Manual Page Search Parameters
PPPOE(4) Device Drivers Manual PPPOE(4)

pppoePPP Over Ethernet protocol network interface

pseudo-device pppoe

The pppoe interface encapsulates packets inside Ethernet frames as defined by RFC 2516.

This is often used to connect a router via a DSL modem to an access concentrator. The pppoe interface does not by itself transmit or receive frames, but needs an Ethernet interface to do so. This Ethernet interface is connected to the pppoe interface via ifconfig(8). The Ethernet interface needs to be marked UP, but does not need to have an IP address.

There are two basic modes of operation, controlled via the link1 switch. The default mode, link1 not being set, tries to keep the configured session open all the time. If the session is disconnected, a new connection attempt is started immediately. The “dial on demand” mode, selected by setting link1, only establishes a connection when data is being sent to the interface.

Before a pppoe interface is usable, it needs to be configured. The following steps are necessary:

This all is typically accomplished using an /etc/hostname.pppoe0 file. A typical file looks like this:

inet 0.0.0.0 255.255.255.255 NONE \
	pppoedev em0 authproto pap \
	authname 'testcaller' authkey 'donttell' up
dest 0.0.0.1
inet6 eui64
!/sbin/route add default -ifp pppoe0 0.0.0.1
!/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0

The physical interface must also be marked ‘up’:

# echo "up" > /etc/hostname.em0

Since this is a PPP interface, the addresses assigned to the interface may change during PPP negotiation. In the above example, 0.0.0.0 and 0.0.0.1 serve as placeholders for dynamic address configuration.

If the local address is set to wildcard address 0.0.0.0, it will be changed to an address suggested by the peer.

If the destination address is set to a wildcard address in the range from 0.0.0.1 to 0.0.0.255, it will be changed to an address suggested by the peer, and if a default route which uses this interface exists the gateway will be changed to the suggested address as well.

Otherwise, PPP negotiation will only agree to exactly the IPv4 addresses which are configured on the interface.

pppoe does not interfere with other PPPoE implementations running on the same machine. However under some circumstances (such as after a crash or power failure) the peer device might initially refuse to reestablish a new PPPoE connection because there is already an open session. This would be indicated by the client sending a high number of PADI packets before successfully connecting. The pppoe driver can be told to kill all unknown PPPoE sessions by sending a PADT packet to explicitly terminate the old session. Add the following to the kernel config file:

option PPPOE_TERM_UNKNOWN_SESSIONS

PPPoE has an 8-byte header. When run over a network interface with the standard Ethernet maximum transmission unit (MTU) of 1500 bytes, this reduces the maximum available MTU to 1492. pppoe sets the default MTU to this value. Unfortunately issues can occur when the path between the two endpoints of a TCP connection are not able to carry same sized packets, leading to possible packet fragmentation and sometimes packet loss. In that case the maximum packet size can be set using the max-mss option in pf.conf(5). For example:

match on pppoe0 scrub (max-mss 1440)

When using a PPPoE device configured for a higher MTU ("jumbo frames"), the MTU for the pppoe device can also be raised. In this case pppoe attempts to negotiate the higher size with the other PPPoE endpoint using the RFC 4638 protocol. This can allow standard Ethernet packet sizes (1500 bytes) to be carried over PPPoE. For example, in /etc/hostname.pppoe0:

inet 0.0.0.0 255.255.255.255 NONE mtu 1500 \
	pppoedev em0 authproto pap \
	authname 'testcaller' authkey 'donttell' up
dest 0.0.0.1
!/sbin/route add default -ifp pppoe0 0.0.0.1

The physical interface would also have to be configured correspondingly:

# echo "up mtu 1508" > /etc/hostname.em0

However, RFC 4638 negotiation only takes into account the MTU configured on the endpoints, not the maximum MTU supported on the path between them. If the path cannot pass the larger Ethernet frames, negotiation will succeed but the larger frames will be dropped. For this reason it is important to test the connection with large packets when enabling a higher MTU.

sppp(4), hostname.if(5), pf.conf(5), ifconfig(8)

L. Mamakos, K. Lidl, J. Evarts, D. Carrel, D. Simone, and R. Wheeler, A Method for Transmitting PPP Over Ethernet (PPPoE), RFC 2516, February 1999.

P. Arberg, D. Kourkouzelis, M. Duckett, T. Anschutz, and J. Moisand, Accommodating a Maximum Transit Unit/Maximum Receive Unit (MTU/MRU) Greater Than 1492 in the Point-to-Point Protocol over Ethernet (PPPoE), RFC 4638, September 2006.

The pppoe device first appeared in OpenBSD 3.7.

This implementation is client side only.

It is important to specify “netmask 255.255.255.255” to ifconfig(8). If the netmask is unspecified, it will be set to 8 when 0.0.0.0 is configured to the interface, and it will persist after negotiation.

The presence of a mygate(5) file will interfere with the routing table. Make sure this file is either empty or does not exist.

Two pppoe interfaces configured with the same wildcard destination address cannot share a routing table.

May 27, 2022 openbsd