Ppp

  • November 2019
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Ppp as PDF for free.

More details

  • Words: 2,951
  • Pages: 35
PPP Point to Point Protocol

Agenda

Page 1

Client Logo

AGEND A • INTRODUCTION • PPP COMPONENTS • GENERAL OPERATIONS • STATES , EVENTS AND ACTIONS • PPP GENERAL FRAME FORMAT • INDIVIDUAL PPP PROTOCOLS

Agenda

Page 2

Client Logo

INTRODUCTION 

PPP defines a complete method for robust data link connectivity between units using serial lines or other physical layers.



Point-to-Point Protocol (PPP) has become the predominant protocol for modem-based access to the Internet.



PPP runs at the Datalink layer (ISO layer 2), providing symmetric, peer-to-peer connections utilizing encapsulation, transmission and link management services for the upper layer network protocols

Agenda

Page 3

Client Logo

• Capabilities and features - Error detection

- Compression - Authentication - Encryption - Assignment and management of IP addresses

• PPP –advantageous • Operate Synchronous and asynchronous links ,

but the links should be Full – Duplex. • Designed to work with several network layer protocols, such as, IP, IPX and AppleTalk protocol Agenda

Page 4

Client Logo

PPP COMPONENTS

PPP components

PPP Family Protocol Information ATCP | BACP | BAP | BCP | BSD | BVCP | CCP | CHAP | DESE | DNCP | ECP | IPCP | IPHC | IPv6CP | IPXCP | L2F | L2TP | LCP | LQR | LZS | MPPC | MultiPPP | NBFCP | OSINLCP | PAP | PPP | PPP-BPDU | PPTP | SDCP | SNACP

Agenda

Page 5

Client Logo

GENERAL OPERATIONS 

GENERAL OPERATION - LCP packet -- configure & test data link - Authentication – PAP / CHAP - NCP packet -- choose &configure - Links remain until explicitly terminated

Agenda

Page 6

Client Logo

PHASES OF PPP 1.

Link Dead  Link necessarily begins and ends with this phase.

2.

Link Establishment Phase  Establish the connection through an exchange of Configuration packets  LCP Open state entered, once a Configure-Ack packet has been both sent and received.  All Configuration Options are assumed to be at default values.

3.

Authentication Phase  To authenticate peer before allowing network-layer protocol packets to be exchanged.  By default authentication is not mandatory.  SHOULD take place as soon as possible after link establishment.  Authentication fails—Link termination phase .

4.

Network-Layer Protocol Phase  Network-layer protocol (such as IP, IPX, or AppleTalk) MUST be separately configured by the appropriate Network Control Protocol (NCP).

5.

Link Termination Phase  LCP is used to close the link through an exchange of Terminate packets.  Loss of carrier, authentication failure, link quality failure, the expiration of an idle-period timer, or the administrative closing Agenda

Page 7

Client Logo

PPP LINK OPERATION

Agenda

Page 8

Client Logo

PPP WORKING

Agenda

Page 9

Client Logo

TIMERS AND COUNTERS Restart Timer The Restart timer is used to time transmissions of Configure-Request and Terminate-Request packets. Expiration of the Restart timer causes a Timeout event, and retransmission of the corresponding Configure-Request or Terminate-Request packet.

Max-Terminate There is one required restart counter for Terminate-Requests. Max-Terminate indicates the number of Terminate-Request packets sent without receiving a Terminate-Ack before assuming that the peer is unable to respond.

Max-Configure Max- Configure indicates the number of Configure-Request packets sent without receiving a valid Configure-Ack, Configure-Nak or Configure-Reject before assuming that the peer is unable to respond

Max-Failure Max-Failure indicates the number of Configure-Nak packets sent without sending a ConfigureAck before assuming that configuration is not converging

Agenda

Page 10

Client Logo

STATES 

Initial---In the Initial state, the lower layer is unavailable (Down), and no Open has occurred. The Restart timer is not running in the Initial state.



