Linux being friendly to TM Unifi

Well, we just installed TM Unifi Biz 10. Smoking fast. Unfortunately TM choose to bundle it with retarded Dlink DIR-615 G2, which keeps crapping every other day under heavy network traffic. So just like any good engineer cool, it's time for an overly complicated solutions. With this setup, you can completely eliminate the Dlink router, and plug the LAN cable from FTTH equipment directly to your Linux box. Again, since we are using Unifi Biz,  no idea whether home users with VIP package can use this same technique.

Our firewall is running Debian 6.0, so the settings given here might need some changes for non-Debian users.

0. Pre-requisite. Make sure you have "vlan" package installed (apt-get install vlan). Then add 8021q in your /etc/modules (echo 8021q >> /etc/modules ; modprobe 8021q). We need VLAN support in order to communicate with the FTTH box.

1. Add the following lines in /etc/network/interfaces

auto eth0.500
iface eth0.500 inet static
        address 192.168.0.2
        netmask 255.255.255.0
        vlan_raw_device eth0

auto unifi
iface unifi inet ppp
provider unifi
 
The IP can actually be anything. eth0 is the interface that you use to connect to the FTTH equipment supplied by TM. Why eth0.500? Again eth0 is your NIC connected to FTTH box, 500 is VLAN the FTTH box use to carry PPPoE session.
 
2. Add the following lines in /etc/ppp/peers/unifi
noipdefault
defaultroute
replacedefaultroute
hide-password
lcp-echo-interval 30
lcp-echo-failure 4
noauth
persist
mtu 1492
persist
maxfail 0
#holdoff 20
plugin rp-pppoe.so eth0.500
user "toot@unifibiz"
 
Obviously you need to change toot@unifibiz with your actual Unifi ID.
 
3. Add the following in /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
"toot@unifibiz" * "replace_with_your_unifi_password"
 
Again, replace where it is obvious to do so...
 
4. Restart network with service network restart. Tadaa, after 2-3 seconds you should have ppp0 interface with your Unifi IP. And...since you are directly "dialling" the session, you actually have TWO public usable IP instead of one - they are assigning /30 subnet to you. If TM assigned 111.111.111.111 as your IP, the ppp0 interface will have the 111.111.111.111 IP, and you can use 111.111.111.112 however you like. For example, you can assign the public IP to another box on your network and proxyarp it to your Debian box. Neat eh?