The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

aspppls (1)
  • >> aspppls (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • 
    NAME
         aspppd, aspppls - asynchronous PPP link manager
    
    SYNOPSIS
         /usr/sbin/aspppd [ -d debug-level ]
    
         /usr/sbin/aspppls
    
    DESCRIPTION
         aspppd is the link manager for the  asynchronous  data  link
         protocol  specified  in RFC1331, The Point-to-Point Protocol
         (PPP) for the Transmission of Multi-protocol Datagrams  over
         Point-to-Point  Links.  It is a user level daemon that works
         in concert with the IP-Dialup driver (ipdcm) and PPP streams
         module  (  ppp(7M))  to  provide IP network services over an
         analog modem using dialed voice  grade telephone lines.  The
         link  manager  automates the process of connecting to a peer
         (remote) host when PPP service with that host  is  required.
         The connection process can be initiated either by sending an
         IP datagram  to a (disconnected) peer host or by receiving a
         notification   that  a peer host desires to establish a con-
         nection.
    
         aspppls is the login service that  connects  the  peer  host
         machine  to  aspppd.  aspppls  is invoked by the serial port
         monitor when a peer machine logs into a PPP-enabled account.
         Its  purpose  is  to  cause  the  link manager to accept the
         incoming call.
    
    OPTIONS
         -d debug-level
               The debug-level is a number between 0 and  9.   Higher
               numbers give more detailed debugging information.  The
               output is written to the log file /etc/log/asppp.log.
    
    USAGE
         The link manager is invoked at boot time if  the  configura-
         tion  file /etc/asppp.cf is present.  After parsing the con-
         figuration file and building a path  object  for  each  peer
         host, it sleeps until (1) an IP datagram is routed to one of
         the ipd or ipdptp interfaces (see ppp(7M)),  or  (2)  it  is
         notified by the login service that a peer host is attempting
         to make a connection.
    
         In the first case, it consults the UUCP database, dials  the
         modem,  logs  into  the  peer host, establishes the PPP data
         link, brings up IP, and forwards the IP datagram  that  ini-
         tiated the process.
    
         In the second case, the link manager opens the file descrip-
         tor  supplied by the login service, establishes the PPP data
         link, and brings up IP.
         If the link manager determines that there  has  been  no  IP
         traffic  for  the period specified by the inactivity_timeout
         keyword, it disconnects the link by bringing down IP and PPP
         and closing the connection with the peer host.
    
         The link manager can be reinitialized by sending it the -HUP
         signal  (with  kill(1)  for  example),  which  causes  it to
         disconnect all open PPP links and reread  the  configuration
         file.
    
      Path
         A path is an object that contains the state of a  connection
         with  a peer host.  Information such as system names, inter-
         face names, timeout values, and other attributes are kept in
         the  path  object.   There  exists a path for each potential
         peer host.  Paths are defined in the configuration file.
    
      Interfaces
         The link manager supports two types of IP layer  interfaces;
         the  point-to-multipoint  interface  (ipd) and the point-to-
         point interface (ipdptp) (see ppp(7M)).
    
         The point-to-multipoint  interface  logically  connects  the
         host machine to a network containing one or more peer hosts.
         IP traffic to or from  any  of  the  peer  hosts  is  routed
         through  the  point-to-multipoint  interface.  When  an  ipd
         interface is configured, only one IP address,  that  of  the
         host, is assigned. In other words, it behaves very similarly
         to an Ethernet interface, although the broadcast  capability
         is not supported.  This type of interface is well suited for
         a dial in PPP server.
    
         The point-to-point interface  logically  connects  the  host
         machine  with one peer host.  Only IP traffic to or from the
         peer host is routed through this interface.  When an  ipdptp
         interface  is  configured,  two  IP  addresses are assigned.
         This type of interface is well suited to support  a  remote,
         or nomadic, machine.
    