Starting---The Starting state is the Open counterpart to the Initial state.Lower layer is still unavailable (Down). The Restart timer is not running in the Starting state. When the lower layer becomes available (Up), a Configure-Request is sent



Closed---link is available (Up), but no Open has occurred. The Restart timer is not running in the Closed state.Upon reception of Configure-Request packets, a Terminate-Ack is sent.



Stopped---Open counterpart to the Closed state. It is entered when the automaton is waiting for a Down event after the This-Layer-Finished action, or after sending a Terminate-Ack. The Restart timer is not running in the Stopped state.



Closing---An attempt is made to terminate the connection. A Terminate-Request has been sent and the Restart timer is running, but a Terminate-Ack has not yet been received. Upon reception of a Terminate-Ack, the Closed state is entered. Restart timer has expired Max-Terminate times, the Closed state is entered.

Agenda

Page 11

Client Logo

STATES contd… 

Stopping---Open counterpart to the Closing state. A Terminate-Request has been sent and the Restart timer is running, but a Terminate-Ack has not yet been received.



Request-Sent---An attempt is made to configure the connection. A Configure-Request has been sent and the Restart timer is running, but a Configure-Ack has not yet been received.



Ack­Received­­­A Configure­Request has been sent and a Configure­ Ack has been received. 



Ack­Sent­­­A Configure­Request and a Configure­Ack have both been  sent.



Opened­­­A Configure­Ack has been both sent and received. The  Restart timer is not running. When entering the Opened state, the  implementation SHOULD signal the upper layers that it is now Up.  Conversely, when leaving the Opened state, the implementation  SHOULD signal the upper layers that it is now Down.

Agenda

Page 12

Client Logo

EVENTS Transitions and actions in the automaton are caused by events. 

Up­­­ This event occurs when a lower layer indicates that it is  ready to carry packets.



Down­­­This event occurs when a lower layer indicates that it is no  longer ready to carry packets.



Open­­­ Link  is administratively available for traffic; that is,  the link is allowed to be Opened. When this event occurs, and the  link is not in the Opened state, the automaton attempts to send  configuration packets to the peer.



Close­­­Link is not available for traffic; that is, the link is not  allowed to be Opened. When this event occurs, and the link is not  in the Closed state, the automaton attempts to terminate the  connection.



Timeout (TO+,TO­)­­­Indicates the expiration of the Restart timer.  The Restart timer is used to time responses to Configure­Request  and Terminate­Request packets.The TO+ event indicates that the  Restart counter continues to be greater than zero, which triggers  the corresponding Configure­ Request or Terminate­Request packet to  be retransmitted. The  Agenda Page 13 Client Logo TO­ event indicates that the Restart counter is not greater than 

EVENTS contd… 

Receive­Configure­Request (RCR+,RCR­)­­­Occurs when a Configure­ Request packet is received from the peer. Indicates the desire to  open a connection and may specify Configuration Options. The RCR+  event < ­­ > Configure­Request was acceptable, and triggers the  transmission of a corresponding Configure­Ack. The RCR­ event < ­­  > Configure­Request was unacceptable, and triggers the transmission  of a corresponding Configure­Nak or Configure­Reject.



Receive­Configure­Ack (RCA)­­­This event occurs when a valid  Configure­Ack packet is received from the peer. The Configure­Ack  packet is a positive response to a Configure­Request packet.



Receive­Configure­Nak/Rej (RCN)­­­This event occurs when a valid  Configure­Nak or Configure­Reject packet is received from the peer.  The Configure­Nak and Configure­Reject packets are negative  responses to a Configure­ Request packet. Receive­



Terminate­Request (RTR)­­­This event occurs when a Terminate­ Request packet is received. The Terminate­Request packet indicates  the desire of the peer to close the connection. Agenda

Page 14

Client Logo

EVENTS contd… 

Receive­Terminate­Ack (RTA)­­­Occurs when a Terminate­Ack packet is  received from the peer. The Terminate­Ack packet is usually a  response to a Terminate­Request packet. The Terminate­Ack packet  may also indicate that the peer is in Closed or Stopped states.



