Setting up a SLIP server
Contribudted by &a.ghelmer;.
v1.0, 15 May 1995.
This document provides suggestions for setting up SLIP Server services
on a FreeBSD system, which typically means configuring your system to
automatically startup connections upon login for remote SLIP clients.
The author has written this document based on his experience;
however, as your system and needs may be different, this document may
not answer all of your questions, and the author cannot be responsible
if you damage your system or lose data due to attempting to follow the
suggestions here.
This guide was originally written for SLIP Server services on a
FreeBSD 1.x system. It has been modified to reflect changes in the
pathnames and the removal of the SLIP interface compression flags in
FreeBSD 2.x, which appear to be the only major changes between
FreeBSD versions. If you do run encounter mistakes in this document,
please email the author with enough information to help correct the
problem.
For FreeBSD 1.x users, all of the files referenced in the directory
/etc/sliphome are actually in the /etc directory.
Prerequisites>
This document is very technical in nature, so background knowledge is
required. It is assumed that you are familiar with the TCP/IP network
protocol, and in particular, network and node addressing, network
address masks, subnetting, routing, and routing protocols, such as
RIP. Configuring SLIP services on a dial-up server requires a
knowledge of these concepts, and if you are not familiar with them,
please read a copy of either Craig Hunt's TCP/IP Network
Administration published by O'Reilly & Associates, Inc. (ISBN
Number 0-937175-82-X), or Douglas Comer's books on the TCP/IP
protocol.
It's further assumed that you have already setup your modem(s) and
configured the appropriate system files to allow logins through your
modems. If you haven't prepared your system for this yet, please see
the tutorial for configuring dialup services; if you have a World-Wide
Web browser available, browse the list of tutorials at
http://www.freebsd.org/How ; otherwise, check the place
where you found this document for a document named Quick Overview
In its typical configuration, using FreeBSD as a SLIP server works as
follows: a SLIP user dials up your FreeBSD SLIP Server system and logs
in with a special SLIP login ID that uses /usr/sbin/sliplogin
as the special user's shell. The /etc/sliphome/slip.hosts to find a matching line for
the special user, and if it finds a match, connects the serial line to
an available SLIP interface and then runs the shell script
/etc/sliphome/slip.login to configure the SLIP interface.
An Example of a SLIP Server Login
For example, if a SLIP user ID were Shelmerg , /etc/master.passwd would look something like this
(except it would be all on one line):
Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP:
/usr/users/Shelmerg:/usr/sbin/sliplogin
and, when sliplogin will search
/etc/sliphome/slip.hosts for a line that had a matching user
ID; for example, there may be a line in
/etc/sliphome/slip.hosts that reads:
Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp
/etc/sliphome/slip.login like this:
/etc/sliphome/slip.login 0 19200 Shelmerg dc-slip sl-helmer 0xfffffc00 autocomp
If all goes well, /etc/sliphome/slip.login will issue an
ifconfig for the SLIP interface to which slip.login ) to set the
local IP address (dc-slip ), remote IP address
(sl-helmer ), network mask for the SLIP interface
(0xfffffc00 ), and any additional flags (autocomp ).
If something goes wrong, /var/log/messages (see the manual pages for
syslogd(8) and syslog.conf(5) , and perhaps check
/etc/syslog.conf to see to which files syslogd is
logging).
OK, enough of the examples -- let's dive into setting up the system.
Kernel Configuration
FreeBSD's default kernels usually come with two SLIP interfaces
defined (sl0 and sl1 ); you can use netstat
-i to see whether these interfaces are defined in your kernel.
Sample output from netstat -i :
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
ed0 1500 0.0.c0.2c.5f.4a 291311 0 174209 0 133
ed0 1500 138.247.224 ivory 291311 0 174209 0 133
lo0 65535 79 0 79 0 0
lo0 65535 loop localhost 79 0 79 0 0
sl0* 296 0 0 0 0 0
sl1* 296 0 0 0 0 0
The sl0 and sl1 interfaces shown in netstat
-i 's output indicate that there are two SLIP interfaces built
into the kernel. (The asterisks after the sl0 and
sl1 indicate that the interfaces are ``down''.)
However, FreeBSD's default kernels do not come configured to forward
packets (ie, your FreeBSD machine will not act as a router) due to
Internet RFC requirements for Internet hosts (see RFC's 1009
[Requirements for Internet Gateways], 1122
[Requirements for Internet Hosts -- Communication Layers],
and perhaps 1127 [A Perspective on the Host Requirements
RFCs]), so if you want your FreeBSD SLIP Server to act as a
router, you'll have to add the line options GATEWAY to your
machine's kernel configuration file and re-compile the kernel anyway.
(Trivia: ``Gateways'' are the Internet's old name for what are now
usually called ``routers''.)
