3. Point-To-Point Protocol PPP VD
-
Upload
cao-hong-minh -
Category
Documents
-
view
251 -
download
1
description
Transcript of 3. Point-To-Point Protocol PPP VD
Module 3
Point-to-Point Protocol (PPP)
Objectives
Serial point-to-point linkPPP - point-to-point protocolHDLCConfiguring PPP and HDLC
Serial point-to-point links
Introduction to Serial Communication
WAN technologies are based on serial transmission at the physical layer. This means that the bits of a frame are transmitted one at a time over the physical medium.Some of the many different serial communicationsstandards are the following:• RS-232-E • V.35 • High Speed Serial Interface (HSSI)
Time-Division Multiplexing
Demarcation Point
The point in the network where the responsibility of the service provider or "telco" ends.
DTE-DCE
Serial Connection Options
•Mechanical/physical•Electrical•Functional•Procedural
PPPPoint-to-Point Protocol
PPP’s Intro
PPP provides router-to-router and host-to-networkPPP: most popular WAN protocols•Control of data link setup•Assignment and management of IP address•Network protocol multiplexing•Link configuration and link quality testing•Error detection
PPP: Layered Architecture•Layer 1, Layer 2, Layer 3 / OSI Model
PPP Layered Architecture – Physical Layer
PPP Layered Architecture - Physical Layer
PPP can used with physical interfaces•Asynchronous serial•Synchronous serial•HSSI•ISDN
PPP - Data link Layer
PPP - Data link Layer
Data-link Layer• LCP (Link Control Protocol)
• A Link Control Protocol (LCP) for establishing, configuring, and testing the data-link connection
• NCP (Network Control Protocol)• A family of Network Control Protocols (NCPs) for
establishing and configuring different network-layer protocols.
• PPP is designed to allow the simultaneous use of multiple network-layer protocols.
• PPP supports other protocols besides IP, including Internetwork Packet Exchange (IPX) and Appletalk
LCP features
PPP callback
LCP features
LCP also handles•Limits on size of packet•Terminates the link•Determines when a link is functioning
property or failing
PPP and the Network Layer
PPP FrameFlag: 1 byte, Indicates the beginning or end of frameAddress: 1 byte, Broadcast addr – 11111111Control: 1 byteProtocol: 2 byte, identify the protocol that is encapsulated in data field of frame Data: PacketFCS: 2 or 4 byte, error control
Establishing a PPP Session
PPP Session Establishment (Detail)
1. Link establishment - (LCPs)
2. Authentication - Optional (LCPs)
3. Link quality determination - Optional (LCPs)
4. Network layer protocol configuration (NCPs)
5. Link termination (LCPs)
Link-establishment phase
In this phase each PPP device sends LCP frames to configure and test the data link. LCP frames contain a configuration option field that allows devices to negotiate the use of options such as the maximum transmission unit (MTU), compression of certain PPP fields, and the link-authentication protocol. If a configuration option is not included in an LCP packet, the default value for that configuration option is assumed.Before any network layer packets can be exchanged, LCP must first open the connection and negotiate the configuration parameters. This phase is complete when a configuration acknowledgment framehas been sent and received.
Authentication Phase (Optional)
After the link has been established and the authentication protocol decided on, the peer may be authenticated. Authentication, if used, takes place before the network layer protocol phase is entered. As part of this phase, LCP also allows for an optional link-quality determination test.• The link is tested to determine whether the link quality is
good enough to bring up network layer protocols
Network Layer Protocol Phase
In this phase the PPP devices send NCP packets to choose and configure one or more network layer protocols, such as IP. Once each of the chosen network layer protocols has been configured, packets from each network layer protocol can be sent over the link.
The show interfaces command reveals the LCP and NCP states under PPP configuration.
LCPNCP
Show interface
Link termination
LCP can terminate the link at any time.
This is usually done at the request of a user.
Can happen because of a physical event, such as the loss of a carrier or a timeout.
If LCP closes the link, it informs the network-layer protocols so that they can take appropriate action.
PPP Authentication Protocols
1. Link establishment - (LCPs)
2. Authentication - Optional (LCPs)
3. Link quality determination - Optional (LCPs)
4. Network layer protocol configuration (NCPs)
5. Link termination (LCPs)
Password Authentication Protocol (PAP)
PAP provides a simple method for a remote node to establish its identity, using a two-way handshake.
After the PPP link establishment phase is complete, a username/password pair is repeatedly sent by the remote node across the link until authentication is acknowledged or theconnection is terminated.
PAP is not a strong authentication protocol.
Passwords are sent across the link in clear text and there is no protection from playback or repeated trial-and-error attacks.
The remote node is in control of the frequency and timing of thelogin attempts.
Challenge Handshake Authentication Protocol (CHAP)
CHAP is used at the startup of a link and periodically verifies the identity of the remote node using a three-way handshake.
After the PPP link establishment phase is complete, the local router sends a "challenge" message to the remote node.
The remote node responds with a value calculated using a one-way hash function, which is typically Message Digest 5 (MD5).
This response is based on the password and challenge message.
The local router checks the response against its own calculation of the expected hash value.
If the values match, the authentication is acknowledged, otherwise the connection is immediately terminated.
CHAP Step by Step
CHAP Step by Step
CHAP Step by Step
HDLCHigh-level Data-link Control
High-level Data-link Control (Original)A data-link layer protocol that encapsulates data on synchronous serialError free and flow controlDoes not support multiple protocols on a single linkISO- 1979
High-level Data-link Control (Original)
Cisco:•Offers a proprietary version of HDLC•Multiple protocols supported on a single-link
High-level Data-link Control (Cisco)
HDLC Encapsulation
Configuring PPP and HDLC
Configuring PPP
Enables PPP encapsulation on serial interface 0/0
Router#configure terminalRouter(config)#username HQ password boardwalkRouter(config)#interface serial 0/0Router(config-if)#encapsulation pppRouter(config-if)#ppp authentication chap|pap
172.25.3.0/24Serial .1/S0.2/S0
DCEDTE
hostname SantaCruzusername HQ password boardwalk
interface Serial0ip address 172.25.3.2 255.255.255.0encapsulation pppppp authentication chap
hostname HQusername SantaCruz password boardwalk
interface Serial0ip address 172.25.3.1 255.255.255.0encapsulation pppppp authentication chap
Configuring PPP
Configuring PPP
Configuring PPP Multilink (MLP)
Router(config)#interface serial 0/0Router(config-if)#encapsulation pppRouter(config-if)#ppp multilink
Configuring PPP Authentication
PAP Configuration
CHAP Configuration
Verifying PPP
PPP Configuration Commands
Debug PPP Authentication
Configuring HDLC Encapsulation
Troubleshooting a Serial Interface
• Some possible problem states can be identified in the interface status line of the show interface serial display:
• Serial x is down, line protocol is down.• Serial x is up, line protocol is down.• Serial x is up, line protocol is up (looped).• Serial x is administratively down, line
protocol is down.
GOOD LUCK WITH THIS MODULE!