Receive­Unknown­Code (RUC)­­­Occurs when an un­interpretable packet  is received from the peer. A Code­Reject packet is sent in  response.



Receive­Code­Reject, Receive­Protocol­Reject (RXJ+,RXJ­)­­­Occurs   when a Code­Reject or a Protocol­Reject packet is received from the  peer.The RXJ+ event arises when the rejected value is acceptable,  such as a Code­Reject of an extended code, or a Protocol­Reject of  a NCP. The RXJ­ event arises when the rejected value is  catastrophic, such as a Code­Reject of Configure­Request, or a  Protocol­Reject of LCP! This event communicates an unrecoverable  error that terminates the connection.



Receive­Echo­Request, Receive­Echo­Reply, Receive­Discard­ Request(RXR)­­­Occurs when an Echo­Request, Echo­Reply or Discard­ Request packet is received from the peer. The Echo­Reply packet is  a response to an Echo­Request packet. Agenda

Page 15

Client Logo

ACTIONS Actions in the automaton caused by events and typically indicate the  transmission of packets and/or the starting or stopping of the Restart timer. 

Illegal­Event (­)­­­This indicates an event that cannot occur in a  properly implemented automaton. 



This­Layer­Up (tlu)­­­This action indicates to the upper layers  that the automaton is entering the Opened state. used by the LCP to  signal the Up event to a NCP, Authentication Protocol, or Link  Quality Protocol, or MAY be used by a NCP to indicate that the link  is available for its network layer traffic.



This­Layer­Down (tld)­­­Indicates to the upper layers that the  automaton is leaving the Opened state. used by the LCP to signal  the Down event to a NCP, Authentication Protocol, or Link Quality  Protocol, or MAY be used by a NCP to indicate that the link is no  longer available for its network layer traffic.



This­Layer­Started (tls)­­­Indicates to the lower layers that the  automaton is entering the Starting state, and the lower layer is  needed for the link. Agenda

Page 16

Client Logo

ACTIONS contd… 

This­Layer­Finished (tlf)­­­Indicates to the lower layers that the  automaton is entering the Initial, Closed or Stopped states, and  the lower layer is no longer needed for the link.



Initialize­Restart­Count (irc)­­­Sets the Restart counter to the  appropriate value(Max­Terminate or Max­Configure). The counter is  decremented for each transmission, including the first.



Zero­Restart­Count (zrc)­­­This action sets the Restart counter to  zero.



Send­Configure­Request (scr)­­­A Configure­Request packet is  transmitted. Indicates the desire to open a connection with a  specified set of Configuration Options. The Restart timer is  started when the Configure­Request packet is transmitted, to guard  against packet loss.



Send­Configure­Ack (sca)­­­A Configure­Ack packet is transmitted.  This acknowledges the reception of a Configure­Request packet.



Send­Configure­Nak (scn)­­­This negative response reports the  reception of a Configure­Request packet with an unacceptable set of  Agenda Page 17 Client Logo Configuration Options.

ACTIONS contd… 

Send­Terminate­Request (str)­­­A Terminate­Request packet is  transmitted. This indicates the desire to close a connection. 



Send­Terminate­Ack (sta)­­­A Terminate­Ack packet is transmitted. This  acknowledges the reception of a Terminate­Request packet .



Send­Code­Reject (scj)­­­A Code­Reject packet is transmitted. This  indicates the reception of an unknown type of packet.



Send­Echo­Reply (ser)­­­An Echo­Reply packet is transmitted. This  acknowledges the reception of an Echo­Request packet.

Agenda

Page 18

Client Logo

STATE TRANSITION DIAGRAM LAYER OPERATION

Agenda

Page 19

Client Logo

PPP GENERAL FRAME FORMAT

Agenda

Page 20

Client Logo

LCP—LINK CONTROL PROTOCOL 

PPP is about links, and LCP is about controlling those links.



