PPP over Ethernet Protocol

for Windows 2000/XP/2002

(If you are using Windows 98/98SE/ME, please click here)

written by Robert Schlabbach

Version 0.96, May 29th, 2001


1. Introduction

2. Installing the PPP over Ethernet Protocol

3. Creating PPP over Ethernet Dial-up Connections

4. Removing the PPP over Ethernet Protocol

5. Advanced Protocol Features

6. Troubleshooting

7. Known Issues

8. Revision History

9. Contacting the Author

1. Introduction

Welcome to RASPPPOE, a PPP over Ethernet (short: PPPoE) implementation for Windows 98/98SE/ME/2000/XP/2002. PPPoE as a method for establishing PPP connections through Ethernet adapters is described in RFC 2516 and is used by many broadband service providers to allow authentication and maintain the familiar "dial-up experience" when connecting to the Internet through a broadband modem. Although there are other PPPoE implementations for Windows, this one still has its unmatched strong points:

To install this protocol, please follow the installation instructions carefully. If you have problems using it, see Troubleshooting for help. If you are successfully using this protocol, you can check if you find any of the advanced features useful. You may also want to know about the known issues. Users upgrading from a previous version of this protocol should check the Revision History to find out what changed. If you want to get in touch with me, see Contacting the Author.

- Robert Schlabbach

License and Disclaimer

This driver, installation files and documentation is all Copyright (C) 2000-2001 by Robert Schlabbach. All rights reserved. It is distributed without any warranty. Use at your own risk. You may use and copy it complete and unmodified free of charge for non-commercial purposes only. Commercial exploitation, redistribution for commercial purposes, especially redistribution by Internet service providers as "their" service to their customers, is strictly prohibited. Internet service providers must purchase a license for distribution to their customers. The licensed version additionally features an installer, which typically requires no reboot and leads the user to the first login for an "instant success" customer experience. For licensing details please contact me.

2. Installing the PPP over Ethernet Protocol

3. Creating PPP over Ethernet Dial-up Connections

PPP over Ethernet dial-up connections can be most conveniently created with the Dial-up Connection Setup application provided with the protocol, which creates dial-up connections with all the correct settings at the click of a button.

4. Removing the PPP over Ethernet Protocol

Note: The protocol is not completely removed from your machine at this point due to shortcomings of Windows, which prohibit a complete removal. The pieces that are left behind are not harmful in any way, but if you want to get rid of every little bit of this protocol, here is what's left behind:

5. Advanced Protocol Features

This section covers the advanced features of the protocol. Average users should be perfectly happy with the default settings, although specifying the link speed to display may be of interest. Users having problems with VPN software might try if overriding the MTU reported by the protocol helps. Users with flat rate Internet access may be interested in making the connection "always on". If you are interested in using the protocol's server capability, please see Enabling the protocol to act as a PPPoE Access Concentrator.

To bring up the protocol settings for an adapter:

The General tab offers the following settings:

5.1 Limit TCP MSS Maximum Segment Size (MSS) Option

When using Internet Connection Sharing, the client machines are completely unaware of the packet size restrictions imposed by the nature of PPP over Ethernet (in contrast to e.g. modem or ISDN connections, which allow passing arbitrarily sized packets). Typically, a client assumes that packets of up to 1500 bytes can be passed and thus indicates a Maximum Segment Size of 1460 bytes (1500 bytes minus 40 bytes for the TCP and IP headers) when opening a TCP session, resulting in either side of the connection sending packets up to 1500 bytes in size, too large to pass through a PPP over Ethernet connection, which can only pass packets up to 1492 bytes in size. These oversized packets are then often silently dropped at either side of the PPP over Ethernet connection, leading to delays or hangs when accessing the Internet from a client.

To work around this problem, this option makes the protocol scan all network packets it sends and receives for the TCP Maximum Segment Size (MSS) option and, if a value greater than either the default (1492) or the overridden MTU minus 40 for the IP and TCP headers (i.e. 1452 in case of the default MTU) is found, change it to this value, recalculate the TCP checksum and pass the modified packet. This option is enabled by default. If you are not using Internet Connection Sharing, you can disable this option to save a little (very little) CPU power, although leaving it enabled has no negative side effects.

