var/run/$DEVICE.pid
                  exit 1
          fi
  #
  # Success. Terminate with proper status.
  # BKȏԂŏI܂B
          echo "$DEVICE link terminated"
          exit 0
  fi
  #
  # The link is not active
  # NANeBuł͂ȂB
  echo "$DEVICE link is not active"

  exit 1
  ______________________________________________________________________

  8.  lbg[N̐ݒ

  Linux{bNXɃlbg[NC^[tF[XiC[TlbgJ[
  h PLIPڑj𑕔ĂȂꍇ́C[^ƂĂ̋@\悤ɐ
  ł܂B͒҂̃lbg[N̐ݒłBIPAhX
  /etc/hostsɑSďĂ̂ň̃t@CǗ邾ōς݂
  B

  /etc/hosts:

  127.0.0.1       localhost
  10.0.0.1        your.domain.com host
  10.0.0.2        some.other.machine

  /etc/networks:

  loopback        127.0.0.0
  localnet        10.0.0.0

  /etc/rc.d/inet1:

  # Loopback interface:  [vobNC^[tF[XF
  ifconfig lo localhost
  route add -net loopback

  # Local interface:     [JC^[tF[XF
  ifconfig eth0 host
  route add -net localnet eth0

  Ō̃[̓[g[Jlbg[NɒǉƂƂłB
  ŃftHgQ[gEFC͂Kv͂܂BƂ̂ PPP
  m܂ŃQ[gEFC͂ȂłB

  9.  }XJ[h̐ݒ

  ̃}VɐڑKv邯ǈIPAhXȂꍇ́A
  Linux}XJ[hgƂł܂BIP}XJ[hgāAIPAh
  XPPPC^[tF[Xɕϊlbg[Nԍ(ł΃vC
  x[g IPAhX)̐ݒ肪ł܂Bȉ̃lbg[NԍgƂ
  ł܂B

  o  Class A: 10.0.0.0

  o  Class B: 172.16.0.0 - 172.31.0.0

  o  Class C: 192.168.0.0 - 192.168.254.0

     /etc/rc.d/rc.inet1ɒǉ܂B

     ___________________________________________________________________
     FW=/sbin/ipfwadm

     ${FW} -F -f

     ${FW} -F -a m -P tcp -S localnet/8 -D default/0
     ${FW} -F -a m -P udp -S localnet/8 -D default/0

     # Masquerading timeout-values (tcp tcpfin udp), defaults:
     ${FW} -M -s 3600 0 0

     # Load module for special protocols:
     /sbin/modprobe ip_masq_ftp
     /sbin/modprobe ip_masq_raudio
     /sbin/modprobe ip_masq_irc
     ___________________________________________________________________

  ̂Q̃}XJ[h[(󒍁F"${FW} -F.."̍s) UDPTCPg
  tBbNIPAhXɕϊƂ̂ł (󒍁FUDPTCP̓gX
  |[gwɂvgRłBڂ̓AuXgNgŏЉuNet-
  working LinuxvQƂĉ)B IPAhX̓ftHgQ[gEF
  C(PPPC^[tF[X)ƂĎgĂ܂B ICMPvgRg
  ping͑̃zXg̓G[ɂȂ܂B[^ping삵
  ܂B҂̓Tulbg}XN 255.0.0.0 邢 CIDRL@'/8' lb
  g[N 10.0.0.0 gĂ܂B̃[(󒍁F"${FW} -M.."̍s)
  "TCP^CAEgl"(TCP-timeout value)𑝂₷Ƃ FTP-DATA
  (FTP-DATA connections)\Ă܂Bt@CAEH[炱
  vgRgȂAW[KvłBႦ΁At@CA
  EH[ʂftpȂip_masq_ftp W[ǂݍޕKv
  ܂B

  10.  [NXe[V̐ݒ

  [Jlbg[Nԍɂđ̃}Vݒ肵āAftHgQ[g
  EFCƂLinux}Vg悤ɃZbgAbv܂B

  11.  Ɛӎ

  ̃hLg͒҂sݒɂĉ܂Be̐ӔCɂ
  ĎgĉB؂ȂƂĂC̈Ƃ낪
  ꍇ͂В҂܂ŘAĉBƒǉł邱Ƃ̓[Jl[T
  [o̐ݒ@łB

  [({) ɍ  N, isaji@mxu.meshnet.or.jp

  (Z)  PÂ, fujiwara@cim.pe.u-tokyo.ac.jp ]