         An interface must be fully configured and enabled (that  is,
         up)  before  an IP datagram will be routed to it.  It's also
         true that a point-to-multipoint interface must be fully con-
         figured  and  enabled before the link manager will associate
         an incoming connection with it.  It's  not  necessary,  how-
         ever,  for  a  point-to-point interface to be configured and
         enabled before an incoming connection will  be  assigned  to
         it.   A point-to-point interface that is "plumbed", but oth-
         erwise not configured or enabled (that  is,  down),  can  be
         used to accept an incoming connection if the path associated
         with the potential connection contains a  dynamic  interface
         specification (for example, interface ipdptp*). In this case
         the link manager will select a  disabled  (down)  interface,
         configure  the  host  and  peer  addresses, bring it up, and
         assign it for the duration of the connection.
    
      Routing
         Special attention should paid to  routing  issues  that  may
         arise  if  a host has more than one interface configured and
         enabled.  By definition, a host with more then  one  enabled
         interface  is  a  router,  and the routing daemon (typically
         in.routed) will advertise the routes  provided  by  the  PPP
         interfaces.  This is normally acceptable behavior for a dial
         in server, but can cause network disruptions if  not  admin-
         istered properly.
    
         To prevent routing information packets  (RIP)  from  flowing
         over  point-to-point  interfaces,  specify the norip keyword
         followed by the interface name in  the  /etc/gateways  file.
         These entries, for example, prevent RIP from being sent over
         ipdptp0 and ipdptp1:
    
    
              norip     ipdptp0
              norip     ipdptp1
    
    
         See in.routed(1M) for further information.
    
      Authentication
         The link manager can be configured  to  support  either  the
         Password  Authentication  Protocol  (PAP)  or  the Challenge
         Handshake Authentication Protocol  (CHAP)  as  specified  in
         RFC1334.   Both  protocols can be configured simultaneously,
         in which case, CHAP has precedence.  A single host may  par-
         ticipate  as  an authenticator (the local host requests that
         the peer host authenticate itself) or an authenticatee  (the
         local  host  has been asked by the peer host to authenticate
         itself) or as both.  It is also possible for a host to be an
         authenticator  for one protocol and an authenticatee for the
         other protocol.
    
         PAP  is  a   simple   protocol   similar   to   a   standard
         login/password  type of authentication.  The PAP authentica-
         tor sends a message to its peer  requesting  that  the  peer
         authenticate itself.  The peer responds with an authenticate
         request packet that contains an id and a password  (both  in
         plaintext).  The id and password are matched against a local
         copy, and if they match, the connection is established.   If
         they don't match, the connection is dropped.
    
         CHAP does not pass any plaintext authentication data  across
         the  link.   The CHAP authenticator sends a challenge packet
         to the peer that contains a random string.   The  peer  then
         takes  the  string  in  the  challenge packet and computes a
         response string that is a function of the  challenge  string
         and  a  shared  secret key.   The peer then sends a response
         packet back to the authenticator.   The  authenticator  com-
         putes  a  string  based on the original challenge string and
         the shared secret key  and  matches  that  result  with  the
         received  response.   If they match, the connection is esta-
         blished. Otherwise the connection is dropped.
    
      Configuration File
         The primary purpose of the /etc/asppp.cf configuration  file
         is to define each path used by the link manager to establish
         and maintain communication with a peer system.
    
         The file consists of a sequence of tokens separated by white
         space  (blanks,  tabs,  and  new lines). There are no record
         boundaries or any other constraints on the placement of  the
         tokens. If a token begins with a pound sign (#), all charac-
         ters between the pound sign and the next  newline  (\n)  are
         ignored   (that   is,   they  are  treated  as  a  comment).
         Alphanumeric tokens are case insensitive and are  translated
         by  the lexical analyzer into lower case before further pro-
         cessing.
    
         A string is a single token that does  not  contain  embedded
         white  space.  The  standard ANSI C \ escape sequence may be
         used to embed special characters (see an ANSI C manual for a
         list  of  escaped special characters).  Use \s for the space
         character.  If a pound sign appears at the  beginning  of  a
         string, it must be escaped (\#) to avoid interpretation as a
         comment.  A NULL (\0) will truncate the string.
    