5.2 Override Maximum Transfer Unit

By default, the protocol will report an MTU of 1492 bytes, the maximum possible for PPP over Ethernet. However, you can use this option to override the MTU initially reported by the protocol. Making the protocol initially report a lower MTU was found to help with certain VPN software packages which "blindly" add their own overhead without paying any respect to the MTU reported by the driver, making the network packets too large to pass through a PPP over Ethernet connection. Check the Override Maximum Transfer Unit checkbox and type the MTU the protocol should report in the Maximum Transfer Unit (MTU) edit box. The valid range is 576 through 1492 bytes. Reducing the MTU by 32 bytes to 1460 should generally suffice to make misbehaved VPN software work. Note: Regardless of this setting, the protocol will always send and receive packets of up to 1492 bytes. Only the MTU initially reported by the protocol (the MaxFrameSize value in response to the OID_WAN_GET_INFO request) and, if enabled, the TCP MSS option limit are affected by this setting.

For any changes to this setting to take effect, you need to disable and re-enable the Local Area Connection for the corresponding network adapter once, or reboot.

NOTE: This option will only "stick" if you enter an MTU other than 1492. If you only check the checkbox, but leave the MTU at 1492, the protocol will recognize the default value and clear the checkbox the next time you open the properties dialog, because the MTU was not actually overridden.

5.3 Number of lines (WAN endpoints)

The protocol is capable of running several simultaneous PPP over Ethernet sessions through one adapter. This feature will probably be very rarely - if ever - needed. To allow this, you can configure the number of WAN endpoints (dial-up devices) the protocol exposes for a network adapter. The default is 1, and up to 10 WAN endpoints can be configured. This setting requires a reboot to take effect.

The Advanced tab offers the following settings:

5.4 Specify Link Speed

By default, the protocol will report the speed of the network adapter you are connecting through as the speed of a dial-up connection you make through it, as it cannot find out the actual speed of your broadband modem. However, you can specify the connection speed the protocol should report for connections through a specific adapter. To do this, check the Specify Link Speed checkbox and type the link speed the protocol should report in the Link Speed (kbps) edit box, in kilobits per second. If you want to revert to displaying the adapter's link speed, clear the Specify Link Speed checkbox. Note: This setting has absolutely no effect on the network traffic through this adapter; it is purely a cosmetic setting. This setting takes effect the next time you establish a PPP over Ethernet connection.

5.5 Event Logging options

The protocol can inform you about informational events, warnings and errors during operation by logging events to the System event log. By default, the protocol logs all types of events, which should result in no log entries during flawless operation. If you find the event log flooded with repeated entries despite flawless operation, you can disable logging that type of event by clearing the corresponding checkbox. Clearing all checkboxes prevents the protocol from logging any events.

You use Event Viewer to view any events logged by this protocol:

Beyond these settings, the protocol offers the following possibilities:

5.6 Making a dial-up connection "always on"

Users who enjoy flat rate Internet access may find it desirable to turn their connection into an "always on" connection that is established once when the machine boots (before any user logs in) and kept until the machine is shut down. To make your dial-up connection "always on", follow these steps:

Run REGEDIT and navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Then right-click the right-hand pane, select New -> String Value, name the value KeepRasConnections and set it to 1.

5.7 Addressing a specific Service and/or Access Concentrator

In most cases, there is no need to address a specific Service or Access Concentrator. But should you have a need to do so, you can use the phone number field of your dial-up connection to specify a Service, Access Concentrator or both. The following phone number formats are possible:

  1. Blank or "0": The protocol will connect to the default Service of the first Access Concentrator that replies to the connection request.
  2. "Service-Name": The protocol will connect to the first Access Concentrator that replies offering the requested Service.
  3. "Access-Concentrator\": The protocol will connect to the default Service of the named Access Concentrator.
  4. "Access-Concentrator\Service-Name": The protocol will connect to the requested Service of the named Access Concentrator.

The RASPPPOE application uses format A for the phone number if you create a connection for an adapter and format C or D if you create a connection for a specific service.

