point-to-point protocol
DESCRIPTION
Point-to-Point Protocol. Semester 4, Chapter 4. PPP and Data Links. PPP operates at the Data Link layer. Components of PPP include: A method for encapsulating packets (datagrams) over serial links - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/1.jpg)
Point-to-Point Protocol
Semester 4, Chapter 4
![Page 2: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/2.jpg)
PPP and Data Links
PPP operates at the Data Link layer. Components of PPP include: A method for encapsulating packets (datagrams) over serial
links The Link Control Protocol (LCP) to establish., maintain, test and
terminate the data-link connection The Network Control Protocol (NCP) to allow simultaneous
encapsulation of multiple network layer protocols across the same data-link which is refered to as protocol Multiplexing
At the physical layer, PPP can be used across synchronous (e.g., ISDN, leased lines) and asynchronous (e.g., modem dialup) data links.
![Page 3: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/3.jpg)
PPP Layer Functions
![Page 4: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/4.jpg)
Figure shows that PPP is similar to an HDLC frame.
The Protocol field contains the Layer 3 protocol ID.
Figure 1Figure 1
Figure 2Figure 2
![Page 5: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/5.jpg)
PPP Layer Functions
PhysicalPhysicalSynchronous or asynchronous Synchronous or asynchronous
physical media (Router to physical media (Router to Router, or Host to Network)Router, or Host to Network)
Data LinkData Link
High-Level Data Link Control High-Level Data Link Control (HDLC)(HDLC)
Network Control Protocol Network Control Protocol (NCP)(NCP)
(specific to ea. Network layer (specific to ea. Network layer protocol ex. IPCP, IPXCP)protocol ex. IPCP, IPXCP)
Link Control Protocol (LCP) Link Control Protocol (LCP) (Authentication, Compression, MLP, (Authentication, Compression, MLP,
and Call Back)and Call Back)
![Page 6: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/6.jpg)
PPP Session Establishment
![Page 7: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/7.jpg)
Phases of PPP Establishment
PPP goes through four distinct phases to provide communications over point-to-point links1. Link establishment & configuration negotiation
2. Link quality determination
3. Network-layer protocol configuration negotiation
4. Link termination
![Page 8: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/8.jpg)
1. Link Establishment & Configuration Negotiation Link establishment occurs at the data link layer with each PPP
device sending LCP packets. The Link Control Protocol packets contain a configuration field for
options such as... MTU compression link authentication MLP Call back
LCP must establish the link before any network layer protocols can be exchanged
This phase is completed when a configuration acknowledgement has been sent and received.
![Page 9: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/9.jpg)
2. Link-Quality Determination PPP provides optional testing to determine
whether the link is good enough to bring up network layer protocols.
In addition, if authentication is required it occurs during this phase:PAP (Password Authentication Protocol)CHAP (Challenge Handshake Authentication Protocol)
Authentication occurs before the network layer configuration phase begins.
![Page 10: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/10.jpg)
3. Network-Layer Negotiation
Once LCP finishes the link-quality phase, network layer protocols can be configured by the appropriate NCP
NCPs are sent for each protocol (e.g., IP, IPX, AppleTalk)
If LCP terminates the link, it informs NCP so it can take the appropriate action
To view the status of LCP and NCP, use the show interfaces command
![Page 11: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/11.jpg)
4. Link Termination
LCP can terminate the link at any time. Reasons include:Requested by user (closing internet
connection)Loss of carrier at the physical layer
![Page 12: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/12.jpg)
Enabling PPP
You enable PPP encapsulation on an interface by using the following command: Router(config-if)#encapsulation ppp
Thus, if you want dial-in hosts on terminal line 2 to use PPP, you would enter the following commands: RTA(config)#interface async 2RTA(config-if)#encapsulation ppp
Note that the encapsulation command is issued in interface configuration mode, not line configuration mode.
![Page 13: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/13.jpg)
Dialup PPP vs. Dialup EXEC Sessions EXEC Sessions: No IP
addressing or PPP encapsulation is needed for this type of connection. Data is sent as asynchronous characters.
Dialup PPP: a remote host can dial in to an access server and send a Layer 3 protocol packet encapsulated by PPP. This type of connection allows the remote user to access network resources such as file servers and mail servers
You can also configure the router's asynchronous interface to automatically select between PPP data sessions and EXEC sessions.
![Page 14: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/14.jpg)
Async Interface Commands Enabling this feature requires two steps. First, you must configure the
asynchronous interface(s) with the async mode interactive command in interface configuration mode. This command configures the router so that it allows the remote host to choose either a PPP session or an EXEC session. The following example shows how to configure interface async 1: RTA(config)#interface async 1
RTA(config-if)#encapsulation pppRTA(config-if)#async mode interactive
Second, you must configure the corresponding terminal line(s) with the autoselect ppp command in line configuration mode. To complete the example configuration, you would enter the following commands: RTA(config)#line 1
RTA(config-line)#autoselect ppp during-login The autoselect command permits the access server to allow an appropriate
process to start automatically when a starting character is received. If the start character is a return character, then the access server starts an EXEC session. On the other hand, if the access server recognizes the start character as PPP, SLIP, or ARAP, it will begin a session for whichever protocol it detects . So, if an end user is using a program that sends a PPP frame which has a flag character 7E in hexadecimal (or 01111110 in binary) format, the access server will automatically start a PPP session.
