PPPoE Protocol

5/24/2018 PPPoE Protocol

1/45

HUAWEI TECHNOLOGIES CO., LTD. All rights reserved

www.huawei.com

Internal

Broadband Access Services


2/45



3/45



4/45

HUAWEI TECHNOLOGIES CO., LTD. All rights reserved Page 4

Characteristics of PPP

PPP provides CHAP and PAP authentication to enhance the

network security.

The physical layer of PPP supports asynchronous mode and

synchronous mode.

PPP has network control protocols for different network layers.


5/45


Chapter 1 PPP Protocol

Chapter 2 PPPoE Protocol


6/45


Overview of PPP

Definition of PPP:

The Point-to-Point Protocol (PPP) provides a standard method for

transporting multi-protocol datagrams over point-to-point links.

Correspondence between the PPP and the protocol stack

PPP protocol

Physical layer

Network layer

Transport layer

Session layer

Presentation layer

Application layer

Data Link Layer


7/45HUAWEI TECHNOLOGIES CO., LTD. All rights reserved Page 7

Characteristics of PPP

PPP provides CHAP and PAP authentication to enhance the

network security.

The physical layer of PPP supports asynchronous mode and

synchronous mode.




Components of PPP

A Link Control Protocol (LCP) for establishing, configuring, and

testing the data-link connection.

A family of Network Control Protocols (NCPs) for establishing

and configuring different network-layer protocols.

PPP extend protocols. (For example, Multilink protocol)



Format of the PPP Data Frame

CheckFlag FlagAddress Information fieldControl Protocol field

1B 1B 2B1500B by default1B 2B 1B

0x7E0x7E 0xFF 0x03

Fixed value

1B=1Byte



Common Packets Carried by PPP Frame

CheckIP data packet0x0021

CheckLCP data packet0xC021

CheckNCP data packet0x8021

The protocol field has two bytes and it indicates the protocol type

used in the information field. Its structure is consistent with the

ISO3309 address field extension mechanism.

Protocol field Information field



PPP Phase Diagram

Dead Establish Authenticate

NetworkTerminate

Success/None

Up Opened

ClosingDown

Fail Fail

LCP PAP/CHAP

IPCP



PPP Phase Diagram

LCP Config_Req

LCP Config_Rej

LCP Config_Req

LCP Config_Nak

LCP Config_ReqLCP Config_Ack

LCP Config_Req

LCP Config_Ack

Authentication_Req

Authentication_AckChallenge

Authentication_Req

Authentication_Ack

When the attribute in Config-req packetdoes not support, reject packet is returned

with the attribute contained

When the attribute in Config-req packetsupports but the value not, nak packet isreturned with the attribute and the value

contained

LCP negotiation succeeds, respondingwith ack packet

LCP negotiation is of two-way

Pap authentication process and modes

are optional

Chap authentication process and

modes are optional


13/45


Format of the LCP Data Packet

Flag

01111110

Address

11111111

Control

00000011

Protocol

8/16 bits

Information

*

FCS

16 bits

Flag

01111110

Configuration

options

format:

Frame format

Code

8 bits

Identifier

8 bits

Length

16 bits

Data

Type

8 bits

Length

8 bits

Data

Type

8 bits

Length

8 bits


14/45


Common Field Values

Type

0x01 MRU

0x05 Magic-Number

Code

0x01 Configure-Request

0x02 Configure-Ack

0x03 Configure-Nak

0x04 Configure-Reject

0x05 Terminate-Request

0x06 Terminate-Ack

0x09 Echo-Request

0x10 Echo-Reply

Protocol

0021 IP

8021 IPCP

C021 LCP

C023 PAP

C223 CHAP


15/45


Types of LCP Data Packets

Link configuration packet

Configure-Request, Configure-Ack, Configure-Nak and

Configure-Reject.

Link termination packet

Terminate-Request and Terminate-Reply.

Link maintenance packet

Code-Reject, Protocol-Reject, Echo-Request, Echo-Reply and

Discard-Request.