5.8 Enabling the protocol to act as a PPPoE Access Concentrator

The protocol is able to act as a PPPoE Access Concentrator (server). This feature can be used for testing purposes, but also offers a future potential for advanced provider services like instant messaging or instant e-mail even for users who are offline at the time a message is received. The server capability is fully integrated with the operating system's Incoming connections component. No PPPoE-specific configuration is needed. The protocol uses the current Computer Name as the Access Concentrator Name and offers any Service Name requested by a client. Note that the protocol will not offer any services until you explicitly enable its dial-up devices to accept incoming connections. To do this, follow these steps:

For further help on using Incoming Connections, please refer to the operating system's documentation on this topic.

6. Troubleshooting

This section helps you with possible problems you might encounter during the installation and use of the protocol.

6.1 Right after installation of the protocol, the Local Area Connection properties window lists no components

This happens when the protocol could not be properly installed and appears to be a bug in Windows. Clicking the OK button at this point gives an error message that no components are installed. Click the Cancel button to close the properties dialog and then re-open it again to get the list of components back. Select PPP over Ethernet Protocol in the list, click the Uninstall button and confirm to remove the bad installation. Before you make another installation attempt, make sure that Windows is not set to block the installation of unsigned drivers:

If File Signature verification is set to Warn - Display a message before installing an unsigned file, make sure you click "Yes" (Windows 2000) or "Continue Anyway" (Windows XP/2002) every time in the warning dialog box that comes up during the protocol installation. Clicking any other button even just once will prevent proper installation and result in the same problem.

If you still cannot install the protocol properly, do the following: Locate the file SETUPAPI.LOG in your WINNT directory and delete it. Make another installation attempt (which will probably fail as well). Then check your WINNT directory again for the file SETUPAPI.LOG and load it into a text editor, e.g. NOTEPAD. The contents of this file should give you some hints abut the cause of the installation failure.

6.2 RASPPPOE application does not list the desired adapter

First, be aware that you can use this protocol only on Ethernet adapters. As PPP over Ethernet only works over Ethernet, the protocol will only bind itself to Ethernet adapters (NdisMedium802_3). Adapters that do not support this medium type (e.g. internal or USB broadband modems that do not expose a standard Ethernet interface through their driver) are not supported by this protocol.

You should make sure that the Local Area Connection for the adapter in question is enabled:

If the adapter still does not show up, make sure that the protocol is enabled for the adapter in question:

If the adapter still does not show up, try the following:

6.3 RASPPPOE application reports "RASPPPOE - No Service Offers Received" when querying available services

This error message means that the protocol did not receive any response from your service provider. You should check the following things in order:

  1. Check if your broadband modem has successfully established a link with its counterpart. Most DSL modems have a Sync LED on them which indicates this status. If your modem has such an LED and it indicates that the link is down, contact your service provider for assistance.
  2. Check in Device Manager if the network adapter your broadband modem is connected to is enabled and working properly.
  3. Check if your network adapter is correctly configured: Bring up Device Manager, select the network adapter your broadband modem is connected to and click Properties. In the Properties window, select the Advanced tab, look through the options and make sure that the correct Line Speed and duplex mode is selected (most DSL modems only support 10Mbps half duplex mode). If your network adapter has several connectors at the back, make sure the correct connector is selected, which is most likely Twisted Pair (TP).
  4. Check that the cable connecting your broadband modem to your network adapter is properly attached and of the correct type. Note that broadband modems typically have a "crossed" connector on them, so you will need a straight cable to connect it directly to a network adapter, while you need to use a crossed cable or use an uplink port to connect it to a hub or switch.
  5. Check with your service provider whether they currently have a service outage.

6.4 Connection attempt fails with "Error 797: The connection failed because the modem (or other connecting device) was not found."

This can be the result of unbinding the protocol from an adapter and then re-binding it, which may not have taken effect (see Known Issues). Follow these steps to put the change into effect:

If that did not help, the dial-up connection you created may be configured to connect through a "ghost" dial-up device that no longer exists. Do the following to remedy this:

6.5 Connection attempt fails with "Error 678: There was no answer."

First, you should check whether you can get any reply from your service provider with the Dial-up Connection Setup application provided with the protocol:

If you do not want to connect to a specific Service and/or Access Concentrator, make sure the Phone number field of your dial-up connection is really completely blank.

