[pptp-server] PPTP and NAT?

David Luyer david_luyer at pacific.net.au
Tue Jul 18 08:04:59 CDT 2000


> Your second option works, but doesn't scale very well. When my remote customer
> gets up to wanting 10 or 20 clients, I'm in big trouble! :-)

Get more IP space :-)  GRE, VoIP and HTTPS web serving are 3 things which
don't yet work properly with NAT for multiple users behind the one IP address,
you need at the least a pool of IP addresses at one end.  Or go to IPv6. :-)

> As for the third option, where can I read more about it?  I've never even heard
> of 'PNS'.

Basically in PPTP there is a "call number" contained in the GRE stream.
We simply check it is the "right" call for the IP address; we don't multiplex 
multiple "calls" between two IP addresses.

This support is needed to implement the "network server" side of the PPTP
protocol, whereas we're implementing the "access server" side.  In the IP
tunnelling mode, the 'server' implements the 'access server' side and the
'client' uses the 'network server' side.

PPTP was originally designed to work in a different way.

Basically users dial up to a dial box via PPP.  That dial box implements
the "access server" side and has dozens of connections to the back end
server implementing the "network server" side of PPTP.  Then the dial box
doesn't need to do any authentication of users, it's all up to one central
"network server".  As you can see, quite different from using PPTP for
IP tunnelling - but it requires the same feature, de-multiplexing the
GRE packets based on call number to line them up with a specific PPP session.

I once (many months ago, maybe a year....) documented a design which could
be used to do this efficiently (most obvious designs have horrid scalability 
limitations) but it was never implemented - I didn't have the time then and
I have even less time now...

David.
-- 
----------------------------------------------
David Luyer
Senior Network Engineer
Pacific Internet (Aust) Pty Ltd
Phone:  +61 3 9674 7525
Fax:    +61 3 9699 8693
Mobile: +61 4 1064 2258, +61 4 1114 2258
http://www.pacific.net.au        NASDAQ: PCNTF
<< fast 'n easy >>
----------------------------------------------





More information about the pptp-server mailing list