![Page 15: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/15.jpg)
Dedicated Mode VS. Interactive Mode
![Page 16: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/16.jpg)
Assigning An IP address to The Async Interface and To The Remote User RTA(config)#interface async 1
RTA(config-if)#ip address 10.1.1.1 255.255.255.0
![Page 17: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/17.jpg)
![Page 18: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/18.jpg)
LCP options1. Authentication
![Page 19: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/19.jpg)
Authentication Authentication, with PAP or
CHAP, is used as a security measure with PPP. Authentication allows the dial-up target to identify that any given dialup client is a valid client with a preassigned username and password.
If chosen, occurs during the link-quality determination phase.
Requires that the calling side of the link Provide authentication information.
The two authentication options supported by PPP are: PAP (Password Authentication
Protocol) CHAP (Challenge Handshake
Authentication Protocol)
![Page 20: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/20.jpg)
PAP Is Not As Good As CHAP Password Authecntication
Protocol (PAP): Passwords are sent across the link in
clear text The remote node is in control of the
frequency and timing of the login attempts.
Challenge Handshake Authentication Protocol (CHAP): Encryption and Hashing The access server is in charge of the
frequency and timing of the login attempts
Authentication is done upon initial link establishment and may be repeated any time after the link has been established.
![Page 21: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/21.jpg)
Configuring PAP Mutual Authentication On each router, define the user name and password to except from the remote router. Enable PPP and PAP on the interface.
Lab-A(config)#username Lab-B password class
Lab-A(config-if)#encap pppLab-A(config-if)#ppp authentication papLab-A(config-if)#ppp pap sent-username Lab-A password cisco---------Lab-B(config)#username Lab-A password cisco
Lab-B(config-if)#encap pppLab-B(config-if)#ppp authentication papLab-B(config-if)#ppp pap sent-username Lab-B password class
![Page 22: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/22.jpg)
Configuring CHAP
Lab-A(config)#username Lab-B password cisco
Lab-A(config-if)#encap pppLab-A(config-if)#ppp authentication chap
---------Lab-B(config)#username Lab-A password cisco
Lab-B(config-if)#encap pppLab-B(config-if)#ppp authentication chap
![Page 23: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/23.jpg)
Verifying Authentication To verify that you have PAP or CHAP configured
correctly, use the debug features of Cisco’s IOS.Close all telnet sessions first to return to the original
consoled router. In Privileged Exec. Mode, enter the command…
Lab-A#debug ppp authenticationGo to the ppp interface. Shut it down and then bring it
back up. You should see PAP or CHAP info come across the link as it comes back up and the routers authenticate each other.
![Page 24: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/24.jpg)
LCP options2. Compression
![Page 25: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/25.jpg)
Data Compression
PPP can also maximize performance by using data compression, which may provide higher data throughput across low-speed links
![Page 26: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/26.jpg)
Data Compression Compression is an option that is negotiated by LCP. So, if the
party you are calling is not configured for compression, no compression will take place.
Typically, you should only configure compression on low-speed links because the router compresses data using software, which requires router CPU time and memory. Some algorithms are more memory-intensive; others are more CPU-intensive. In either case, the router's ability to route packets is impaired by the drain on its resources.
If you frequently transfer already compressed data, such as graphics and video, you need to consider whether you want to set up compression. Trying to compress already compressed data can take longer than transferring the data without compression. Ideally, you can attain a 2:1 or 3:1 compression ratio for information that was not previously compressed. Expect an average of 1.6:1 compression for mixed compressed and uncompressed source data. The ratio for compressed data is 1:1.
![Page 27: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/27.jpg)
Compression Types
![Page 28: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/28.jpg)
Configuring Compression
![Page 29: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/29.jpg)
Verifying Compression
![Page 30: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/30.jpg)
ReviewPPP Main Components
![Page 31: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/31.jpg)
PPP
EncapsulationSynchronous and asynchronousPPP provides error detection
![Page 32: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/32.jpg)
Link Control Protocol
Establishes, configures, test, and terminate the data link connection.
Authenticates the identity of a the peer on the link.
Performs data compression Negotiates Options
![Page 33: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/33.jpg)
Network Control Protocol
Opens, configures, and terminates network layer protocol.
Internet Protocol Control Protocol (IPCP) is a sub protocol of NCP.
IPCP configures IP at the network layer and can negotiate IP address such as using DHCP.
Multilink Protocol (MLP) links the LCP and NCP layers.