         Groups of tokens are assembled into  units  known  as  paths
         (essentially  a  human-readable  form of the path object). A
         path begins with the keyword  path and  ends  at  the  token
         found before any subsequent path (or defaults) keyword or at
         the last token in the file. The tokens comprising a path are
         further  partitioned  into small groups consisting mostly of
         keyword/value  pairs  that  define  the  attributes  of  the
         current  path.  If  a  particular  keyword/value pair is not
         listed for a path, the default value is assumed.
    
         The token sequences that begin with the substrings  ipcp_ or
         lcp_ refer to PPP initial configuration options as specified
         in RFC1332,  The  PPP  Internet  Protocol  Control  Protocol
         (IPCP).  See the RFC for a more complete definition of these
         options.
    
         The following is an alphabetic list of the  token  sequences
         that  can  be  contained  in  a configuration file. Required
         sequences are noted.
    
    
      Keywords
         chap_name string
               One or more octets representing the identification  of
               this  host.   The name should not be NUL or CR/LF ter-
               minated.  The name is sent to the authenticator  in  a
               response  packet.   Place  this  key/value pair in the
               authenticatee's configuration file.
    
         chap_peer_secret string
               One or more octets, preferably at least sixteen,  that
               contain the secret key that is used with the challenge
               value to  generate   the  string  to  match  with  the
               response   received   from   the  peer.    Place  this
               key/value pair in  the  authenticator's  configuration
               file.
    
         chap_peer_name string
               One or more octets representing the identification  of
               the peer transmitting the packet.  The name should not
               be NUL or CR/LF terminated. The name is received  from
               the  peer  in  a response packet. Place this key/value
               pair in the authenticator's configuration file.
    
         chap_secret string
               One or more octets, preferably at least sixteen,  that
               contain  the secret key that is used with the received
               challenge value  to generate the response sent to  the
               authenticator.   Place  this   key/value  pair  in the
               authenticatee's configuration file.
    
         debug_level number
               number is between 0 and 9.  Higher numbers  give  more
               detailed  debugging  information as shown in the table
               below.     The    output    is    written    to    the
               /etc/log/asppp.log   file.    The  value  set  by  the
               debug_level keyword overrides  the   -d  command  line
               option.
    
                          level              meaning
               __________________________________________________________
                            0                errors only
                            1                minimal information
                            4                some uucp chat-script info
                            5                all uucp chat-script info
                            7                maximum uucp info
                            8                PPP message traces
                            9                Raw IP packets
    
    
         defaults
               Indicates that all following token  sequences  up  the
               next  path  keyword,  or  the end of file, set default
               attributes that affect subsequently defined paths.
    
         default_route
               When the IP layer corresponding to the current path is
               fully  operational,  add  the  peer  IP address to the
               route table as the default destination. The  route  is
               removed  when  the IP layer is brought down. Note: the
               default_route keyword is only installed  by  point-to-
               point interfaces.
    
         ifconfig parameters
               (Required) The ifconfig keyword and associated parame-
               ters are passed to the shell for evaluation and execu-
               tion.  It's used to  define  an  interface.   See  the
               ifconfig(1M) man page for more information.
    
         inactivity_timeout seconds
               seconds is the maximum number of seconds that the con-
               nection  associated  with  the current path can remain
               idle before it is terminated.  0 may be  specified  to
               indicate no timeout. The default is 120 seconds.
    
         interface ( ipdn | ipdptpn | ipdptp* )
               (Required) Associates a  specific  point-to-multipoint
               or  point-to-point  interface  as  denoted by the non-
               negative integer n with the current path.   The  third
               form, ipdptp*, indicates that the interface associated
               with the path is a  dynamic  interface  that  will  be
               selected  at  connect  time  from a pool of previously
               configured, inactive (down) point-to-point interfaces.
    
         ipcp_async_map hex-number
               Specifies the async  control  character  map  for  the
               current  path. The hex-number is the natural (that is,
               big endian) form representation  of  the  four  octets
               that comprise the map. The default value is ffffffff.
    
         ipcp_compression ( vj | off )
               Indicates whether IP compression is enabled or not. If
               enabled   (vj), the Van Jacobson compression algorithm
               is used. The default is compression (vj).
    
