Point-to-PointProtocol(PPP)

By: Niaz Shaikh

PPP In a network, two devices can be connected by a dedicated

link or a shared link. In the first case, the link can be used by the two devices at any time. We refer to this type of access as point-to-point access. In the second case, the link is shared between pairs of devices that need to use the link. We refer to this type of access as multiple access.

One of the most common protocols for point-to-point access is the Point-to-Point Protocol (PPP).

PPP is a byte-oriented protocol using byte stuffing with the escape byte 01111101.

Byte Stuffing

For “data transparency”, the data field must be allowed to include the pattern <01111110> ; ie, this must not be interpreted as a flag.

To alert the receiver, the transmitter “stuffs” an extra

< 01111101> byte after each < 01111110> data byte. The receiver discards each 01111101 after 01111110, and

continues data reception

PPP services

It defines the format of the frame to be exchanged between devices.

It defines how two devices can negotiate the establishment of the link and the exchanged of data.

It defines how network layer data are encapsulated in the data link frame.

It defines how two devices can authenticate each other.

PPP FRAME

PPP FRAME Flag field. The flag fields identify the boundaries of a

PPP frame. Its value is 01111110. Address field. Because PPP is used for a point-to-point

connection, it uses the broadcast address of HDCL, 11111111, to avoid a data link address in the protocol.

Control field. The control field uses the format of the U-frame in HDCL.

Protocol field. The protocol field defines what is being carried in the data field: user data or other information.

Data field. This field carries either the user data or other information.

Frame check sequence (FCS) field. This field is used for error detection.

Transition states

A PPP connection goes through different phases called transition sates.

Transition States Idle state. The idle state means that the link is not being

used. There is no active carrier, and the line is quiet. Establishing link. When one of the end point starts the

communication, the connection goes into the establishing state. In this state, options are negotiated between the two parties. If the negotiation is successful, the system goes to the authenticating state (if authentication is required) or directly to the networking state.

Authenticating state. The authenticating state is optional. If the result is successful , the connection goes to the networking state; otherwise, it goes to the terminating state.

Transition States

Networking State. When a connection reaches this state, the exchange of user control and data packets can be started. The connection remains in this state until one of the endpoints wants to terminate the connection.

Terminating state. When the connection is in the terminating state, several packets are exchanged between the two ends for house cleaning and closing the link.

PPPPPP StackStack

PPP is a data-link layer protocol, PPP uses a stack of other protocols to establish the link, to authenticate the parties involved, and to carry the network layer data.

Three sets of protocols are used by PPP:

1. Link control protocol(LCP)

2. Authentication protocols(AP)

3. Network control protocol(NCP)

Protocol stack

Link Control Protocol (LCP)

It is responsible for establishing, maintaining, configuring, and terminating links.

It also provides negotiation mechanisms to set options between endpoints. Both endpoints of the link must reach an agreement about the options before the link can be established.

When PPP is carrying an LCP packet, it is either in the establishing state or in the terminating state.

All LCP packets are carried in the data field of the PPP frame. What defines the frame as one carrying an LCP packet is the value of the protocol field, which is set to C021 (base 16).

LCP packet encapsulated in a frame

Link Control Protocol (LCP)

Code. This field defines the type of LCP packet. ID. This field holds a value used to match a request

with reply. One endpoint inserts a value in this field, which will be copied in the reply packet.

Length. This field defines the length of the entire LCP packet.

Information. This field contains extra information needed for some LCP packets.

Link Control Protocol (LCP)

Configuration packets are used to negotiate the options between the two ends. There are four different types of packets for this purpose: configure-request, configure-ack, configure-nak, and configure-reject.

Link termination packets. The link termination packets are used to disconnect the link between two endpoints.

There are two types: terminate-request and terminate-ack.

Link monitoring and debugging packets. These packets are used for monitoring and debugging the link. There are five types: code-reject, protocol-reject, echo-reply, discard-request.

LCP packets and their codesLCP packets and their codes

Code Packet Type Description

0116 Configure-request Contains the list of proposed options and their values

0216 Configure-ack Accepts all options proposed

0316 Configure-nak Announces that some options are not acceptable

0416 Configure-reject Announces that some options are not recognized

0516 Terminate-request Requests to shut down the line

0616 Terminate-ack Accepts the shut down request

0716 Code-reject Announces an unknown code

0816 Protocol-reject Announces an unknown protocol

0916 Echo-request A type of hello message to check if the other end is alive

0A16 Echo-reply The response to the echo-request message

0B16 Discard-request A request to discard the packet

Authentication Protocols

Authentication plays a very important role in PPP because PPP is designed for use over dial-up links where verification of user identity is necessary.

Authentication means validating the identity of a user who needs to access a set of resources.

PPP uses two protocols for authentication: Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP)

PAP

The PAP is a simple authentication procedure with two steps:

1. The user who wants to access a system sends an ID (identification) and a password.

2. The system checks the validity of the identification and password and either accepts or denies a connection.

For those systems that require greater security, PAP is not enough. A third party with access to the link can easily pick up the password and access the system resources.

PAP

PAP packets

CHAP

The CHAP protocol is a three-way handshaking authentication protocol that provides greater security than PAP.

In this method, the password is kept secret; it is never sent on-line.

Steps The system sends to the user a challenge packet

containing a challenge value, usually a few bytes. The user applies a predefined function that takes the

challenge value and the user’s own password and creates a result. The user sends the result in the response packet to the system.

CHAP

The system does the same. It applies the same function to the password of the user and the challenge value to create a result. If the result created is the same as the result sent in the response packet, access is granted; otherwise, it is denied.

CHAP

CHAP packets

Network Control Protocol (NCP)

After the link is established and authentication (if any) is successful, the connection goes on the networking state.

NCP is a set of control protocols to allow the encapsulation of data coming from network layer protocols into the PPP frame.

The set of packets that establish and terminate a network layer connection is called Internetwork Protocol Control Protocol (IPCP).

IPCP packet encapsulated in PPP frame

Table 12.3 Code value for IPCP packetsTable 12.3 Code value for IPCP packets

Code IPCP Packet

01 Configure-request

02 Configure-ack

03 Configure-nak

04 Configure-reject

05 Terminate-request

06 Terminate-ack

07 Code-reject

An example