1

I currently have two PPPoE connections established, the first one, ppp0 (configured as default gateway) is perfectly usable, the second, ppp1 however does not seem to forward any traffic to "userland". If I do ping -I ppp0 google.com I get responses, doing the same on the second connection - ping -I ppp1 google.com results in an apparent 100% packet loss. Running tshark -i ppp1 at the same time shows both ICMP Echo requests and replies though.

ping -I ppp1 google.com
PING google.com (74.125.225.142) from 1.2.3.4 ppp1: 56(84) bytes of data.
^C
--- google.com ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6047ms

Tshark is running at the same time

tshark -i ppp1
Capturing on ppp1
8.358744 1.2.3.4 -> 74.125.225.142 ICMP 100 Echo (ping) request  id=0x3630, seq=1/256, ttl=64
8.381235 74.125.225.142 -> 1.2.3.4 ICMP 100 Echo (ping) reply    id=0x3630, seq=1/256, ttl=57
9.366481 1.2.3.4 -> 74.125.225.142 ICMP 100 Echo (ping) request  id=0x3630, seq=2/512, ttl=64
9.388846 74.125.225.142 -> 1.2.3.4 ICMP 100 Echo (ping) reply    id=0x3630, seq=2/512, ttl=57

I thought that the problem might be related to the firewall rules but the rules are configured for ppp+, so ppp0 and ppp1 should be treated equally (confirmed with iptables -v -L).

What am I doing wrong?

Andrei
  • 201
  • 2
  • 4
  • Best way to rule out firewall issues would be to stop any potentially vulnerable services, clear all firewall rules and custom chains, then set the three default chains (INPUT, FORWARD, OUTPUT) to ACCEPT, if you still have problems its not firewall related. – Aaron Tate Oct 15 '13 at 02:03
  • @AaronTate thank you for the suggestion - I just tried that, there is no change - pings from `ppp0` go through fine, `ppp1` - nothing. – Andrei Oct 15 '13 at 02:07
  • Is ping running as root? Are you able to ping the interfaces own local address (ie 1.2.3.4 in your posted example). – Aaron Tate Oct 15 '13 at 02:48
  • Yes to all. I found the answer - it was related to requirement of having separate routing table for the secondary ppp interface. – Andrei Oct 16 '13 at 13:17

1 Answers1

0

Found the answer here: http://blog.meisterbrau.org/2009/03/routing-over-multiple-ppp-accounts.html. Basically, it's not enough to have successfully established connection, it's necessary to create a separate routing table, even if the second interface is not used for routing of any traffic other than to/from itself. A bit counter-intuitive, in my opinion.

Andrei
  • 201
  • 2
  • 4