         lcp_compression ( on | off )
               Indicates whether PPP address, control,  and  protocol
               field  compression is enabled or not. If enabled, both
               the address and control field compression and the pro-
               tocol  field  compression options are set. The default
               is compression (on).
    
         lcp_mru number
               number specifies a desired maximum receive unit packet
               size in octets. The default is 1500.
    
         negotiate_address ( on | off )
               Indicates whether or not local IP  address  assignment
               is  obtained  through negotiation and assigned dynami-
               cally. If enabled, the local address will be  obtained
               from  the  remote end of the PPP link. If so obtained,
               any local address other than 0.0.0.0 can  be  used  to
               initially  configure  the interface. The default is to
               not negotiate (off).
    
         pap_id string
               One or more octets that represent the name of the host
               which will be sent to the authenticator. To indicate a
               zero length string, do not include the keyword.  Place
               this  key/value pair in the authenticatee's configura-
               tion file.
    
         pap_password string
               One or more octets that indicate the password for this
               host which will be sent to the authenticator.
                To indicate a zero length string, do not include  the
               keyword.    Place   this   key/value   pair   in   the
               authenticatee's configuration file.
    
         pap_peer_id string
               One or more octets that indicate the name of the  peer
               to  be  authenticated.   To  indicate  a  zero  length
               string,  do  not  include  the  keyword.   Place  this
               key/value  pair  in  the authenticator's configuration
               file.
    
         pap_peer_password string
               One or more octets that indicate the  password  to  be
               used  for  authentication.   To indicate a zero length
               string,  do  not  include  the  keyword.   Place  this
               key/value  pair  in  the authenticator's configuration
               file.
    
         path  (Required)  Indicates   that   all   following   token
               sequences  are to be grouped together as attributes of
               this (current)  path.  The  collection  of  attributes
               comprising  the  current  path  are  terminated by the
               occurrence of a subsequent  path or  defaults  keyword
               or by the end of file.
    
         peer_ip_address IP-address
               (Required for  point-to-multipoint  paths)  Associates
               the   IP-address  with  the current path. The value is
               ignored if the path specifies a point-to-point  inter-
               face. The  IP-address may be in "dotted decimal", hex-
               adecimal, or symbolic (that is, hostname) format.
    
         peer_system_name name
               (Required) Associates the peer system  name  with  the
               current  path.   The name is used to look up modem and
               peer specific information for outbound connections  in
               the UUCP  /etc/uucp/Systems file. For incoming connec-
               tions, the appropriate path is determined by  matching
               name  with  the login name that was used to obtain the
               connection (that is, an entry in the  /etc/passwd file
               specifies name in the username field).
    
         require_authentication ( off | pap [chap] | chap [pap] )
               Indicates that the local host  is  the  authenticator,
               and  that the peer is required to authenticate itself.
               If either pap or chap is present, the peer must parti-
               cipate  in  the authentication protocol or the connec-
               tion will be terminated.  If both  pap  and  chap  are
               present,  then  the  local  host will try to negotiate
               chap, and if that fails, the connection will  be  ter-
               minated.  The  local  host  will  not try to negotiate
               pap.  The default does not  require  authentication  (
               off).
    
               If   pap  is  required,  then  the   pap_peer_id   and
               pap_peer_password keywords and values should be speci-
               fied for the associated path. If they are  not  speci-
               fied,  the  corresponding  values  are set to the null
               string.  If  chap is required then the  chap_peer_name
               and  chap_peer_secret  keywords  and  values  must  be
               specified for the associated path.
    
         version n
               Specifies that the contents of the configuration  file
               correspond  to  format  version n.  If this keyword is
               present, it must be the first keyword in the file.  If
               absent,  the version is assumed to be 1. This document
               contains the definition of the version  1  format  for
               the configuration file.
    
         will_do_authentication ( off | pap [chap] | chap [pap] )
               Indicates that the local host is a potential authenti-
               catee  and  is willing to participate in the specified
               authentication protocol.  If both  pap  and  chap  are
               present  then the local host is willing to participate
               in either authentication protocol.  The  default  does
               not participate in authentication (off).
    
