point to point protocol n.
Skip this Video
Loading SlideShow in 5 Seconds..
Point-to-Point Protocol PowerPoint Presentation
Download Presentation
Point-to-Point Protocol

Point-to-Point Protocol

118 Vues Download Presentation
Télécharger la présentation

Point-to-Point Protocol

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Point-to-Point Protocol Semester 4, Chapter 4 Allan Johnson

  2. Go There! Go There! Table of Contents Introduction to PPP PPP Session Establishment Go There! PPP Authentications

  3. Table of Contents End Slide Show Introduction to PPP

  4. PPP Replaced SLIP • PPP was created specifically to address the limitations of SLIP (Serial Line Internet Protocol) and to allow... • PPP is a versatile, widely used WAN protocol with the following features: • Control of data link setup • dynamic assignment of IP addresses • Network protocol multiplexing • Link configuration and quality testing • Error detection • Negotiation options

  5. PPP and Data Links • PPP operates at the Data Link layer. Components of PPP include: • A method for encapsulating packets (datagrams) over serial links • The Link Control Protocol (LCP) to estab., maintain, test and terminate the data-link connection • The Network Control Protocol (NCP) to allow simultaneous encapsulation of multiple network layer protocols across the same data-link • At the physical layer, PPP can be used across synchronous (e.g., ISDN) and asynchronous (e.g., modem dialup) data links.

  6. PPP Layer Functions

  7. PPP Layer Functions Data Link Network Control Protocol (NCP) (specific to ea. Network layer protocol) Link Control Protocol (LCP) (Authentication, other options) High-Level Data Link Control (HDLC) Physical Synchronous or asynchronous physical media

  8. PPP Frame Formats • Flag - Indicates the beginning or end of a frame • Address - broadcast address; PPP does not assign individual station addresses. • Control - 1 byte calling for a connection-less data link • Protocol - identifies the network protocol • Data - contains the upper layer datagram • FCS - characters added to a frame for error control purposes.

  9. Table of Contents End Slide Show PPP Session Establishment

  10. Phases of PPP Establishment • PPP goes through four distinct phases to provide communications over point-to-point links • Link establishment & configuration negotiation • Link quality determination • Network-layer protocol configuration negotiation • Link termination

  11. 1. Link Estab. & Config. Negotiation • Link establishment occurs at the data link layer with each PPP device sending LCP packets. • The Link Control Protocol packets contain a configuration field for options such as... • MTU • compression • link authentication • LCP must establish the link before any network layer protocols can be exchanged • This phase is complete when a configuration acknowledgement has been sent and received.

  12. 2. Link-Quality Determination • PPP provides optional testing to determine whether the link is good enough to bring up network layer protocols. • In addition, if authentication is required it occurs during this phase: • PAP (Password Authentication Protocol) • CHAP (Challenge Handshake Authentication Protocol) • Authentication occurs before the network layer configuration phase begins.

  13. 3. Network-Layer Negotiation • Once LCP finishes the link-quality phase, network layer protocols can be configured by the appropriate NCP • NCPs are sent for each protocol (e.g., IP, IPX, AppleTalk) • If LCP terminates the link, it informs NCP so it can take the appropriate action • To view the status of LCP and NCP, use the show interfaces command

  14. 4. Link Termination • LCP can terminate the link at any time. Reasons include: • Requested by user (closing internet connection) • Loss of carrier at the physical layer

  15. Table of Contents End Slide Show PPP Authentications

  16. Authentication • If chosen, occurs during the link-quality determination phase. • Requires that the calling side of the link enter authentication information. • Ensures that the users has net. admin.’s permission to make the call • The two authentication options supported by PPP are: • PAP (Password Authentication Protocol) • CHAP (Challenge Handshake Authentication Protocol)

  17. PAP • Simple authentication requiring a two-way handshake. • A username/password pair is repeatedly sent to the called router until authentication is acknowledge or the link is terminated. • Passwords are sent as clear text (not secure) • The remote router is control of the frequency and timing of the login attempts and send password repeatedly

  18. Configuring PAP • On each router, define the user name and password to except from the remote router. • Enable PPP and PAP on the interface. Lab-A(config)#username Lab-B password class Lab-A(config-if)#encap ppp Lab-A(config-if)#ppp authentication pap Lab-A(config-if)#ppp pap sent-username Lab-A password cisco --------- Lab-B(config)#username Lab-A password cisco Lab-B(config-if)#encap ppp Lab-B(config-if)#ppp authentication pap Lab-B(config-if)#ppp pap sent-username Lab-B password class

  19. CHAP • CHAP use a three-way handshake to periodically verify the identity of the calling router. • This is done during link establishment and (unlike PAP) can be repeated any time during link maintenance. • Does not allow caller to attempt authentication without a challenge (a variable value that is unique and unpredictable) • The local router is in charge of timing and frequency of authentication. • Passwords are encrypted.

  20. Configuring CHAP • You can use the same hostname on multiple routers when you want remote users to think they are logging into the same router. Lab-A(config)#username Lab-B password cisco Lab-A(config-if)#encap ppp Lab-A(config-if)#ppp authentication chap --------- Lab-B(config)#username Lab-A password cisco Lab-B(config-if)#encap ppp Lab-B(config-if)#ppp authentication chap

  21. Verifying Authentication • To verify that you have PAP or CHAP configured correctly, use the debug features of Cisco’s IOS. • Close all telnet sessions first to return to the original consoled router. • In Privileged Exec. Mode, enter the command… • Lab-A#debug ppp authentication • Go to the ppp interface. Shut it down and then bring it back up. You should see PAP or CHAP info come across the link as it comes back up and the routers authenticate each other.

  22. Table of Contents End Slide Show