I'm a student with time on my hands who's recently become interested in PPTP. I would like to try to add some support for the PPTP protocol in the kernel.
PPTP (Point to Point Tunneling Protocol) was created by a "vendor consortium" including Microsoft, and is described in RFC 2637. It can be used to create VPNs, and is well supported by Windows and Mac OS. A PPTP connection consists of a control connection, which is a TCP session conventionally at 1723, and an "enhanced GRE" tunnel over IP. Only one PPTP connection can exist between two computers, by the specification and because of the nature of the GRE tunnel. Multiple "calls" can be established between the two computers, initiated over the control connection, and then continued using a bare PPP session carried through the GRE tunnel. PPTP is currently supported under linux with the use of userspace programs (pptp or pptpclient and pptpd or Poptop). The kernel is only involved after the PPP connection is established; it handles the PPP packets in the much same way that it handles PPP over analogue or ISDN phone lines, reading/writing packets to/from a tty; in this case the tty is a pseudo-terminal connected to a userspace program. I would like to add support for handling the "Enhanced GRE" tunnel into the linux kernel. The kernel could handle the multiplexing/demultiplexing of PPP connections within the tunnel. Userspace could still handle PPP initiation (using pppd) and the control connection. Possible justifications: Efficiency/sanity - As far as I can tell, PPP over phone lines is encapsulated in HDLC, which provides error correction and an inorder unreliable packet based connection; this is not used in PPTP and must be synthesized by the userspace program in order to use the kernel PPP interface. Efficiency - its undesirable to have to copy the contents of each packet to userspace so it can remove the "Enhanced GRE" header, and then copy it back into the kernel to handle the PPP connection. Precedent - More of PPP over Ethernet is implemented in kernel than PPTP. In order to get this working, I need to write a kernel module which handles the "Enhanced GRE" protocol (IP protocol 47). Unfortunately, the existing support for GRE tunnels in ipv4/ip_gre.c already handles the (original) GRE protocol. This means that GRE tunnels and PPTP could not be supported by the same kernel. "Enhanced GRE" packets can easily be distinguished from the packet format currently handled by ip_gre.c by the version field (1 and 0 respectively IIRC). Its possible that the current GRE tunnel support could be extended to support "Enhanced GRE" packets. I think the best solution would be to write a new tunneling module, and add a lightweight version-independant GRE layer between the tunneling modules and IP protocol 47, dispatching packets to the appropriate module based on version. In either case, the new code would use the kernel PPP generic layer after the connection was configured by pppd. It is the kernel interface to pppd over which I am a little hazy. The kernel support for PPP over Ethernet should provide a good example of how to do this, but I haven't been able to understand the userspace side of the PPP over Ethernet support. My best guess is that pppd is modified (using a plugin) to work without HDLC, and instead of a using tty it opens a special socket. As an alternative, it would be possible to create the PPP network device in a similar way to a normal GRE tunnel, using the "ip tunnel" command, and for pppd to access this device using a packet socket - which seems like a more elegant solution to me. Regards, Alan All contributions gratefully accepted. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
