This page documents the NetServers extensions to pptpclient, a free PPTP client for Linux developed by C. S. Ananian and many others. NetServers is distributing these extensions as freely available patches to pptpclient. They have been integrated into the latest CVS version of pptpclient, and will hopefully be in the next major release at some point.
Patch and documentation written by Chris Wilson for NetServers.
The main goal of this patch is to support packet reordering,
which allows packets to be received by the client out of order, and returns
them to the correct order for pppd. The standard client will simply throw
away out-of-order packets, with a log message like discarding out-of-order
seq is 1657 seqrecv is 1658
.
Normally, out-of-order packets are very rare on the Internet. However, one ISP in Britain, NTL's cable modem service, reorders small packets ahead of large ones. This is probably supposed to make interactive sessions respond better when large downloads are in progress, but it also makes pptpclient almost unusable in some situations.
You can easily test this by running a command like 'ping -s 1510 1.2.3.4', where 1.2.3.4 is a host running pptpclient, on the other side of your tunnel, and 1510 is just higher than the MTU of the tunnel. This will cause a pattern of large-fragment small-fragment GRE packets to be sent to the other side. If the other side is an NTL cable modem, the small packets will almost always arrive before the large ones, and pptpclient will drop them.
We have added several new features to pptpclient:
--debug
, to pptpclient.
Currently, all this does it prevent pptpclient from going into the background.
It also tidies up the indenting of the option-handling code in pptp.c. This is
optional.
Packets which are below the window (older than the most recent packet read) or above the window (too far ahead) are discarded, to protect against denial-of-service attacks.
Please be aware that the CVS contains the very latest version of the software, and as such has not been extensively tested.
The version used in our FireRack firewalls is the CVS tree from 16/08/2002. You can download a patch below which contains all our code, and a few changes by other developers. This patch applies to the last stable release of pptpclient, version 1.1.0, and upgrades to to that CVS version.