Overview

POETRI was developed for Internet access via xDSL with PPPoverEthernet (RFC2516) protocol from Windows 9x/ME or Windows NT 4.0/2000/XP. POETRI offers an alternative to RAS for Internet access via xDSL for Windows 9x/ME or Windows NT 4.0/2000/XP.

POETRI provides a software solution for connecting multiple computers in any small office/home local area network environment or educational network to the Internet using a single official IP address. POETRI makes use of the Internet routing capabilities of the Microsoft TCP/IP stack, there is no need to replace the Microsoft TCP/IP stack by a third party TCP/IP stack. Developed for computing environments with one IP address, POETRI forwards packets between the WAN and the IP kernel with address/port translation. In work groups with several real IP addresses POETRI can forward all packets unchanged to the IP kernel.

The number of users supported is only limited by the bandwidth of the connection. POETRI can provide standalone or work group users with full access to Internet applications and resources, e.g. WWW, e-mail, telnet, ftp. Hosts in the LAN can accommodate almost any client node, including PC's Mac's, and Unix machines, as long as they are running a TCP/IP stack.

POETRI is installed as a standard LAN interface NDIS driver. POETRI communicates with the xDSL device using the PPPoverEthernet standard. Because of this, POETRI is completely hardware independent. POETRI can be installed and used in parallel to NT RAS.

POETRI supports IP-Masquerading (Network IP Address Translation + Port Mapping ), a technique which allows multiple hosts on a private LAN to share a single IP address.
Private LAN addresses must be mapped to registered IP addresses supplied by your Internet Service Provider. This is known as Network Address Translation. POETRI supports NAT (Network IP Address Translation) as specified in RFC 1631.
Port Mapping works by keeping track of source port numbers used by TCP and UDP applications, and mapping each port number to a new number prior to transmission of the packet onto the Internet. A packet received from the Internet will have a destination port number equal to the mapped source port number, and so the original port number and IP addressee can be restored after a table lookup.

POETRI supports DNS Interception for local name lookups. DNS address queries from all LAN clients can be intercepted and answered from a local name table. Optionally DNS queries to pre configured DNS server addresses can be redirected on the fly to dynamic assigned name server addresses.

POETRI comes with a built-in packet filtering Firewall. Extended packet filtering helps you to protect your LAN from attacks from the Internet. Packets can be filtered on host, protocol and port basis. To simplify configuration a learning mode is provided.

POETRI has a built-in DHCP Server for automatic client configuration.
A RIP Server can announce POETRI as standard gateway of your LAN

With the Remote POETRI Client you can control your connection from clients on your LAN.

POETRI counts online time and transfered data volume. New connections can be disabled, if a limit is exceeded.

POETRI is Shareware
POETRI, as it is provided, is a demo version. You may test the software for 30 days without any obligation. The demo version of POETRI will stop forwarding data 15 min after startup.
Registration details you will find in order.txt.

---

Installation

Installation of POETRI

1. The Installer unpacks the POETRI software into the selected directory, e.g.: C:\Programs\POETRI
2. The installation of the network components requires Administrator privilege on Windows NT/2000/XP.

3. Installation of the virtual Network Adapter:

   Windows 2000/XP:

   Use the Hardware Wizard to install the Network adapter PPPoEthernet Adapter. The driver is supplied in your POETRI directory. The installation will automatically install and bind the haneWIN Packet Service to the Adapter and create a new LAN connection.

   Windows NT:

   Use the Network Control Panel to install the Network adapter PPPoEthernet Adapter. The driver is supplied in subdirectory WINNT.

   Windows ME:

   Use the Hardware Assistant to install the Network adapter PPPoEthernet Adapter. The driver is supplied in subdirectory WIN95.

   Windows 95/98:

   Use the Network Control Panel to install the Network adapter PPPoEthernet Adapter. The driver is supplied in subdirectory WIN95.

4. The TCP/IP parameters for the new adapter are configured by POETRI automatically. Only if your provider assigned a fixed IP address to your connection configure this IP address for the adapter.

   Details about configuring TCP/IP parameters for LAN access you will find below.

5. Reboot Windows.

Configuration of POETRI

1. Run POETRI.EXE. Make sure that the virtual network adapter PPPoEthernet Adapter is installed.
2. If you have more than one Ethernet interface, make sure that the interface connected with your xDSL modem was found. Check it under Preferences-xDSL.
3. Run TAPRI.EXE. Make sure that the virtual network adapter PPPoEthernet Adapter is installed.
4. Select and configure a modem under Preferences-Modem.
5. Open the Connection Setup menu of POETRI.



