Point to Point Protocol [PPP]
PPP is the most widely used and most popular WAN protocol because it offers the following features:
1. Control of Data Link setup.
2. Assignment and management of IP addresses.
3. Network protocol multiplexing.
4. Link configuration and link quality testing.
5. Error detection.
6. Option negotiation for capabilities such as network-layer address negotiation and data compression negotiation
PPP addresses the problems of Internet connectivity by employing three main components:
1. A method for encapsulating datagrams over serial links. PPP uses High-Level Data Link Control (HDLC) as a basis for encapsulating datagrams over point-to-point links.
2. A Link Control Protocol (LCP) for establishing, configuring, and testing the data-link connection.
3. A family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols. PPP is designed to allow the simultaneous use of multiple network-layer protocols. Today, PPP supports other protocols besides IP, including Internetwork Packet Exchange (IPX) and Appletalk. As shown in the Figure, PPP uses its NCP component to encapsulate multiple protocols
PPP uses a layered architecture and with its lower level functions can use:
Synchronous physical media, such as Integrated Services Digital Network (ISDN) networks.
Asynchronous physical media, such as those that use basic telephone service for modem dialup connections.
PPP goes through four distinct phrases to provide a method of establishing, configuring, maintaining, and terminating a point-to-point connection:
1. Link Establishment and configuration negotiation- An originating PPP node sends LCP frames to configure and establish the data link.
2. Link Quality determination- The link is tested to determine whether the link quality is sufficient to bring up network-layer protocols. This phase is optional.
3. Network-layer protocol configuration negotiation- The originating PPP node sends NCP frames to choose and configure network-layer protocols. The chosen network-layer protocols such as IP, Novell IPX, and AppleTalk are configured, and packets from each network-layer protocol can be sent. Packets can only be sent after this phase is complete.
4. Link termination- The link remains configured for communications until LCP or NCP frames close the link or until some external event occurs (for example, an inactivity timer expires or a user intervenes).
The authentication phase of PPP, which is entirely optional, takes place before the network-layer configuration phase commences. It requires that the remote host (calling side) of the link enter authentication information to help ensure that the user has the network administrator's permission to make that call.
PPP supports two authentication protocols. You can either select Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP). CHAP is generally the preferred protocol since PAP is not as strong.
PAP provides a simple way for a remote host to establish its identity by using a 2-way handshake. After the link establishment phase is complete; a username/password pair is repeatedly sent by the remote node until authentication is acknowledged or when the connection is terminated.
This is the reason that PAP is not a strong authentication protocol because passwords are sent across the link in clear text and there is no connection from play-back or repeated trial-and-error attacks.
CHAP, however, periodically verifies the identity of the remote node by using a three-way handshake. This is done upon initial link establishment and can be repeated any time after the link has been established. CHAP offers features such as periodic verification to improve security. This allows CHAP to be more effective than PAP since CHAP requires a challenge before authentication can take place. CHAP provides protection against playback attacks through the use of a variable challenge value that is unique and unpredictable.
PPP is designed to allow the simultaneous use of multiple network-layer protocols. PPP supports other protocols besides IP, including IPX and DECnet.
Router Commands
Router# config terminal
Router (config)# interface s0
Router (config-if)# encapsulation ppp
Router (config-if)# ppp authentication chap
Router (config-if)# ppp chap hostname [hostname]
Router (config-if)# ppp chap password [secret]
Router (config-if)# exit
Router (config)# exit
Router#
Back to Main Page