16/45


Examples of Link Configuration Packets

7EFF 03C0 21010100 1702 06 00 0A 00 0005 06 00 0B 42 CB07 02

08 020D03 067E

7E FF 03 C0 2102 0100 1702 06 00 0A 00 0005 06 00 0B 42 CB07 02

08 020D 03 067E

One endof the p2p communication sends a Config-Request packet with

the following content:

After correctly receiving the packet, the peer returns a Config-Ack

packet as following:


17/45


Link Configuration Process (1)

One-off interaction

1

2

Config-Request

Config-Ack

Router A Router B


18/45



One end of the p2p communication sends a Config-Request packet withthe following content:

7EFF 03C0 21010100 1702 06 00 0A 00 00 05 06 00 0B 42 CB 07 02 0802 0D 03 06 7E

After correctly receiving the packet, the peer can identify the option 0x02

but not support the value. Then it returns a Config-Nak packet back:7EFF 03C0 21030100 0A02 06 00 0E 00 00 7E

after receiving the returned packet, the first end will resend a Config-Request packet again with the following content: 7EFF 03C0 21010400 1702 06 00 0E 00 00 05 06 00 0B 42 CB 07 02 08

02 0D 03 06 7E

The peer returns a Config-Ack packet as following:

7EFF 03C0 21010400 1702 06 00 0E 00 00 05 06 00 0B 42 CB 07 02 0802 0D 03 06 7E


19/45



Twice interaction (1)

1

2

Config-Request

Config-Nak

Router A Router B

3

4

Config-Request

Config-Ack


20/45



7EFF 03C0 21010100 1702 06 00 0A 00 0005 06 00 0B 42 CB07 0208 02

0D03 067E

One end of the p2p communication sends a Config-Request packet with thefollowing content:

After correctly receiving the packet, the peer cannot identify the option

0x02 and returns a Config-Reject packet :

7EFF 03C0 21040100 0A02 06 00 0A 00 007E

the original transmit end resend a Config-Request packet again as

following :

7EFF 03 C0 21010400 1105 06 00 0B 42 CB07 0208 020D03 067E

The peer returns a Config-Ack packet as following:

7EFF 03 C0 21010400 1105 06 00 0B 42 CB07 0208 020D03 067E


21/45



Twice interaction (2)

1

2

Config-Request

Config-Reject

Router A Router B

3

4

Config-Request

Config-Ack


22/45



Multiple interactions

1

2Config-Request

Config-Reject

Router A Router B

3

4Config-Request

Config-Nak

5

6

Config-Request

Config-Ack


23/45


PAP Authentication (Two Handshakes)

User name/password

Accept/reject

PPP encapsulation

Router A Router B

Authenticated Authenticator

Question 1: As shown in the figure, Router B is the

authenticator and Router A is the supplicant. How to

configure both routers?


24/45


CHAP Authentication (Three Handshakes)

Response

Challenge

Question 2: As shown in the figure, Router B is the

authenticator and Router A is the supplicant. How to

configure both routers?

Accept/reject

PPP encapsulation

Router A Router B

Authenticated Authenticator


25/45


Classification of NCP


IPCP

IPXCP

AppleTalk


26/45


IPCP Static Address Negotiation

The point-to-point communication devices are all configured with IP

addresses.

I see.

My IP address is

192.168.0.1.

Router BRouter A

192.168.0.1 192.168.0.2

I see

My IP address is

192.168.0.2.


27/45


IPCP Dynamic Address Negotiation

One of the point-to-point ends is configured with an IP address and

the other end obtains an IP address from the peer end.

This address is illegal. Use

IP address 192.168.0.1.

My IP address is 0.0.0.0.

Router BRouter A

192.168.0.2

I see



I see


28/45


Chapter 1 PPP Protocol

Chapter 2 PPPoE Protocol


29/45


Overview of the PPPoE

Why is PPPoE required?

The PPP is not applicable to the broadcast networks or

some other networks of multi-point access. Hence, the

PPPoE emerged.


30/45


Overview of the PPPoE

The PPPoE is comprised of two phases:

the discovery phase

the PPP session phase.


31/45


Discovery Phase

Execute a discovery procedure to identify the peer MAC

address and then create a unique PPPoE session ID.

When a PPP session is established, the PPPoE discovery

phase is completed.


32/45


Session Phase

Peers transmit PPP data to each other for negotiations and

data transmission.

The packets transmitted in this phase must keep the session

ID determined in the discovery phase.