6. Open the Connection Setup menu and configure your ISP specific parameters or choose a configuration from Import At least you have to:
   Choose a name for the connection.
   Enter user id and password under PPP options.
7. Restart POETRI.EXE
8. Open a connection to your ISP to check your set up.
9. Check the configuration with ping to an external IP address.

Configuring TCP/IP parameters for LAN-WAN IP routing :

IP routing connects different IP networks. Your PC with POETRI acts as the IP router between two IP networks.

1. To give the clients on your LAN access to the Internet you must enable IP routing under Windows:

   Windows 2000/XP:

   With the provided rout2000.bat script you can enable or disable IP Routing on Windows 2000. Activate IP Routing with rout2000 on.

   Windows NT:

   Activate the IP Forwarding Option.

   Windows 9x/ME:

   With the provided routing.bat script you can enable or disable IP Routing on Windows 9x. Activate IP Routing with routing on.

   
   
2. An IP-router has at least two interfaces, a LAN interface and a WAN interface, and therefore requires two IP addresses in different networks. There are two modes of operation:

   You use an official assigned network or sub network of IP addresses for your LAN. You don't need any special software, like POETRI in this case, but POETRI can be used in this case to optimize your setup and connection time.

3. WAN-LAN IP Routing with one official IP address
   If you have only one static or dynamically assigned IP address, you must use IP-Masquerading. Use IP addresses from a private network number range (e.g. 10.0.0.0, 192.168.0.0,..) for the hosts on your LAN. POETRI was developed for this type of internet access.

   1. The virtual Interface of POETRI can be configured by POETRI automatically. In this case the following addresses are assigned:
      IP address: 192.168.2.1
      Net mask: 255.255.255.0
      Gateway: 192.168.2.2
      Nameserver: 192.168.2.3, 192.168.2.4

      If your connection uses fixed IP addresses confugire the provider assigned addresses instead.

   2. You can configure the clients on your LAN by the built-in DHCP server. In this case you have only to configure the ethernet interface connected to your LAN.

      Ethernet interface of Router PC with POETRI:
      IP address: 192.168.1.1
      Net mask: 255.255.255.0
      Computers on your LAN receive an IP address from the configured sub network.

   3. If you prefer to configure your clients manually, choose IP addresses from the same private IP network for all hosts on your LAN. On all hosts, set the default gateway to point to the LAN interface IP address of the router PC.

      Host 1, Ethernet interface:
      IP address: 192.168.1.2
      Net mask: 255.255.255.0
      Gateway: 192.168.1.1
      Nameserver: as specified by your provider or 192.168.2.3, 192.168.2.4 with DNS redirection in POETRI enabled

      Host 2, Ethernet interface:
      IP address: 192.168.1.3
      Net mask: 255.255.255.0
      Gateway: 192.168.1.1
      Nameserver: as specified by your provider or 192.168.2.3, 192.168.2.4 with DNS redirection in POETRI enabled

      .....

4. You have to Reboot Windows 9x or Windows NT. On Windows 2000 a reboot is required only if you modified the routing setting.
5. Use ipconfig /all or winipcfg to check your network setup and IP parameters.

---

Users Guide

IP-Masquerading (NAT + Port Mapping) and DNS Interception

POETRI supports IP address translation (translation of a private IP address to the official IP address), and Port-mapping (translation of a private IP address:portnumber to a free port number of the official IP address).

1. Port Mapping gives more than one host outgoing internet access at a time through one official IP address. Enable Port Mapping by checking the option. POETRI maps client port numbers to port numbers in the range 61440-65535 of the official IP address. Port Mapping works fine with all "well behaved" TCP/IP applications. Some programs require an additional port for downloading data (VDOlive, RealAudioPlayer,...). For these applications you can define static mapping entries for port number ranges to the assigned local IP address.e.g.