6.6 Connection attempt fails with "Error 651: The Modem (or other connecting device) has reported an error."

If you have not rebooted since the installation of the protocol and the machine was in Standby mode since, this is a known issue. Simply click the Redial button. The second connection attempt will proceed without this error. You'll get it once each time after waking the machine from Standby until you reboot the machine. Then the protocol will work flawlessly even right after waking the machine.

6.7 Connection is successfully established, but some (or all) Internet websites do not load properly

This is usually a sign of an MTU problem. You should determine the Path MTU to the problem site(s) (Note: The method described here does not work with all servers. If you get no reply at all from a server or a number below 548, you cannot determine the Path MTU to this server):

Connect, open a Command Prompt and run

ping -f -l xxxx Address

Where Address is the name or IP address of the server you have problems accessing. For xxxx, start with 1464 and lower the number until you get a reply. Then add 28 to the highest number at which you get a reply. The result is the Path MTU.

Example: You start getting replies at ping -f -l 1372 Address. The Path MTU is 1372 + 28 = 1400 bytes in this case.

Normally, the Path MTU to all servers should be 1492. However, some service providers appear to have a configuration problem which reduces the Path MTU. If you determine a Path MTU lower than 1492 to several (or all) servers on the Internet, you should enable the MTU override option and set it to the Path MTU you determined. After that setting has taken effect, all sites with a Path MTU greater than or equal to the value you set should load properly.

6.8 Cannot get the Routing and Remote Access Service (RRAS) to work with the PPPoE connection

A common cause of this is that RRAS was incorrectly set up to use a network adapter for Internet access, which bypasses the PPP over Ethernet Protocol. When setting up RRAS with the configuration wizard, you are first presented with a list of network adapters in your system. Do not select any of these entries. Instead, look for an option to create an on-demand dial connection below and select that. A few steps later, an on-demand dial wizard should come up, which offers a list of dial-up devices, in which you should find an ISDN channel with the name of your network card. Select this device to make RRAS work with your PPPoE connection.

If the list of dial-up devices does not contain the mentioned device, you may first have to enable it for use with RRAS. Look through the RRAS Management Console for a list of ports. This list should contain the mentioned dial-up device. You can right-click the device in this list and find an option to enable it for use with RRAS.

6.9 The "Override Maximum Transfer Unit" option does not remain checked

This option will only "stick" if you enter an MTU other than 1492. If you only check the checkbox, but leave the MTU at 1492, the protocol will recognize the default value and clear the checkbox the next time you open the properties dialog, because the MTU was not actually overridden.

6.10 The System Event Log contains "Received a PPPoE Session packet for an unknown session" warnings

This warning merely means that the protocol received a PPPoE packet it could not attribute to any of its connections and is usually not a sign of any malfunction. One possible cause of this is your service provider sending one more packets after the connection has been terminated. This can also be caused by using another PPPoE implementation on the same machine. In that case, the System Event Log may end up being flooded with these warnings. You can prevent this by disabling the Log Warnings checkbox in the protocol's Event Logging options.

7. Known Issues

This section documents known issues with the protocol.

7.1 Binding/unbinding the protocol to/from a network adapter takes effect immediately and cannot be canceled

When you bring up the Properties of a Local Area Connection and toggle the checkbox next to PPP over Ethernet Protocol, the binding change takes effect immediately, i.e. it is not deferred until you click OK or Cancel, and you cannot cancel the change. This is merely annoying when accidentally checking the checkbox, as you can clear it again with no harm done. However, if you accidentally clear the checkbox, simply re-checking the checkbox may not be sufficient to make the protocol work on that adapter again, due to this known issue.