Three classes of LCP packets - Link Configuration - to establish and configure a link (Configure-Request, Configure-Ack, Configure-Nak and Configure-Reject). - Link Termination - terminate a link (Terminate-Request and Terminate-Ack). - Link Maintenance packets - manage and debug a link (Code-Reject, Protocol-Reject, Echo-Request, Echo-Reply and Discard-Request).

LCP PACKET FORMAT

Code

Identifier

Length

Options

Agenda

Page 21

Client Logo

CODE FIELD VALUES Code

Packet Type

Description

0116

Configure-request

Contains the list of proposed options and their values

0216

Configure-ack

Accepts all options proposed

0316

Configure-nak

Announces that some options are not acceptable

0416

Configure-reject

Announces that some options are not recognized

0516

Terminate-request

Requests to shut down the line

0616

Terminate-ack

Accepts the shut down request

0716

Code-reject

Announces an unknown code

0816

Protocol-reject

Announces an unknown protocol

0916

Echo-request

A type of hello message to check if the other end is alive

0A16

Echo-reply

The response to the echo-request message

0B16

Discard-request

A request to discard the packet

Agenda

Page 22

Client Logo

LINK CONFIGURATION OPTIONS Configuration option format Type

Type

Length

Data

- The Type field is one octet, and indicates the type of Configuration Option.

Length - Field is one octet. Includes type,length and data fields. Data

- field is zero or more octets. Contains information specific to configuration options. 0

Reserved

1

Maximum- receive-unit

3

Authentication-protocol

4

Quality-protocol

5

Magic-number

7

Protocol-field compression

8

Address & control field compression Agenda

Page 23

Client Logo

AUTHENTICATION PROTOCOL

Authentication is not mandatory . If required there are two different protocols used for the purpose of authentication during PPP set up • PAP – Password Authentication Protocol • CHAP – Challenge Handshake Authentication Protocol

Agenda

Page 24

Client Logo

Password Authentication Protocol 

The Password Authentication Protocol (PAP) provides a simple method for the peer to establish its identity using a 2-way handshake.



This is done only upon initial link establishment.



After the Link Establishment phase is complete, an Id/Password pair is repeatedly sent by the peer to the authenticator until authentication is acknowledged or the connection is terminated.

Packet format: PAP Code(1)

Identifier(1)

Length(2)

Data… Code: 1- Auth-req, 2-Auth-Ack, 3-Auth-Nak Configuration Option format Type(1)

Length(1)

Authentication Protocol(2) Agenda

Page 25

Client Logo

PAP cont’d… •

PAP

Agenda

Page 26

Client Logo

Challenge Handshake Authentication Protocol 

The Challenge-Handshake Authentication Protocol (CHAP) is used to periodically verify the identity of the peer using a 3-way handshake.



CHAP provides protection against playback attack through the use of an incrementally changing identifier and a variable challenge value.



This authentication method depends upon a "secret" known only to the authenticator and that peer. The secret is not sent over the link.

Packet format: CHAP Code(1)

Identifier(1)

Length(2)

Data… Code: 1- Challenge, 2- Response, 3- Success, 4- Failure.

Configuration Option format Type(1)

Length(1)

Authentication Protocol(2)

Algorithm Type: 3

Length: 5

Authentication Protocol: c223(hex) Agenda

Page 27

Client Logo

CHAP cont’d…

challenge

MD 5

challenge

Hash value

MD 5 Hash value

Compare

 Protocol: 1. After the Link Establishment phase is complete, the authenticator sends a "challenge" message to the peer. 2. The peer responds with a value calculated using a "one-way hash" function. 3. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication is acknowledged; otherwise the connection SHOULD be terminated.

