Tutorial on  RFC1483/2684 implementation for Linux 2.4.x
Last Modified:
Thu Apr 26 13:31:34 MEST 2001

The webpage of the project is (please check it for up2date info):
http://home.sch.bme.hu/~cell/br2684/

Tutorial written by Joonbum Byun <jbyun@megaxess.com>
Senior Software Engineer
                     MEGAXESS
             Intelligent Edge Quality
        T: 301-540-2600  F: 301-540-4600
             http://www.megaxess.com
12800 Middlebrook Rd. #206, Germantown, MD, 20874, USA
______________________________________________________

Hi Curious Reader,
This brief tutorial covers on how to install RFC1483/2684
implementation for linux kernel version 2.4.x
written by Marcell GAL <cell@x-dsl.hu> (XDSL Ltd. Hungary)

Please submit corrections/ideas/experiences/anything to both
Marcell GAL <cell@x-dsl.hu>, and  Joonbum Byun <jbyun@megaxess.com>
(even if you CC to linuxatm mailing list)
in email preferrably (but not exlusively) in plaintext format.

If you want to use your ATM-enabled Linux box to handle RFC1483/2684
bridged PDUs this document is for you.
This is most often used in ADSL scenarios where -usually- subscribers'
ethernet traffic is encapsulated in ATM AAL5 (by bridging ADSL modems)
according to RFC2684. 
The subscriber-side ADSL modem can be external with ethernet connector 
or internal ADSL card in PC.
RFC1483 is obsoleted by RFC2684 (no functional changes AFAIK).

For example it is possible to  set up your linux box to handle several
ATM PVC's with bridged-1483 (sometimes referred as SNAP) encapsulation.
The Linux might provide DHCP, IP masquerading, IP firewall service or
bridge the Ethernet frames just like if it had several ethernet interfaces.
In fact it will have several (logical) ethernet interfaces, where
ATM is just used as a carrier.

This does not provide driver for any ATM card, you have to check from
the linux-atm project if your card is supported!! (Well, it should
work with tcpatm - yet untested) See the USAGE on ATM in the linuxatm
distribution. Without properly configuring your ATM card into your kernel
this document is useless. Also you will find nice utilities like
sonetdiag and atmdump... (Thanx to Werner Almesberger)

-------------------------------------

(the filenames here should not be graved to stone, they
will change as new versions come out, sorry for
the sloppyness - Cell)

*How to get the pieces prepared:
First, get the following kernel patch, which is against the kernel
2.4.2 (later 2.4.x should work as well.. with patch warnings)
http://home.sch.bme.hu/~cell/br2684/dist/010402/br2684-against2.4.2.diff

Apply the patch using

% patch -p1 < ../br2684-against2.4.2.diff

Select the RFC1483/2684 option in kernel configuration and rebuild the
kernel. Next, get the following BR2684 utility;

http://home.sch.bme.hu/~cell/br2684/dist/010402/brctl-010226.c

WARNING!!!!!!!
If you haven't installed ATM0.78 (or later) from 
http://linux-atm.sourceforge.net/
your compile will fail.
Redhat7.0 is broken, I do not know how to fix it 
(personally I think it does not worth to fix it, but 
I'll take a note here if you have
the solution...)

Your compiler MUST see the patched kernel-tree's includes!!
Usually this is achieved by /usr/include/linux and /usr/include/asm
beeing symlinks into actual kernel-tree, but gcc -I/usr/src/linux/include
should work as well.

Unzip and compile with;

% cc -o br2684ctl br2684ctl.c -l atm.


Again...
Do you have the correct symlinks in /usr/include/linux and /usr/include/asm?
If your gcc cannot see the relevant .h files the compile will fail.
(Before the patch operation you have little chance, honestly ;)

You might find precompiled br2684ctl or brctl utility but that is 
unsupported, if I were you I would compile my own..
You have to compile your kernel anyway...

----------------
*How to use the br2684 utility.

The command br2684ctl enables you to make use of the ioctl calls defined
in the
br2684 kernel patch. It creates a new interface named nas[n], where  
0<= n < 1234567890, which is bind to an specific ATM PVC. It requires two
mandatory
arguments, the  -c interface number and the -a ATM PVC. It should be
noted that the order of the command argument matters; -c should come
first followed by -a. You can create many interfaces in one go, just
make a long command line ;) 
(See br2684ctl.c how it processes the command line, it is a bit of
a hack - Cell)

br2684ctl  [-c n -e 0|1 -b 0|1 -s buf_size -a [itf].vpi.vci ]+

-a [itf].vpi.vci : ATM PVC number, VPI and VCI. Mandatory
-c n             : BR2684 interface number such as nas0,
                   nas1,... Mandatory
-e 0|1           : Encapsulation method. 0=LLC, 1=VC mux.
                   default is 0, LLC
-b 0|1           : Running background. 1=background,
                   0=foreground. Default is 0
-s buf_size      : send buffer size. Default is 8192.

For example, following command will create a nas0 interface which looks
for the
ATM PVC with VPI=0 and VCI=401. You need to configure the PVC connection
0.401
of the ATM switch manually.

% br2684ctl -c 0 -a 0.401

The command will only create a new interface nas0, which is nothing to
do with
IP configuration. Next step is to assign an IP address and net mask to
the interface nas0 using the ifconfig command. Using ifconfig, you can
also assign a Ethernet MAC address to the interface nas0, if needed.

% ifconfig nas0 192.168.2.1 netmask 255.255.255.0
% route ..... whatever you want ....
----------------------------
--- the rest is in no way specific to br2684, but useful anyway 
--- see the pointers at the end of this document

*Setting up the DHCP daemon.

Edit the /etc/dhcpd.conf as follows;
Add sub_domain name for the new device nas0 in option domain-name.
For example, following line will add the domain name d1.foo.com

            option domain-name  "d1.foo.com" ;

Add subnet information for the new device(nas0). Make sure that the
order of subnet information properly match with its new domain name
d1.foo.com.

            subnet 192.168.1.0 netmask 255.255.255.0 {
                       option routers 192.168.1.1;
                       options broadcast-address 192.168.1.255;
                       range 192.168.1.200 192.168.1.254;
            }

*Setting up the Network Address Translation (NAT) and firewall.

You might want IP masquerading. Starting from the version
2.4.0test9, the kernel has new modules of IP masquerading and firewall,
called iptables, which is a replacement of ipchain.

Following file contains iptables source codes and makefile. You need to
use
command bzip2 -u to uncompress the files with bz2 extention.

http://netfilter.filewatcher.org/iptables-1.1.2.tar.bz2

FAQ on iptables;
http://netfilter.filewatcher.org/netfilter-faq.html

Documents on Packet filtering;
http://netfilter.filewatcher.org/unreliable-guides/packet-filtering-HOWTO.html

and on NAT;
http://netfilter.filewatcher.org/unreliable-guides/NAT-HOWTO.html

Once the iptables is installed, issue the command;

%iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
%echo 1 > /proc/sys/net/ipv4/ip_forward

-------------------------------------------------------------------------------