Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OpenBSD-5.7)
Apropos / Subsearch:
optional field

SPPP(4)                  BSD Kernel Interfaces Manual                  SPPP(4)

     sppp -- PPP and Link Control Protocol

     pseudo-device sppp [count]

     The sppp network layer implements the state machine and Link Control Pro-
     tocol (LCP) of the Point-to-Point Protocol (PPP) as described in RFC
     1661.  Note that this layer does not provide network interfaces of its
     own, it is rather intended to be layered on top of drivers providing a
     point-to-point connection that wish to run a PPP stack over it.  The cor-
     responding network interfaces have to be provided by these hardware driv-

     The sppp layer provides three basic modes of operation.  The default
     mode, with no special flags set, is to create the PPP connection (admin-
     istrative Open event to the LCP layer) as soon as the interface is taken
     up with the ifconfig(8) command.  Taking the interface down again will
     terminate the LCP layer and thus all other layers on top.  The link will
     also terminate itself as soon as no Network Control Protocol (NCP) is
     open anymore, indicating that the lower layers are no longer needed.

     Setting the link-level flag link0 with ifconfig(8) will cause the respec-
     tive network interface to go into passive mode.  This means the adminis-
     trative Open event to the LCP layer will be delayed until after the lower
     layers signal an Up event (rise of ``carrier'').  This can be used by the
     lower layers to support a dial-in connection where the physical layer
     isn't available immediately at startup, but only after some external
     event arrives.  Receipt of a Down event from the lower layer will not
     take the interface completely down in this case.

     Finally, setting the flag link1 will cause the interface to operate in
     dial-on-demand mode.  This is also only useful if the lower layers sup-
     port the notion of a carrier (like with an ISDN line).  Upon configuring
     the respective interface, it will delay the administrative Open event to
     the LCP layer until either an outbound network packet arrives, or until
     the lower layers signal an Up event, indicating an inbound connection.
     As with passive mode, receipt of a Down event (loss of carrier) will not
     automatically take the interface down, thus it remains available for fur-
     ther connections.

     The sppp layer supports the debug interface flag, which can be set with
     ifconfig(8).  If this flag is set, the various control protocol packets
     being exchanged as well as the option negotiation between both ends of
     the link will be logged at level LOG_DEBUG.  This can be helpful to exam-
     ine configuration problems during the first attempts to set up a new con-
     figuration.  Without this flag being set, only the major phase transi-
     tions will be logged at level LOG_INFO.

     It is possible to leave the local interface IP address open for negotia-
     tion by setting it to  This requires that the remote peer can
     correctly supply a value for it based on the identity of the caller, or
     on the remote address supplied by this side.  Due to the way the IPCP
     option negotiation works, this address is supplied late during the nego-
     tiation, which could cause the remote peer to make false assumptions.

     In a similar spirit the remote address can be set to the magical value, which means that we don't care what address the remote side will
     use, as long as it is not  This is useful if your ISP has sev-
     eral dial-in servers.  You can of course route add something or other and it will do exactly what you would want it to.

     The PAP and CHAP authentication protocols, as described in RFCs 1334 and
     1994, respectively, are also implemented.  Their parameters are con-
     trolled by the ifconfig(8) utility.

     Display the settings for pppoe0.  The interface is currently in the
     establish phase and tries to connect to the remote peer; other possible
     PPP phases are dead, authenticate, network, or terminate.  Both ends of
     the connection use the CHAP protocol, the local client tells the remote
     peer the system name 'uriah', and the peer is expected to authenticate by
     the name 'ifb-gw'.  Once the initial CHAP handshake has been successful,
     no further CHAP challenges will be transmitted.  There are supposedly
     some known CHAP secrets for both ends of the link which are not dis-

           $ ifconfig pppoe0
           pppoe0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1492
                   dev: em0 state: PADI sent
                   sid: 0x0 PADI retries: 0 PADR retries: 0
                   sppp: phase establish authproto chap authname "uriah" \
                           peerproto chap peername "ifb-gw" norechallenge
                   groups: pppoe
                   inet --> netmask 0xffffffff

     A possible call to ifconfig(8) that could have been used to bring the
     interface into the state shown by the previous example:

           # ifconfig em0 up
           # ifconfig pppoe0 netmask 0xffffffff \
                   pppoedev em0 \
                   authproto chap authname uriah authkey "some secret" \
                   peerproto chap peername "ifb-gw" peerkey "another" \
                   peerflag norechallenge \

     <&lt;ifname>&gt;<&lt;ifnum>&gt;: <&lt;proto>&gt; illegal <&lt;event>&gt; in state <&lt;statename>&gt;  An event
     happened that should not happen for the current state the respective con-
     trol protocol is in.  See RFC 1661 for a description of the state automa-

     <&lt;ifname>&gt;<&lt;ifnum>&gt;: loopback  The state automaton detected a line loopback
     (that is, it was talking with itself).  The interface will be temporarily

     <&lt;ifname>&gt;<&lt;ifnum>&gt;: up  The LCP layer is running again, after a line loop-
     back had previously been detected.

     <&lt;ifname>&gt;<&lt;ifnum>&gt;: down  The keepalive facility detected the line being
     unresponsive.  Keepalive must be explicitly requested by the lower layers
     in order to take place.

     inet(4), pppoe(4), ifconfig(8)

     G. McGregor, The PPP Internet Protocol Control Protocol (IPCP), RFC 1332,
     May 1992.

     B. Lloyd and W. Simpson, PPP Authentication Protocols, RFC 1334, October

     W. Simpson, The Point-to-Point Protocol (PPP), RFC 1661, July 1994.

     W. Simpson, PPP Challenge Handshake Authentication Protocol (CHAP), RFC
     1994, August 1996.

     S. Varada, D. Haskins, and E. Allen, IP Version 6 over PPP, RFC 5072,
     September 2007.

     The original implementation of sppp was written in 1994 at Cronyx Ltd.,
     Moscow, by Serge Vakulenko <vak@cronyx.ru>.  Joerg Wunsch
     <joerg_wunsch@uriah.heep.sax.de> rewrote a large part in 1997 in order to
     fully implement the state machine as described in RFC 1661, so it could
     also be used for dialup lines.  He also wrote the initial version of this
     man page.  Serge later on wrote a basic implementation for PAP and CHAP,
     which served as the base for the current implementation, done again by
     Joerg Wunsch.

     Reyk Floeter implemented sppp support for ifconfig(8) in OpenBSD 4.0 in
     order to remove the original 'spppcontrol' utility, which was previously
     used to configure and display the sppp settings.


     Negotiation loop avoidance is not fully implemented.  If the negotiation
     doesn't converge, this can cause an endless loop.

     The various parameters that should be adjustable per RFC 1661 are cur-
     rently hard-coded into the kernel, and should be made accessible through

     Passive mode has not been tested extensively.

     More NCPs should be implemented, as well as other control protocols for
     authentication and link quality reporting.

     IPCP should support VJ header compression.

     Link-level compression protocols should be supported.

BSD                             March 26, 2017                             BSD