               If   pap  is   available,   then   the    pap_id   and
               pap_password  keywords  and values should be specified
               for the associated path.  If they are  not  specified,
               the  corresponding  values are set to the null string.
               If   chap  is  available  then  the    chap_name   and
               chap_secret  keywords and values must be specified for
               the associated path.
    
    EXAMPLES
         Example 1: Remote Machine
    
         In this example, the remote machine is most likely a nomadic
         or home machine with a single modem.
    
         #
         # Dial in to two servers
         #
         ifconfig ipdptp0 plumb nomad1 dialin1 private up
         path
                                    interface ipdptp0
                                    peer_system_name Pdialin1
                                    will_do_authentication pap
                                    pap_id nomad1
                                    pap_password secret
         ifconfig ipdptp1 plumb nomad1 dialin2 private up
         path
                                    interface ipdptp1
                                    peer_system_name Pdialin2
                                    lcp_mru 1006
    
         Example 2: Dial In Server supporting  a  point-to-multipoint
         interface
    
         This example shows a dial in server supporting  a  point-to-
         multipoint  interface.  There may be several modems attached
         to this server.  The network addressed by the ipd  interface
         will  be  advertised by the router, and all traffic destined
         for that network will be routed through this host.  For that
         reason,  it  is not wise to support multiple dial in servers
         with point-to-multipoint interfaces to the same network.
    
         #
         # A point-to-multipoint dial in server
         #
         ifconfig ipd0 plumb dialin1 netmask + up
         defaults
           interface ipd0
           inactivity_timeout 900  # 15 minutes
           require_authentication chap pap
           chap_peer_name nomads
         path
           peer_system_name Pnomad1
              chap_peer_secret abcd
           pap_peer_id nomad1
           pap_peer_password secret
              peer_ip_address nomad1
         path
           peer_system_name Pnomad2
           chap_peer_secret a\sspace
              peer_ip_address nomad2
    
         path
            peer_system_name Pnomad3
            inactivity_timeout 0  # No timeout for this host
            chap_peer_secret \#123;.
              peer_ip_address nomad3
         path
                                      peer_system_name Pnomad4
                                      chap_peer_secret My\sSecret#Word
             peer_ip_address nomad4
    
         Example 3: Dynamic point to-point dial in server
    
         This is another dial in server that supports dynamic  point-
         to-point  interfaces.   Usually the server has one modem for
         each interface.  One advantage of using  dynamic  interfaces
         is that (host) routes will only be advertised when an inter-
         face is up.  Therefore, multiple dial in servers can be sup-
         ported.
    
         #
         # A dynamic point-to-point dial in server
         #
         ifconfig ipdptp0 plumb dialin2 client1 down
         ifconfig ipdptp1 plumb dialin2 client2 down
         ifconfig ipdptp2 plumb dialin2 client3 down
         defaults
                 interface ipdptp*
                 inactivity_timeout 900
                 debug_level 5
    
         path
                 peer_system_name Pnomad1
         path
                 peer_system_name Pnomad2
         path
                 peer_system_name Pnomad3
         path
                 peer_system_name Pnomad4
    
    FILES
         /etc/asppp.cf
               configuration file
    
         /etc/log/asppp.log
               message log file
    
         /etc/uucp/Devices
    
         /etc/uucp/Dialers
    
         /etc/uucp/Sysfiles
    
         /etc/uucp/Systems
    
         /tmp/.asppp.fifo
               communication path between aspppd and aspppls
    
         /usr/sbin/aspppd
               link manager
    
         /usr/sbin/aspppls
               login service
    
    ATTRIBUTES
         See attributes(5) for descriptions of the  following  attri-
         butes:
    
         ____________________________________________________________
        |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
        |_____________________________|_____________________________|
        | Availability                | SUNWapppu                   |
        |_____________________________|_____________________________|
    
    
    SEE ALSO
         kill(1), ifconfig(1M), in.routed(1M), attributes(5), ppp(7M)
    
         TCP/IP and Data Communications Administration Guide
    
    
    
    


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру