Module 2
Point-to-Point Protocol (PPP)
�Objectives
Describe the fundamental concepts of point-to-point
serial communication.
Describe key PPP concepts.
Configure PPP encapsulation.
Explain and configure PAP and CHAP authentication.
�Serial point-to-point links
�Introduction to Serial Communication
WAN technologies are based on serial transmission at the physical layer.
This means that the bits of a frame are transmitted one at a time over the physical
medium.
Some of the many different serial communications standards are the following:
RS-232-E: serial ports on personal computers
V.35: high-speed, synchronous data exchange standard. V.35 is the interface
standard used by most routers and DSUs (modem)
High Speed Serial Interface (HSSI): supports transmission rates up to 52 Mb/s
�Time Division Multiplexing
TDM is a physical layer concept. It has no regard for the nature of the
information that is being multiplexed onto the output channel
TDM is independent of the Layer 2 protocol that has been used by the input
channels
In analogy, compare TDM to a train with 32 railroad cars
�TDM Example: ISDN and SONET
SONET
ISDN
�DTE-DCE
�Serial Connection Options
�Serial Connection in Lab
�WAN Data Link Layer Concepts
WAN Datalink Protocol
Router(config)#interface serial slot/port number
Router(config-if)#encapsulation ppp| hdlc| frame-relay
10
�Configuring HDLC Encapsulation
11
�Troubleshooting a Serial Interface
There are some possible problem states can be identified in the interface
status line of the show interface serial display:
Serial x is down, line protocol is down.
Serial x is up, line protocol is down.
Serial x is up, line protocol is up (looped).
Serial x is administratively down, line protocol is down.
12
�PPP Concepts
�Introducing PPP
14
�PPP Layered Architecture
15
�PPP and the Data link Layer
16
�LCP features
17
�PPP and the Network Layer
18
�Establishing a PPP Session
LCP
LCP
NCP
19
�Link-establishment phase
In this phase each PPP device sends LCP frames to configure and test the data
link.
LCP frames contain a configuration option field that allows devices to negotiate
the use of options such as the maximum transmission unit (MTU), compression of
certain PPP fields, and the link-authentication protocol.
If a configuration option is not included in an LCP packet, the default value for that
configuration option is assumed.
Before any network layer packets can be exchanged, LCP must first open the
connection and negotiate the configuration parameters.
This phase is complete when a configuration acknowledgment frame has been
sent and received.
20
�Optional Phase
After the link has been established and the authentication protocol
decided on, the peer may be authenticated.
Authentication, if used, takes place before the network layer protocol
phase is entered.
As part of this phase, LCP also allows for an optional link-quality
determination test.
The link is tested to determine whether the link quality is good
enough to bring up network layer protocols
21
�Network Layer Protocol Phase
In this phase the PPP devices send NCP packets to choose and
configure one or more network layer protocols, such as IP.
Once each of the chosen network layer protocols has been
configured, packets from each network layer protocol can be sent
over the link.
The show interfaces command reveals the LCP and NCP
states under PPP configuration.
22
�PPP Layer Functions
The show interfaces command reveals the LCP and
NCP states under PPP configuration.
LCP
NCP
23
�Configuring PPP
�Configuring PPP
Router#configure terminal
Router(config)#interface serial slot/port_number
Router(config-if)#encapsulation ppp
25
�PPP Authentication Protocols
1. Link establishment
2. Link quality determination, Authentication - Optional
3. Network layer protocol configuration
26
�Password Authentication Protocol (PAP)
PAP provides a simple method for a remote node to establish its identity,
using a two-way handshake.
After the PPP link establishment phase is complete, a username/password
pair is repeatedly sent by the remote node across the link until authentication
is acknowledged or the connection is terminated.
PAP is not a strong authentication protocol.
Passwords are sent across the link in clear text
27
�Challenge Handshake Authentication
Protocol (CHAP)
CHAP is used at the startup of a link and periodically verifies the
identity of the remote node using a three-way handshake.
After the PPP link establishment phase is complete, the local
router sends a "challenge" message to the remote node.
The remote node responds with a value calculated using a oneway hash function, which is typically Message Digest 5 (MD5).
This response is based on the password and challenge message.
The local router checks the response against its own calculation of
the expected hash value.
If the values match, the authentication is acknowledged, otherwise
the connection is immediately terminated.
28
�PPP Encapsulation and
Authentication Process
29
�Configuring PPP Authentication
30
�Configuring PPP Authentication
Enabling PPP
Enabling PPP
Enabling PPP Authentication
Enabling PPP Authentication
31
�PAP Configuration
32
�CHAP Configuration
33
�Verifying PPP
34
�PPP Configuration Commands
35
�Debug PPP Authentication
36
�Good luck with this module!
