PPP - PowerPoint PPT Presentation

1 / 31
About This Presentation
Title:

PPP

Description:

PAP is not a strong authentication protocol. ... phase is complete, the host sends a challenge message to the remote node. ... – PowerPoint PPT presentation

Number of Views:32
Avg rating:3.0/5.0
Slides: 32
Provided by: cas759
Category:

less

Transcript and Presenter's Notes

Title: PPP


1
PPP
  • It is important to understand that WAN
    connections are controlled by protocols that
    perform the same basic functions as Layer 2 LAN
    protocols, such as Ethernet. In a LAN
    environment, in order to move data between any
    two nodes or routers, a data path must be
    established, and flow control procedures must be
    in place to ensure delivery of data.

2
PPP
  • This is also true in the WAN environment and is
    accomplished by using WAN protocols such as PPP
    Point-to-Point Protocol.
  • In the late 1980s, Serial Line Internet Protocol
    (SLIP) was limiting the Internet's growth. PPP
    was created to solve remote Internet connectivity
    problems.

3
PPP
  • PPP was needed to be able to dynamically assign
    IP addresses and allow for use of multiple
    protocols. PPP provides router-to-router and
    host-to-network connections over both synchronous
    and asynchronous circuits.
  • PPP is the most widely used and most popular WAN
    protocol because it offers all the following
    features

4
PPP
  • Control of data link setup.
  • Provides for dynamic assignment of IP addresses.
  • Network protocol multiplexing.
  • Link configuration and link quality testing.
  • Error detection.
  • Negotiation options for capabilities such as
    network-layer address negotiation and data
    compression negotiations.

5
PPP
  • PPP addresses the problems of Internet
    connectivity by employing three main components
  • A method for encapsulating datagrams over serial
    links. PPP uses High-Level Data Link Control
    (HDLC) as a basis for encapsulating datagrams
    over point-to-point links.

6
PPP
  • A Link Control Protocol (LCP) for establishing,
    configuring, and testing the data-link
    connection.

7
PPP
  • A family of Network Control Protocols (NCPs) for
    establishing and configuring different
    network-layer protocols. PPP is designed to allow
    the simultaneous use of multiple network-layer
    protocols. Today, PPP supports other protocols
    besides IP, including Internetwork Packet
    Exchange (IPX) and Appletalk. As shown in the
    Figure, PPP uses its NCP component to encapsulate
    multiple protocols.

8
(No Transcript)
9
(No Transcript)
10
PPP Layer Functions
  • PPP uses a layered architecture, as shown in the
    Figure. With its lower-level functions, PPP can
    use
  • Synchronous physical media, such as those that
    connect Integrated Services Digital Network
    (ISDN) networks.
  • Asynchronous physical media, such as those that
    use basic telephone service for modem dialup
    connections.

11
PPP Layer Functions
  • With its higher-level functions, PPP supports or
    encapsulates several network-layer protocols with
    NCPs. These higher-layer protocols include the
    following
  • BCP -- Bridge Control Protocol
  • IPCP -- Internet Protocol Control Protocol
  • IPXCP -- Internetwork Packet Exchange Control
    Protocol

12
PPP Layer Functions
  • These are functional fields containing
    standardized codes to indicate the network-layer
    protocol type that PPP encapsulates.
  • PPP provides a method of establishing,
    configuring, maintaining, and terminating a
    point-to-point connection. In order to establish
    communications over a point-to-point link, PPP
    goes through four distinct phases

13
PPP Link Negotiation
  • Link establishment and configuration
    negotiation-An originating PPP node sends LCP
    frames to configure and establish the data link.
  • Link-quality determination-The link is tested to
    determine whether the link quality is sufficient
    to bring up network-layer protocols. Note that
    this is an optional phase.

14
PPP Link Negotiation
  • Network-layer protocol configuration
    negotiation-The originating PPP node sends NCP
    frames to choose and configure network-layer
    protocols. The chosen network-layer
    protocols-such as IP, Novell IPX, and
    AppleTalk-are configured, and packets from each
    network-layer protocol can be sent.