10000-10010,192.168.1.2
will forward incoming TCP/UDP packets with port numbers in the range 10000 to 10010 to host 192.168.1.2. On the client set the UDP port number for the application to a port in this range.  Note that in most cases you have to configure the requesting TCP/IP application to use a fixed port number.
Port Mapping entries can be added or modified on the fly without closing and opening a new connection.
Port Mapping only works with protocols which use ports i.e. TCP and UDP. For all other protocols (except ICMP) and incoming connections without an mapping entry an address translation is performed. You can set up up to eight IP addresses in a destination IP address list. The default host is selected by checking the IP address in the Control menu. By simply choosing another host, you can switch between hosts on the fly without closing and opening a new connection. In general  an IP address of a local host in the destination IP address list is only required if you want to be able to make this host the default host for incoming connections, e.g. if the host runs a WWW or ftp server.
Port Mapping can not be used for ping and traceroute, because ICMP Echo Requests don't use port numbers. Due to the importance of ICMP a special mapping technique is implemented.
A main problem with the concept of NAT is that some applications (FTP is the most notable example) put IP addresses into application layer messages which are transferred between Client and Server. This is a protocol layering violation, that in the case of FTP can be overcome  by using PASV commands rather than PORT commands. (Use of PASV can be selected as an option in almost all FTP Clients including WS_FTP, WAR_FTP and Fetch on the Mac). Anyway POETRI supports PORT sequence number patching in case of FTP, but I recommend using PASV mode. Other applications with protocol layering violation, mainly video conferencing programs, may break.

Menus

Preferences

• General:
  In Small view a reduced status windows is displayed.
  The log can be saved on program exit.
  The program can be installed as service on Win9x/ME.
  The program can change the Standard Gateway to the POETRI interface.
  The program can change the Standard Gateway to the POETRI interface.

• Connection:
  Always online automatically reconnects if the connection is dropped.
  With automatic dialing enabled, a new connection is opened as necessary.
  Ask before dialing will popup a Window before opening a connection.
  The program can repeat dialing until a connection is established. A repeated dialing operation can be aborted by clicking on Disconnect.
  If the sound option is checked, the program will play the .WAV files assigned to "LineUp" on connect and "LineDown" on disconnect.
  Call-Setup: maximum Call Setup time.
  Pause: pause between call setups and successful connections.
  dynamic Disconnect threshold: In Shorthold mode a connection is released a few seconds before a unit ends. This value defines how many seconds before the end of a unit a disconnect will be triggered.
  PPP LCP Echo-Interval: To control a connection the program can send PPP echo requests every few seconds. The value defines the interval in seconds.

• Services:
  Enable the DHCP Server for automatic client configuration.
  Enable Routing Information Protocol to announce the router as Standard Gateway of your LAN.
  Enter the IP address of a SYSLOG host to send all log entries to a remote logging server.

• Execute
  Programs can be executed on start, after connect, after disconnect and on termination. %m inserts the local interface ip address. After connect, %i inserts the assigned IP address and %n %s insert assigned primary and secondary name server addresses.
  POETRI can automatically disconnect on termination of the executed program.

Connection Setup
dialog box for defining ISP specific parameters.


Name:name for the connection entry. Service: PPPoE Service Name. To select a PPPoE Service on your LAN. A service name is normally not required.

Protocol: Only PPP is available for PPPoE connections.

NAT: Network address translation is used to translate between private and official IP addresses.
NAT with dynamic IP assignment should be used if your provider uses PPP with dynamic IP addresses
NAT with static IP has to be used for providers that use fixed official addresses.
NAT can be disabled in case of a fixed official IP address. In this case the official IP address must be configured in the TCP/IP set up of Windows.
Peer IP: PPP can assign an IP address to the peer. This IP address can be defined here.

PPP-Options:
TCP header compression: PPP will match TCP header compression with the configuration of the peer.

Attention: The number compression slots is limited on most dial in systems. If you have many simultanous TCP connection because of a LAN access, TCP header compression can degrade perfomance.



Timer Options:
Unit Adaptive Disconnect with Shorthold of: Adaptive disconnect requires the definition and selection of  units through unit emulation or support of unit messages during the connection.
On expiration of the short hold idle timer, POETRI calculates the remaining time of the current unit. If no further activity occurs the connection will close down a few seconds before the end of the unit was estimated.
Disconnect, if idle for: Defines the idle time-out for this connection. The value is used for incoming calls and in if a unit depended time-out is not defined.
Idle Timer ignores Received Packets:
If a peer sends packets on a regular basis to test the line, a idle time-out would never occur. The options will force POETRI not to reset the idle timer on incoming packets.
Idle Timer ignores Bcasts & Netbios requests: Broadcast messages and NetBIOS name lookup messages will not reset the idle timer and not open a new connection. They are only transmitted, if a connection is already established.



Units options:
Emulate Units messages: Allows POETRI to emulate unit messages based on a setup entry.
An entry consists of up to 5 pairs of
Starting-hour,length-of-unit-in-seconds
Separate entries for week days and weekend/holidays can be created.