Please see the BSD System Manager's Manual chapter on ``Building
Berkeley Kernels with Config'' [the source for which is in
/usr/src/share/doc/smm ] and ``FreeBSD Configuration
Options'' [in /sys/doc/options.doc ] for more
information on configuring and building kernels. You may have to
unpack the kernel source distribution if haven't installed the system
sources already (srcdist/srcsys.?? in FreeBSD 1.1,
srcdist/sys.?? in FreeBSD 1.1.5.1, or the entire source
distribution in FreeBSD 2.0) to be able to configure and build
kernels.
You'll notice that near the end of the default kernel configuration
file (/sys/i386/conf/GENERICAH ) is a line that reads:
pseudo-device sl 2
which is the line that defines the number of SLIP devices available in
the kernel; the number at the end of the line is the maximum number of
SLIP connections that may be operating simultaneously.
See the document ``Building Berkeley Kernels with Config'' and the
manual page for config(8) to see how to configure and build
kernels.
Sliplogin Configuration
As mentioned earlier, there are three files in the
/etc/sliphome directory that are part of the configuration
for /usr/sbin/sliplogin (see sliplogin(8) for the
actual manual page for sliplogin ): slip.hosts , which
defines the SLIP users & their associated IP addresses;
slip.login , which usually just configures the SLIP interface;
and (optionally) slip.logout , which undoes
slip.login 's effects when the serial connection is
terminated.
slip.hosts Configuration
/etc/sliphome/slip.hosts contains lines which have at least
four items, separated by whitespace:
- SLIP user's login ID
- Local address (local to the SLIP server) of the SLIP link
- Remote address of the SLIP link
- Network mask
The local and remote addresses may be host names (resolved to IP
addresses by /etc/hosts or by the domain name service,
depending on your specifications in /etc/host.conf ), and I
believe the network mask may be a name that can be resolved by a
lookup into /etc/networks . On a sample system,
/etc/sliphome/slip.hosts looks like this:
----- begin /etc/sliphome/slip.hosts -----
#
# login local-addr remote-addr mask opt1 opt2
# (normal,compress,noicmp)
#
Shelmerg dc-slip sl-helmerg 0xfffffc00 autocomp
----- end /etc/sliphome/slip.hosts ------
At the end of the line is one or more of the options.
-
normal - no header compression
-
compress - compress headers
-
autocomp - compress headers if the remote end allows it
-
noicmp - disable ICMP packets (so any ``ping'' packets will be
dropped instead of using up your bandwidth)
It appears that section and/or consult your IP network manager.
If you are going to use a separate subnet for your SLIP clients, you
will need to allocate the subnet number out of your assigned IP
network number and assign each of your SLIP client's IP numbers out of
that subnet. Then, you will probably either need to configure a
static route to the SLIP subnet via your SLIP server on your nearest
IP router, or install gated on your FreeBSD SLIP server and
configure it to talk the appropriate routing protocols to your other
routers to inform them about your SLIP server's route to the SLIP
subnet.
Otherwise, if you will use the ``proxy ARP'' method, you will need to
assign your SLIP client's IP addresses out of your SLIP server's
Ethernet subnet, and you'll also need to adjust your
/etc/sliphome/slip.login and
/etc/sliphome/slip.logout scripts to use arp(8) to
manage the proxy-ARP entries in the SLIP server's ARP table.
slip.login Configuration
The typical /etc/sliphome/slip.login file looks like this:
----- begin /etc/sliphome/slip.login -----
#!/bin/sh -
#
# @(#)slip.login 5.1 (Berkeley) 7/1/90
#
# generic login file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 inet $4 $5 netmask $6
----- end /etc/sliphome/slip.login -----
This slip.login file merely ifconfig's the appropriate SLIP
interface with the local and remote addresses and network mask of the
SLIP interface.
If you have decided to use the ``proxy ARP'' method (instead of using
a separate subnet for your SLIP clients), your
/etc/sliphome/slip.login file will need to look something
like this:
----- begin /etc/sliphome/slip.login for "proxy ARP" -----
#!/bin/sh -
#
# @(#)slip.login 5.1 (Berkeley) 7/1/90
#
# generic login file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 inet $4 $5 netmask $6
# Answer ARP requests for the SLIP client with our Ethernet addr
/usr/sbin/arp -s $5 00:11:22:33:44:55 pub
----- end /etc/sliphome/slip.login for "proxy ARP" -----
The additional line in this slip.login , arp -s $5
00:11:22:33:44:55 pub , creates an ARP entry in the SLIP server's
ARP table. This ARP entry causes the SLIP server to respond with the
SLIP server's Ethernet MAC address whenever a another IP node on the
Ethernet asks to speak to the SLIP client's IP address.
When using the example above, be sure to replace the Ethernet MAC
address (00:11:22:33:44:55 ) with the MAC address of your
system's Ethernet card, or your ``proxy ARP'' will definitely not work!
