Point-to-Point Protocol (PPP) : Point-to-Point Protocol (PPP) Accessing the WAN – Chapter 2
Objectives : Objectives Describe the fundamental concepts of point-to-point serial communication
Terms: TDM, demarcation point, DTE-DCE functions, HDLC encapsulation, and serial interface troubleshooting.
Describe PPP concepts including link control protocol (LCP), network control protocol (NCP), and Internet Protocol Control Protocol (IPCP).
Configure PPP on a serial interface including enabling PPP encapsulation
Verify PPP connection and troubleshooting encapsulation problems.
Configure PPP authentication including explaining PAP and CHAP authentication protocols
Parallel vs. Serial Transmission : Parallel vs. Serial Transmission WAN communication uses serial links
Parallel communication is hampered by clock skew and interference WAN serial link types
RS232 – dial up
V.35 – T1
HSSI – T3
Time Division Multiplexing : Time Division Multiplexing TDM allows multiple logical streams on one physical link
Examples: ISDN and SONET (optical) DS0 = 64kbps
Lines are multiplexed for T1 to T3 speeds
Demarcation Point : Demarcation Point Demarc indicates end of local loop and beginning of Customer Premise Equipment (CPE)
Note: Demarc varies between US and other countries NTU – Network
Terminating Unit
Role of DTE and DCE : Role of DTE and DCE DTE (usually router) connects to LAN
DCE (usually CSU/DSU) connects to WAN and service provider
DCE definition includes
Data Communication Equipment
Data Circuit-terminating Equipment
WAN Encapsulation Protocols – L2 : WAN Encapsulation Protocols – L2 HDLC – default point-to-point standard for Cisco Devices
PPP – device-to-device or device-to-host, open source and supports IPX and IP
SLIP – older IP based protocol
X.25 – older protocol, heavy error correction
Frame Relay – switchfor WAN, virtual circuits
ATM – cell based, high bandwidth
HDLC Frame and Configuration : HDLC Frame and Configuration HDLC – based on older Synchronous DLC
Provides error control and flow control through acknowledgements
Frame delimiters (flag) mark beginning/end of frame
Control field contains sequence numbers and transmission setup
Cisco version of HDLC adds a Protocol field
Identifies the Layer 3 protocol encapsulated in Data field
Troubleshooting Serial Connections : Troubleshooting Serial Connections Various error messages may include:
Serial x is down, line protocol is down
Serial x is up, line protocol is down
Serial x is up, line protocol is up (looped)
Serial x is up, line protocol is down (disabled)
Serial x is administratively down, line protocol is down
Problem solve by checking on common issues such as:
Physical connection and clocking (show controller serial)
Useful command: show cdp neighbor {detail}
Compare encapsulation (show interface serial)
Verify Layer 3 configuration (show ip interface serial)
Problem may exist at service provider (loop or disabled)
Point-to-Point Basics : Point-to-Point Basics PPP has advantages over Cisco HDLC
Link quality management
Authentication using PAP or CHAP
PPP has three sub-layers
Sub-layers of PPP : Sub-layers of PPP Functions independently of Physical layer (or interface)
LCP establishes the link
Setup, monitor, terminate
Negotiates authentication, compression, and error detection
Sub-layers of PPP : Sub-layers of PPP NCP – Network Control Protocol
Allows different L3 protocols to function on same link
Examples: IP, IPX
Different NCP’s are identified per protocol
Phases of PPP Session Establishment : Phases of PPP Session Establishment
PPP Configuration Options : PPP Configuration Options
Configuration Options in PPP Frame : Configuration Options in PPP Frame LCP frame contains option values which identify settings to the receiving device
Configuring PPP : Configuring PPP Encapsulation is set at serial interface
Router(config-if)#encapsulation ppp
Options also configured at interface
Router(config-if)#compress predictor/stac
Router(config-if)#ppp quality percentage
Router(config-if)# ppp multilink
Other Commands for Verifying PPP : Other Commands for Verifying PPP
PPP Debug Example : PPP Debug Example Start at 2.3.4
Authentication with PAP and CHAP : Authentication with PAP and CHAP
PAP Authentication : PAP Authentication 2 Way Handshake
Caller initiates authentication
Clear text password
May be viable in certain environments (no support for CHAP, plain text is acceptable or required, etc.)
Subject to re-play and man-in-the-middle attacks
CHAP Authentication : CHAP Authentication 3 Way Handshake
Called party initiates authentication exchange
Password is encrypted to protect against sniffing
Also protects against PAP weaknesses (random challenges)
PPP Authentication Flow Chart : PPP Authentication Flow Chart
Configuring PPP Authentication : Configuring PPP Authentication Authentication is configured at the interface level
Specific protocol or combination can be configured
Requires a local or server database of accounts
Configuring Accounts for Authentication : Configuring Accounts for Authentication In lab activities, a local (router configuration) database is used for accounts
Username [acount_name] password [password]
Opposing router names can be used by default
“Sent” usernames offer more flexibility
Debugging PPP Authentication : Debugging PPP Authentication
Summary : Summary PPP is a widely used WAN protocol
PPP provides multi-protocol LAN to WAN connections
PPP session establishment – 4 phases
Link establishment
Link quality determination
Network layer protocol configuration negotiation
Link termination
WAN Encapsulation
HDLC default encapsulation
PPP
Summary : Summary PPP authentication
PAP
2 way handshake
CHAP
3 way handshake
Use debug ppp authentication to confirm authentication configuration
PPP configuration
Done on a serial interface
After PPP configuration, use show interfaces command to display:
LCP state
NCP state
Chapter 2 Labs : Chapter 2 Labs Lab 2.5.1 – Basic PPP Configuration
Lab 2.5.2 – Challenge PPP Configuration
Lab 2.5.3 – Troubleshooting PPP Configuration
Slide 29 :