![Page 34: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/34.jpg)
PPP IOS Commands
![Page 35: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/35.jpg)
User Control
Configuring the router to provide a prompt for entering encapsulation information and an IP address,
Or, you can take the prompt away and assign everything by the router
![Page 36: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/36.jpg)
Async Mode Dedicated
The exec Prompt does not appear The interface will use either SLIP or PPP
encapsulation as configured by the network engineer.
Example: Interface Async 4Async mode dedicated Encapsulation SLIP
![Page 37: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/37.jpg)
Async Mode Interactive
Allows SLIP and PPP EXEC commands for the user.
Example: Interface Async 6Async mode interactive
![Page 38: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/38.jpg)
Providing IP address
Peer default IP addressThe server router gives an IP address to the
client.Example:
Interface async 1 Peer default IP-address 172.16.42.26
![Page 39: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/39.jpg)
Pooling Local A set of IP addresses is defined in a local
database Simplest mechanism for assigning IP addresses. Suitable when there is only one access server
providing access to the network. Example:
(config)# IP address-Pool Local (config)# IP local pool Sales 172.16.80.1 172.16.80.16 (config)#Int async 1 (config-if) Peer default IP-address pool Sales
![Page 40: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/40.jpg)
ISDN example-Address pool
(config)# username bill password bailey (config)# IP local-pool isdnpool 192.1.170.2
192.1.170.9 (config)# IP address-pool local (config)# Int bri0
(config-if) encapsulation PPP (config-if) IP address 192.1.170.1 255.255.255.0 (config-if) per default IP address pool isdnpool (config-if) PPP authentication chap
![Page 41: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/41.jpg)
Pool-DHCP
A pool of IP addresses is defined inside a centralized IP address server, called DHCP server.
This central database can serve addresses to several different access servers at the same time
You can enable DHCP address pooling on an access server by performing the following commands: Specify that the access server uses the DHCP client-proxy on all
asynchronous interfaces by using the command: (config)#IP address-pool dhcp-proxy-client.
Specify at least one and up to ten IP addresses of DHCP servers. (config)#IP DHCP-server 192,168.5.5
Configure the appropriate interfaces using the command: (config-if)# peer default ip-address dhcp
![Page 42: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/42.jpg)
Example DHCP Pooling
(config)# IP address-pool dhcp-proxy-client
(config)# Interface group-async 1 (config-if) encapsulation PPP (config-if) Peer default IP-address dhcp
![Page 43: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/43.jpg)
Group Asynchronous Interfaces
Gather asynchronous interfaces into a group interface and configure only the group interface to eliminate manual configuration duplication.
Example: (config)# Interface group-async 0 (config)# Group-range 2 7 (config)# Interface group-async 0 (config-if)# encapsulation PPP (config-if)# member 1 async default IP address 172.30.1.1
![Page 44: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/44.jpg)
Link Control Protocol Options
Authentication Callback Compression Multilink
![Page 45: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/45.jpg)
PPP Callback
Why?: Minimizing cost Centralized billing
Process that occur during a PPP callback connection:
1. Initiation of a call by a client. The client requests callback as one of the options during the LCP negotiation phase.
2. Callback request is acknowledged by the server, and the server checks its configurations to see if the call is allowed.
![Page 46: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/46.jpg)
PPP Callback
Process that occur during a PPP callback connection:
3. User authentication occurs, and the client username is used in the dialer map command to identify the dial string to be used in the return call.
4. If the authentication is successful but there is no callback option, the call continues but the client pays for the call; otherwise, the call is disconnected by the server.
![Page 47: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/47.jpg)
PPP Callback
Process that occur during a PPP callback connection:
5. Client is called by the server using the dial string.
6. Authentication occurs again.
7. The connection continues.
![Page 48: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/48.jpg)
Example-async PPP Callback
Router1 (Callback server)(config)# username callman callback-
dialstring 5551234 password cisco(config)# Int async 7(config-if) PPP call back accept
PCMust support RFC 1570 for PPP callback.
![Page 49: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/49.jpg)
Multilink PPP (MLP)
It allows you to combine channels into a multilink bundle so that data could be sent at a higher rates.
Example: Interface bri0 IP address 1.2.3.4 255.255.255.0 Encapsulation PPP PPP authentication chap PPP multilink Dialer map IP 1.0.0.5 name mlpPeer 5554444 Dialer load threshold 128 either
![Page 50: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/50.jpg)
PPP compression Data compression:
Stacker: More CPU intensive, and less memory intensive
Predictor: Less CPU intensive and more memory intensive
(config-if) PPP compress predictor TCP header compression
(config-if) IP TCP header-compression passive
![Page 51: Point-to-Point Protocol](https://reader035.vdocument.in/reader035/viewer/2022081420/56815923550346895dc64cc9/html5/thumbnails/51.jpg)
Verifying and troubleshooting
Debug PPP CHAP: If the remote host passed the authentication
the message “ remote passed CHAP authentication”. Or “failed CHAP authentication with remote”
Debug PPP negotiation:Check for address negotiation (IPCP)