Attention: A length of 0 disables outgoing calls to the peer during the specified hours.

Log
displays a connection and optionally trace log.

PPPoE Setup

logs all PPPoE control messages

PPP Setup

allows to trace the setup of a PPP connection. PPP data packets are not logged.

Application Interface

logs information related to the upper layer interface and additionally DNS queries.

TCP/IP

logs TCP/IP information of all packets. source IP, destination IP and protocol are logged for all IP protocols. Further values depend on the protocol, e.g. source and destination ports are logged for TCP and UDP.

Attention: Use the trace option only for debugging NOT during normal operation.

Statistics

displays connection statistics

Firewall

The dialog box allows you to configure the packet filtering firewall. The packets are tested against the rules in top down order.
A trusted host is allowed to communicate using any protocol or service (port).
Protocols can be enabled for all or selected addresses.
TCP or UDP protocol can be enabled completly or based on selected services (ports).
Address rules for a certain protocol or service are scanned sequentially for a match. A match may exclude or include a host or host range from communication over this protocol or service.
In learning mode the user will be prompted to allow or deny a service.

The example allows all local computers unrestricted outbound access for TCP and UDP. All incoming TCP connections and incoming UDP packets are blocked. Only ICMP packets are allowed in both directions.

Port Mapping

To forward packets with known port numbers to a defined client you can configure static mapping entries. The dialog box allows you add static port mapping entries and the IP address of the client that should receive the packets.
DNS:
To enables redirection of DNS request to dynamically assigned name servers. The name server addresses are determined automatically from the Windows configuration. Change these addresses only if required (e.g. in case of a local DNS forwarder).

Name Resolution

With DNS interception all clients on the LAN can resolve Domain names from a common name table without accessing an external name server. DNS IP address record requests are trapped and the IP addresses are looked up in a local name table. If a matching entry is found a reply is generated and the request dropped. If no match was found the query is forwarded in the standard way.
The dialog box configures DNS interception. Set the check mark to enable local name resolution through the name table.

Add the IP addresses and the full Internet Domain Name of those hosts you want to resolve locally.

Exit

terminates the program.

Help

starts a HTML browser with this manual.

Show License

shows the license conditions for this software

Register

prompts for the license key and your name, company. To activate a license key you have to restart the program. After restart check the About menu to find out if the license information was accepted.

About

displays program version information.

Connect

manually connects to an IP destination. The initial setting of the repeat dial request option depends on the Preferences configuration.

Disconnect

disconnects an active connection or terminates a repeated dial request.

Auto Dial

enable or disables the auto dial feature.

---

Remarks

Connection state

The state of a connection is displayed on the status page and in place of an icons title by the following codes:
_ = no connection,
A = active, PPPoE connection up,
L = PPP LCP configuration up,
I = PPP PAP/CHAP configuration up, IPCP configuration started,
P = PPP connection up

Program Startup

POETRI.EXE can be started with the following optional command line arguments:
(You can enter arguments for a Windows program via the Properties entry of Aliases.)

POETRI [Flags] [ConfigFile]

Flags

• -iconic starts POETRI iconified.
• -disconnect disconnect all active connections.
• -unload unload running copy of POETRI. Prompt user if a connection is active.
• -terminate disconnect and unload a running copy of POETRI.

ConfigFile specifies the name of the POETRI configuration file. If the name is not given, it defaults to "POETRI.INI". The configuration file is a readable text file.

If you want to set up separate configurations for more than one provider start POETRI with the name of a configuration file and create an alias pointing to POETRI.EXE with the named configuration file, e.g.
C:\POETRI\POETRI.EXE tonline.ini.

Running POETRI as Service

To run POETRI as a service execute
poetsrv -install
This will install POETRI as a service.
poetsrv -remove
will remove POETRI as a service.

If POETRI is running as a service, the configuration dialogs are protected by the Administrator password. After entering the correct password access to the dialogs is enabled. Permission to access the dialogs is terminated with the current interactive session or on clicking on the close Symbol X of the main window of POETRI.

Do not stop or delete the "POETRI PPPoE Service" from the system, otherwise setting the standard gateway will fail.

Remote Control of Connection

To monitor and control a connection from a remote client:
1. Enable remote control under Preferences.
2. Copy REMPOE.EXE to the client and start it.

REMPOE uses UDP Port 77 (private remote job services) for communication.
It sends an UDP Subnet broadcast packet to locate POETRI.

---

Support

The latest version of POETRI is available on www.hanewin.de. Please mail comments, questions, problems to .