33/45


Frame Format of the PPPoE (1)

Ethernet frame format

Ethernet broadcast

address

Ethernet Unicast

address

Host Ethernet

address

Host Ethernet

address

0x8863 0x8864

Data area Data area

Data frame check Data frame check

Ethernet frame format in

the PPPoE discovery phaseEthernet frame format in

the PPPoE session phase

Frame type field (2 octets)

Destination address

(6 octets)

Source address

(6 octets)

Payload1500bytes

Frame check (4 octets)


34/45



Version Type Code Session ID

Length Payload

4 4 8 16

16

Some tags are carried in the discovery

phase

PPP data packets are carriedin thesession phase


35/45



TAGTag type 16 Tag length 16

Tag value

0x0000

0x0102

0x0104

0x0110

0x0101

0x0103

0x0105

0x0201

End-of-list

AC-Name

AC-Cookie

Relay-Session-ID

Service-Name

Service-Name-Error

Host-Uniq

Verdor-Specific

0x0202 0x0203AC-System-Error Generic-Error


36/45


Packet Types in Discovery Phase

PADI (PPPoE Active Discovery Initiation)

PADO (PPPoE Active Discovery Offer)

PADR (PPPoE Active Discovery Request)

PADS (PPPoE Active Discovery Session-confirmation)

PADT (PPPoE Active Discovery Terminate)

09

a7

07

65

19

alue in code field


37/45


PADI Packet

Ethernet

The destination address is broadcast address 0xffffffff and the source address is the

Ethernet address of the host. The value of ETHER_TYPE is 0x8863, the code valueis 0x09, and SESSION-ID is 0x0000. TAG_TYPE: There is one and only one

Service-Name that indicates the service requested by the host. There can be other

TAG_TYPE of any quantity.


38/45


PADO Packet

Ethernet

The destination address is the Ethernet address of the host. The source address is the

Ethernet address of the access concentrator. The value of ETHER_TYPE is 0x8863,

the code value is 0x07 and SESSION-ID is 0x0000. TAG_TYPE: There must be one

AC-Name TAG that comprises the name of the access concentrator, one Service-Name TAG that is the same as the received PADI and other Service-Name TAGs of

any quantity to indicate the services that can be provided by the concentrator.


39/45


PADR Packet

The destination address is the Ethernet address of the access concentrator and the

source address is the Ethernet address of the host. The value of ETHER_TYPE is

0x8863, the code value is 0x19, and SESSION-ID is 0x0000. TAG_TYPE: There

must be a TAG of Service-Name type to indicate the requested service to the

concentrator. There can be other TAGs of any quantity.

Ethernet


40/45


PADS Packet

The destination address is the Ethernet address of the host and the source address

is the Ethernet address of the access concentrator. The value of ETHER_TYPE is

0x8863, the code value is 0x65, and SESSION-ID is the value specified by theconcentrator to uniquely identify a PPPoE session. TAG_ TYPE: It comprises a

TAG of Service-Name type to indicate the service provided by the concentrator to

the session. It can comprise other TAGs of any quantity.

Ethernet


41/45


PADT Packet

PADT can be sent by the host or the concentrator at any time

after the session is establishedand the destination address is

unique address.

The value of ETHER_TYPE is 0x8863, the code value is 0xa7,

and SESSION-ID is the session to be terminated. TAG is notrequired.


42/45


Packet Format in the Session Phase

The LCP packet of PPP in the

PPPoE data packet

Frame type=0x8864

Destination address

(6 octets)

Source address

(6 octets)

PPP payload

Version=0x1 Type=0x1 Code=0x00

Session ID=0x0001

Length (2 octets)

PPP protocol ID=0xc021

Once a PPPoE session is

established, the host and the access

concentrator start to transmit the PPP

data via PPP. All the Ethernet frames

have unique addresses. Now thevalue of frame type is 0x8864, the

code value is 0x00, and the

SESSION-ID remains the same in the

whole session process. The PPPoE

payload field comprises a PPP data

packet.


43/45


Summary

The PPP has three components: PPP extend

Protocol, LCP protocol and NCP protocol.

The PPP completes data link configuration and

test via the LCP.

The PPP completes the configuration of

parameters needed for the network layer

communication via the NCP protocol.

PAP and CHAP working mechanism.


44/45


Summary

The PPPoE comprises the PPPoE discovery

phase and the PPPoE session phase.

The PPPoE discovery phase comprises four types

of packets: PADI, PADO, PADR and PADS.

The PADT packet is used to terminate a session.

During the PPPoE discovery phase, the value of

the Ethernet protocol field is 0x8863.

During the PPPoE session phase, the value of the

Ethernet protocol field is 0x8864.


45/45

www.huawei.com

Thank You

PPPoE Protocol

Documents

Transcript of PPPoE Protocol