Agenda

Page 28

Client Logo

CHAP cont’d…

Agenda

Page 29

Client Logo

NETWORK CONTROL PROTOCOL - The Network Control Protocol (NCP) phase in the PPP link connection

process is used for establishing and configuring different network-layer protocols such as IP, IPX or AppleTalk. - After a NCP has reached the Opened state, PPP will carry the corresponding

network-layer protocol packets. Any supported network-layer protocol packets received when the corresponding NCP is not in the Opened state MUST be silently discarded. - During this phase, link traffic consists of any possible combination of LCP, NCP, and network-layer protocol packets.

- The most common layer 3 protocol negotiated is IP. The routers exchange IP Control Protocol (IPCP) messages negotiating options specific to the protocol

Agenda

Page 30

Client Logo

PPP NETWORK CONTROL PROTOCOL FOR IP 

   

The IP Control Protocol (IPCP)  Used for  configuring,enabling,  and disabling the IP protocol modules on both ends of the point­to­ point link. It is an NCP protocol IPCP  Has same packet exchange mechanism as the Link Control  Protocol (LCP).  IPCP packets exchanged after PPP has reached the Network­Layer  Protocol phase. LCP performs the basic link setup, and after (optional)  authentication, invokes a Network Control Protocol (NCP)  The NCP conducts a negotiation.

FRAME FORMAT

Agenda

Page 31

Client Logo

IPCP                                        Data Link Layer Protocol Field

1.

One IPCP packet is encapsulated in the Information field of PPP Data Link Layer frames.

2.

Code field Codes 1 through 7 are used. CODE

IPCP PACKET

01

Configure-request

02

Configure-ack

03

Configure-nak

04

Configure-reject

05

Terminate-request

06

Terminate-ack

07

Code-reject

1. Timeout

           IPCP packets may not be exchanged until PPP has reached the  Network­Layer protocol phase. 3. Configuration Option Types Agenda Page 32   IPCP has a distinct set of Configuration Options.

Client Logo

CONFIGURATION OPTIONS

IPCP COFIGURATION OPTIONS -

Allow negotiation of desirable Internet Protocol parameters.

 IP-Compression-Protocol: Allows devices to negotiate the use of something called “Van Jacobson TCP/IP header compression”. This compresses the size of TCP and IP headers to save bandwidth. Thus, this is similar in concept to the Protocol-Field-Compression and Address-and-Control-FieldCompression (ACFC) options in LCP.

 IP-Address: Allows the device sending the Configure-Request to either specify an IP address it wants to use for routing IP over the PPP link, or to request that the other device supply it with one. This is most commonly used for dial-up networking links.

Agenda

Page 33

Client Logo

PPP ENCAPSULATION PPP uses the High-Level Data Link Control (HDLC) protocol as a basis for encapsulating datagrams over point-to-point links. The PPP encapsulation is used to disambiguate multiprotocol datagrams. This encapsulation requires framing to indicate the beginning and end of the encapsulation .

PROTOCOL FIELD – "0***" to "3***" -- Identify the network layer protocol of specific packets. – "8***" to "b***" -- Packets belonging to the associated network control protocols – "4***" to "7***" -- Protocols with low volume traffic have no associated NCP. – "c***" to "f***" --- Link layer control protocols (such as LCP). INFORMATION FIELD – Contains the datagrams for the protocol specified in the Protocol field – Maximum length –1500 octets(MRU) PADDING – Information field may be padded with an arbitrary number of octets up to the MRU Agenda

Page 34

Client Logo

PPP SETUP Establish connection: PPP link MUST first send LCP packets to configure and test the data link.

Authenticate Users: User Name & password Authenticate

PPP send NCP packets to configure Network Layer Protocol, then

Transmit Data DATA PPP

Protocol Header

Protocol Header

PPP DATA

Agenda

Page 35

Client Logo

Related Documents

Ppp
May 2020 24
Ppp
April 2020 21
Ppp
April 2020 25
Ppp
November 2019 44
Ppp
December 2019 38
Ppp - Palestra
November 2019 19