Background: This protocol is implemented as an NDIS intermediate driver with a different upper edge (ndiswan) than lower edge (ndis4, ndis5). As such, it does not qualify as a filter driver and thus requires its own Notify Object (implemented in RASPPPOE.DLL) to install and remove miniport instances for the bound adapters and to communicate the names of the installed device instances to the protocol portion of the driver via the registry. When the user brings up the connection properties dialog box, the only way for the Notify Object to tell whether the user clicked OK or Cancel is that its ApplyRegistryChanges() and ApplyPnpChanges() member functions are only called in the former case, but not in the latter. So the right thing to do would be install and remove the miniport instance(s) in one of these functions - but that does not work, because a reentrancy check in the Windows network configuration library blocks all calls to INetCfgClassSetup::Install() and INetCfgClassSetup::DeInstall() at that point for fear the developer might have overlooked the possibility that these calls could lead to another invocation of the Notify Object's member functions that requested the installation or removal, which could lead to endless installation loops if the writer of the Notify Object was not smart enough to set a flag to prevent this. This makes it impossible to install and remove miniport instances from these Notify Object member functions. To work around this problem, the PPP over Ethernet Protocol does all installation and removal in the Notify Object's NotifyBindingPath() member function, which is unfortunately called immediately when the user toggles the checkbox. Thus, the change takes effect immediately and cannot be canceled.

7.2 After initial installation, binding the protocol to a network adapter may not take effect

If you unbound the protocol from a network adapter by clearing the checkbox next to the PPP over Ethernet Protocol in the Properties of a Local Area Connection, binding the protocol to the network adapter by checking the checkbox again may not take effect, although you get no notification of this. If you unbound the protocol from all network adapters, the first binding you re-enable will take effect, but subsequent ones will not. There are three possible solutions in this situation:

  1. Locate the Local Area Connection of the adapter in question, right-click it and select Disable. Then, right-click it again and select Enable. This will make the protocol work again. Note, though, that this temporarily disrupts any other network traffic you might run through this adapter.
  2. Click the Uninstall button to remove the protocol completely and then click the Install button to re-install it. After re-installation, you will be able to use the protocol over that adapter immediately without a reboot, but you will see "ghost" dial-up devices in your dial-up connection properties. These will go away when you reboot. See this known issue.
  3. Reboot. After the reboot, the protocol will work on this adapter again.

Background: After the initial installation, the protocol driver is already running in memory. When the user checks the checkbox next to PPP over Ethernet Protocol, the Notify Object receives notification of a new adapter to bind to and calls INetCfgClassSetup::Install() to install a corresponding miniport device instance - and the Windows network configuration library makes the bad mistake of invoking the protocol driver's ProtocolBindAdapter() function before returning control to the Notify Object. This creates a semi-deadlock situation: ProtocolBindAdapter() needs the name of the installed miniport device instance before exiting, but only the Notify Object can provide that information, and the Notify Object cannot find out the name before the INetCfgClassSetup::Install() function returns control - and that will not return control until ProtocolBindAdapter() exits. Thus, the ProtocolBindAdapter() function fails to initialize the miniport device instance and the protocol will not work on the adapter. The Notify Object will still create the required registry values afterwards, and when re-initializing the adapter by disabling and re-enabling its Local Area Connection or upon the next reboot, ProtocolBindAdapter() will successfully initialize the miniport device instance and the protocol will work on the adapter.

7.3 The protocol's dial-up devices show up as ISDN channels and a meaningless ISDN Configuration is offered

When you open the properties of a dial-up connection, you will find the protocol's dial-up devices listed as "ISDN channel - Adapter Name". Selecting a dial-up device and clicking the Configure... button brings up an ISDN Configuration window with settings that are meaningless to PPP over Ethernet. The reason for this is that the dial-up devices are declared as ISDN devices to the system to make on-demand dialing for Internet Connection Sharing work. While the incorrect display can be confusing, it does no harm.

Background: It was found that the Remote Access Auto Connection Manager service will only use modems, ISDN and X.25 devices for on-demand dialing, but not "generic" devices, as this protocol's dial-up devices were formerly declared. This is apparently a bug in Windows 2000.