15
PPP Link Negotiation
  • Link termination-The link remains configured for
    communications until LCP or NCP frames close the
    link or until some external event occurs (for
    example, an inactivity timer expires or a user
    intervenes).
  • There are three classes of LCP frames

16
PPP Link Negotiation
  • Link establishment frames-Used to establish and
    configure a link.
  • Link termination frames-Used to terminate a link.
  • Link maintenance frames-Used to manage and debug
    a link.

17
PPP Link Negotiation
  • In the link establishment and configuration
    negotiation phase, each PPP device sends LCP
    packets to configure and establish the data link.
    LCP packets contain a configuration option field
    that allows devices to negotiate the use of
    options, such as the maximum transmission unit
    (MTU), compression of certain PPP fields, and the
    link authentication protocol.

18
PPP Link Negotiation
  • Before any network-layer datagrams (for example,
    IP) can be exchanged, LCP must first open the
    connection and negotiate the configuration
    parameters.

19
Phase II Link Quality Determination
  • LCP allows an optional link-quality determination
    phase following the link establishment and
    configuration negotiation phase. In the
    link-quality determination phase, the link is
    tested to determine whether the link quality is
    good enough to bring up network-layer protocols.

20
Phase II Link Quality Determination
  • In addition, after the link has been established
    and the authentication protocol chosen, the
    client or user workstation can be authenticated.
    Authentication, if used, takes place before the
    network-layer protocol configuration phase
    begins. LCP can delay transmission of
    network-layer protocol information until this
    phase is completed.

21
Phase II Link Quality Determination
  • PPP supports two authentication protocols
    Password Authentication Protocol (PAP) and
    Challenge Handshake Authentication Protocol
    (CHAP).

22
Phase III Network Layer Protocol Configuration
  • When LCP finishes the link-quality determination
    phase, network-layer protocols can be separately
    configured by the appropriate NCP and can be
    brought up and taken down at any time.

23
Phase III Network Layer Protocol Configuration
  • In this phase, the PPP devices send NCP packets
    to choose and configure one or more network-layer
    protocols (such as IP).
  • When PPP is configured, you can check its LCP and
    NCP states by using the show interfaces command.

24
Phase IV Link Termination
  • LCP can terminate the link at any time. This is
    usually done at the request of a user but can
    happen because of a physical event, such as the
    loss of a carrier or a timeout.

25
PAP
  • The authentication phase of a PPP session is
    optional. After the link has been established,
    and the authentication protocol chosen, the peer
    can be authenticated. If it is used,
    authentication takes place before the
    network-layer protocol configuration phase
    begins.

26
PAP
  • The authentication options require that the
    calling side of the link enter authentication
    information to help ensure that the user has the
    network administrator's permission to make the
    call. Peer routers exchange authentication
    messages.

27
PAP
  • When configuring PPP authentication, you can
    select Password Authentication Protocol (PAP) or
    Challenge Handshake Authentication Protocol
    (CHAP). In general, CHAP is the preferred
    protocol.

28
PAP
  • Using a two-way handshake, after the PPP link
    establishment phase is complete, a
    username/password pair is repeatedly sent by the
    remote node across the link until authentication
    is acknowledged or the connection is terminated.
  • PAP is not a strong authentication protocol.
    Passwords are sent across the link in clear text,
    and there is no protection from playback or
    repeated trial-and-error attacks.

29
CHAP
  • CHAP is used to periodically verify the identity
    of the remote node, using a three-way handshake.
  • This is done upon initial link establishment and
    can be repeated any time after the link has been
    established. CHAP offers features such as
    periodic verification to improve security this
    makes CHAP more effective than PAP.

30
CHAP
  • CHAP does not allow a caller to attempt
    authentication without a challenge.
  • After the PPP link establishment phase is
    complete, the host sends a challenge message to
    the remote node. The remote node responds with a
    value. The host checks the response against its
    own value. If the values match, the
    authentication is acknowledged. Otherwise, the
    connection is terminated.

31
CHAP
  • CHAP provides protection against playback attacks
    through the use of a variable challenge value
    that is unique and unpredictable.
  • The use of repeated challenges is intended to
    limit the time of exposure to any single attack.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "PPP" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!