pie/ftth-tiscali-no-modem
2
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

First commit

Browse Source
This commit is contained in:
pie
2022-02-06 16:47:35 +01:00
commit 6864ed7938
5 changed files with 107 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
README.md Normal file
View File

@@ -0,0 +1,107 @@
# FTTH Tiscali without modem
This is a short guide on how to connect your Linux box to the Internet using directly the GPON provided by Tiscali.
## TL;DR
You just need `pppd` and a virtual Ethernet device. The latter is created with:
`ip link add link eth0 name eth0.835 type vlan id 835`
assuming your ethernet device is `eth0`.
Credentials for PPPoE can be obtained [here for Tiscali](https://assistenza.tiscali.it/supporto/moduli/servizi/modem-libero/). You can also sniff the [CHAP](https://en.wikipedia.org/wiki/Challenge-Handshake_Authentication_Protocol) authentication and crack it, the password is just 6 numeric characters.
To connect to the PPPoE server, install `pppd` and configure it
##### /etc/ppp/peers/tiscali
```
plugin pppoe.so
# rp_pppoe_ac 'your ac name'
# rp_pppoe_service 'your service name'
# network interface
eth0.835
# login name
name "NAME.SURNAME@tiscali.it"
usepeerdns
persist
# Uncomment this if you want to enable dial on demand
#demand
#idle 180
defaultroute
hide-password
noauth
```
and
##### /etc/ppp/chap-secrets
```
# Secrets for authentication using CHAP
# client server secret IP addresses
"NAME.SURNAME@tiscali.it" * "123456"
```
(replace 123456 with your password)
Finally you can switch on the service like:
```
ppp call tiscali
```
you can use `journalctl -f` and check whether things are going fine.
Systemd automatization can be created with the help of [these scripts](https://gitlab.com/jimdigriz/debian-clearfog-gt-8k/-/blob/master/README.md).
## Long Story
The FFTH service comes with a **GPON** ([gigabit-capable passive optical network](https://en.wikipedia.org/wiki/G.984)), and I wanted to connect the PC with my self hosted services directly to its ethernet port, bypassing the big black box (ZTE H388X a.k.a. ZTE Modem Tim Hub+) customized with some mysterious proprietary firmware from TISCALI (I asked, of course they don't share it).
Needless to say, using the credentials that TISCALI gave me directly with `pppd` on my ethernet interface did not work. The logs and the error messages are
```
pppd[1336]: Plugin pppoe.so loaded.
pppd[1336]: PPPoE plugin from pppd 2.4.9
pppd[1337]: pppd 2.4.9 started by pie, uid 0
kernel: NET: Registered PF_PPPOX protocol family
pppd[1337]: Timeout waiting for PADO packets
pppd[1337]: Unable to complete PPPoE Discovery
```
For some reason, nobody replied with an *Offer* (PADO) to my request for a PPP *Initiation* (PADI). Not much gained from the error message, so the only way to find how to talk to the PPPoE server is to collect a working setup.
I managed to sniff the traffic between the modem and the GPON with this fantastic Ethernet Hub from the 90s!
![HUB](README.assets/hub1.jpeg)
The approach is [like this](https://wiki.wireshark.org/CaptureSetup/Ethernet#capture-using-an-ethernet-hub):
![](README.assets/Capture-switch-hub-ws.png)
The packets captured just after switching on the ZTE H388X are shown here:
![packets](README.assets/packets.png)
There are basically three steps:
* Red box: a termination request. Probably to clean up everything before starting a new session.
* Yellow box: the PPP Initialization starts from the ZTE and is followed by an Offer from the Cisco server.
* Green box: the authentication, with CHAP protocol.
When using `pppd` the first packet is a PADI, which looks exactly the same as the one in No. 7 above, except for the 802.1Q part shown by the blue arrow. That was indeed the trick: the server replies only is the PADI request comes from a VLAN with ID:835.
Setting the PPP device to a newly created vlan with
```
`ip link add link eth0 name eth0.835 type vlan id 835`
```
makes the Cisco server happy and it promptly replies to our PADI packet.