7.4 After uninstalling the protocol or unbinding it from a network adapter, its dial-up devices are still shown until you reboot

When you unbind the protocol from an adapter or even completely uninstall the protocol, the dial-up devices it created are still shown in a dial-up connection's Properties box and will not go away until you reboot. When you re-bind to an adapter or re-install the protocol without rebooting, you will see double entries per adapter, with one having an additional number in brackets in the name. This is a bug in Windows; even WAN miniports shipping with the operating system exhibit this behavior. While the additional entries do no harm, they can be confusing. They will be gone after a reboot.

Background: This issue is known to Microsoft and currently intended behavior. They found that TAPI is leaking memory when a line device is removed and thus temporarily "fixed" this by simply blocking line device removal. Microsoft is supposedly working on a fix.

7.5 Uninstalling the protocol leaves files behind and the driver may not be unloaded from memory

If you are running Windows 2000, when you uninstall the protocol, the protocol's Notify Object, RASPPPOE.DLL is left behind in your \WINNT\SYSTEM32 directory and the driver may remain loaded in memory until you reboot. The DLL left behind can be safely deleted after uninstalling the protocol. The latter issue poses a problem should you upgrade to a newer version of this protocol. Although the installation will put the new driver file on the hard disk, Windows 2000 will continue to use the old driver version still resident in memory instead of loading the new version from hard disk. To unload the driver from memory, you must first unbind the protocol from all network adapters by clearing the checkbox next to PPP over Ethernet Protocol in each Local Area Connection on your machine. Then click the Uninstall button to remove the protocol. If you uninstalled the protocol without unbinding it from all network adapters first, you will have to reboot for any new driver version to be actually loaded.

Background: Although there is a DelFiles directive in the protocol's INF file to delete RASPPPOE.DLL, the DLL is still locked in memory at the time the directive is supposed to be carried out. Microsoft has already acknowledged that this is a bug in the Windows 2000 binding engine which they need to fix. The driver unloading issue occurs with Microsoft's PASSTHRU DDK sample as well and has been acknowledged by Microsoft. Both issues are fixed in Windows XP/2002.

7.6 If there was no reboot since installation, the first connection attempt after waking the machine from Standby fails with error 651

When the machine has not been rebooted since installation and is woken from Standby, the first connection attempt through this protocol fails with "Error 651: The Modem (or other connecting device) has reported an error." Any further connection attempts proceed without this problem. If the machine is rebooted, the problem goes away entirely.

Background: The cause of this problem is unknown. In this situation, the protocol receives the same TAPI OIDs as for any other (successful) connection attempt and handles them just the same, but just at the point where the OID_TAPI_MAKE_CALL request would have to come, this error message comes up instead. The protocol did not show any extraordinary failures, so the error must occur within NDISTAPI itself. This is probably a bug in Windows 2000.

7.7 When a dial-up connection is made "always on", it is not properly terminated when shutting the machine down or rebooting

When you configure a PPP over Ethernet dial-up connection to be "always on", the connection will not be properly terminated when shutting the machine down or rebooting. This causes problems with service providers who take very long to detect such a dropped connection and limit the number of concurrent connections - after several reboots, you may find yourself to log on to your service provider for some time. To work around this problem, always disconnect your "always on" connection manually before rebooting.

Background: Investigation revealed that the protocol receives no indication that the system is going down. Neither the MiniportHalt(), nor the ProtocolUnbindAdapter(), nor the ProtocolPnPEvent() and not even the ProtocolStatus() handler are called to indicate the shutdown. Thus, it is not possible for the protocol to terminate its outstanding connections prior to the shutdown. This is apparently a shortcoming of Windows 2000.

8. Revision History

9. Contacting the author

Before contacting me, please bear in mind that you are getting this piece of software for free. You cannot expect me to spend my time providing "tech support". If you have a problem that you cannot resolve after reading above documentation thoroughly, please do the following:

  1. Check if there is updated information or a newer version of this protocol available on the RASPPPOE Home Page.
  2. Check the System Event Log for any events logged by the protocol:

Of course, developer suggestions for fixing the known issues, success stories (please mention your service provider, so that I know which ones this protocol works with) or just "thank you" notes are always welcome.

You can contact me via the e-mail address normanb@cs.TU-Berlin.DE.