You can discover your SLIP server's Ethernet MAC address by looking at
the results of running netstat -i ; the second line of the output
should look something like:
ed0 1500 0.2.c1.28.5f.4a 191923 0 129457 0 116
^^^^^^^^^^^^^^^
which indicates that this particular system's Ethernet MAC address is
00:02:c1:28:5f:4a -- the periods in the Ethernet MAC address
given by netstat -i must be changed to colons and leading zeros
should be added to each single-digit hexadecimal number to convert the
address into the form that arp(8) desires; see the manual page on
arp(8) for complete information on usage.
Note that when you create /etc/sliphome/slip.login and
/etc/sliphome/slip.logout , the ``execute'' bit (ie,
chmod 755 /etc/sliphome/slip.login
/etc/sliphome/slip.logout ) must be set, or sliplogin
will be unable to execute it.
slip.logout Configuration
/etc/sliphome/slip.logout isn't strictly needed (unless you
are implementing ``proxy ARP''), but if you decide to create it, this
is an example of a basic slip.logout script:
----- begin /etc/sliphome/slip.logout -----
#!/bin/sh -
#
# slip.logout
#
# logout file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 down
----- end /etc/sliphome/slip.logout -----
If you are using ``proxy ARP'', you'll want to have
/etc/sliphome/slip.logout remove the ARP entry for the SLIP
client:
----- begin /etc/sliphome/slip.logout for "proxy ARP" -----
#!/bin/sh -
#
# @(#)slip.logout
#
# logout file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 down
# Quit answering ARP requests for the SLIP client
/usr/sbin/arp -d $5
----- end /etc/sliphome/slip.logout for "proxy ARP" -----
The arp -d $5 removes the ARP entry that the ``proxy ARP''
slip.login added when the SLIP client logged in.
It bears repeating: make sure /etc/sliphome/slip.logout has
the execute bit set for after you create it (ie, chmod 755
/etc/sliphome/slip.logout ).
Routing Considerations
If you are not using the ``proxy ARP'' method for routing packets
between your SLIP clients and the rest of your network (and perhaps
the Internet), you will probably either have to add static routes to
your closest default router(s) to route your SLIP client subnet via
your SLIP server, or you will probably need to install and configure
gated on your FreeBSD SLIP server so that it will tell your
routers via appropriate routing protocols about your SLIP subnet.
Static Routes
Adding static routes to your nearest default routers can be
troublesome (or impossible, if you don't have authority to do so...).
If you have a multiple-router network in your organization, some
routers, such as Cisco and Proteon, may not only need to be configured
with the static route to the SLIP subnet, but also need to be told
which static routes to tell other routers about, so some expertise and
troubleshooting/tweaking may be necessary to get static-route-based
routing to work.
Running gated
An alternative to the headaches of static routes is to install
gated on your FreeBSD SLIP server and configure it to use the
appropriate routing protocols (RIP/OSPF/BGP/EGP) to tell other routers
about your SLIP subnet. ftp.gated.cornell.edu in the directory
/pub/gated ; I believe the current version as of this writing
is gated-R3_5Alpha_8.tar.Z , which includes support for
FreeBSD ``out-of-the-box''. Complete information and documentation on
gated is available on the Web starting at
http://www.gated.cornell.edu/ . Compile and install it, and
then write a /etc/gated.conf file to configure your gated;
here's a sample, similar to what the author used on a FreeBSD SLIP
server:
----- begin sample /etc/gated.conf for gated version 3.5Alpha5 -----
#
# gated configuration file for dc.dsu.edu; for gated version 3.5alpha5
# Only broadcast RIP information for xxx.xxx.yy out the ed Ethernet interface
#
#
# tracing options
#
traceoptions "/var/tmp/gated.output" replace size 100k files 2 general ;
rip yes {
interface sl noripout noripin ;
interface ed ripin ripout version 1 ;
traceoptions route ;
} ;
#
# Turn on a bunch of tracing info for the interface to the kernel:
kernel {
traceoptions remnants request routes info interface ;
} ;
#
# Propagate the route to xxx.xxx.yy out the Ethernet interface via RIP
#
export proto rip interface ed {
proto direct {
xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections
} ;
} ;
#
# Accept routes from RIP via ed Ethernet interfaces
import proto rip interface ed {
all ;
} ;
----- end sample /etc/gated.conf -----
The above sample gated.conf file broadcasts routing
information regarding the SLIP subnet xxx.xxx.yy via RIP onto
the Ethernet; if you are using a different Ethernet driver than the
/var/tmp/gated.output for debugging gated 's
activity; you can certainly turn off the tracing options if
gated works OK for you. You'll need to change the
xxx.xxx.yy 's into the network address of your own SLIP subnet
(be sure to change the net mask in the proto direct clause as
well).
When you get gated built and installed and create a
configuration file for it, you'll need to run gated in place
of routed on your FreeBSD system; change the
routed/gated startup parameters in /etc/netstart as
appropriate for your system. Please see the manual page for
gated for information on gated 's command-line
parameters.
Acknowledgements
Thanks to these people for comments and advice regarding this tutorial: