7/28/2019 PPP protokol

1/9

Peter R. Egli 20131

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

Contents1. Overview of PPP

2. SLIP - Serial Line IP

3. PPP protocol features4. PPP Protocol Stack

5. PPP framing

6. LCP and NCP

7. Typical PPP session

8. PPP authentication

PPP

7/28/2019 PPP protokol

2/9

Peter R. Egli 20132

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

1. Overview of PPP Layer2 protocols run on lines (serial, dial-up) that do not provide a framing (raw bit pipes). PPP is a collection of protocols; each of these protocols provides a specific function.

Physical bi t transpo rt

Framing (message bound ary)

Link (layer 2) establ ishment and option negotiat ion

I want compression

ok

Exchange of IP packets

Assignment of IP address, DNS server

Your IP: 1.2.3.4 and DNS: 2.3.4.5

HH Payload HT HH Payload HT HH Payload HT

IP

HDLC

Phy

LCP

PAP

CHAP

EAP

IP

NCP

HDLC

Phy

LCP

PAP

CHAP

EAP

IP

NCP

Authenticat ion of user

Tell me who you are

I am user@domain.com+password

Client (initiator) Server (responder)

IP IP IP

IP: 1.2.3.4

DNS: 2.3.4.5

7/28/2019 PPP protokol

3/9

Peter R. Egli 20133

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

2. SLIP (Serial Line IP, RFC1055) versus PPP SLIP was used as framing protocol over serial lines before the advent of PPP. SLIP framing:

Frame delimiter: The byte 0xC0 serves as frame delimiter.Transparency: 0xDB, 0xDC is used as escape sequence for 0xC0 in payload:

0xC0 in payload becomes 0xDB 0xDC in SLIP frame. 0xDB in payload becomes 0xDB 0xDD in SLIP frame.

SLIP has some deficiencies:1. SLIP does not have error detection mechanism (left to TCP to detect and recover from errors

on the transmission line).

2. SLIP only supports IP (no other layer 3 protocols).

3. SLIP does not provide dynamic IP address assignment.

4. SLIP does not provide authentication.

PPP was devised in order to overcome the deficiencies of SLIP.

7/28/2019 PPP protokol

4/9

Peter R. Egli 20134

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

3. PPP (RFC1661 et.al.) protocol features PPP is not a single protocol but a protocol suite and consists of:

1. Framing method (frame/packet delineation):

Serial lines provide bit transport, thus a means for finding the start of packets isrequired.

2. Link control protocol (LCP):

LCP is used for establishing a data link including options for the operation.

3. Network control protocol (NCP):

Each network protocol, e.g. IP, has its own NCP for establishing and

configuring the network-layer operation.

4. Authentication protocols (CHAP, PAP, EAP):

Client (and optional server) authentication make sure the right communication

partners talk to each other.

5. Encryption protocols (ECP, DES, AES etc.) for privacy.

6. Bandwidth control (BACP):

Bonding of multiple channels (Multilink PPP-MLPPP) to provide more bandwidth.

7. Compression control (CCP).

Serial lines are usually comparably slow. Compression provides more throughput.

PPP affords error detection (checksum). PPP allows to dynamically assign an IP address (NCP). PPP provides authentication (PAP / CHAP) PPP is a symmetric protocol: the 2 parties in a PPP session are the initiator (I, usually client)and the responder (R, usually server).

7/28/2019 PPP protokol

5/9 Peter R. Egli 20135

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

4. PPP protocol stack

HDLC-like framing

LCP

PAP / CHAP / EAP

ECP

CCP IPCP BCP

LQR / LQM

BAP/BACP

CCP Compression Control Protocol:

Negotiation and control of compression

on both ends of link.

IPCP IP Control Protocol (is a NCP Network Control Protocol):

Establishment of IP on both ends of point-to-point link (mainly assignment of IP address, default gateway

and DNS server from responder to initiator).

BCP Bridging Control Protocol:Establishment of bridging modules on both ends of point-to-point link (similar to IPCP, but instead of routing initializes

bridging).

BAP/BACP Bandwidth Allocation (Control) Protocol:

BAP/BACP can be used to add/remove individual links in a multi-link bundle (MultiLink PPP).

ECP Encryption Control Protocol:

Configuring and enabling of encryption on both ends of the link.

CHAP CHallenge Authentication Protocol:

Description see below.

PAP Password Authentication Protocol:

Description see below.EAP Extensible Authentication Protocol:

Protocol supporting a range of authentication algorithms/protocols

LCP Link Control Protocol:

Negotiation and control of link parameters on both ends (MRU Max. Receive Unit, header compression, encapsulation).

LQR Link Quality Report:

Monitoring of link quality.

7/28/2019 PPP protokol

6/9 Peter R. Egli 20136

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

5. PPP framing PPP framing is a variant of HDLC (High Level Data Link Control).

PPP framing is character oriented (frame always integral number ofbytes (byte stuffing).

The field address is fixed = 11111111b which means that all stations are to accept the frame. Control = 00000011b which means that the frame is unnumbered (PPP does provide errordetection, but no error correction; reliable transmission with PPP is set forth in RFC1663).

The protocol field identifies the Layer 3 protocol contained in the payload (valuessee IANA assigned numbers).

The payload is variable length (default 1500 bytes). The checksum is either a 2 byte CRC16 (default) or 4 byte CRC32 (frame > 4kB).

Flag=0x7E Address11111111

Control00000011

Protocol Checksum Flag=0x7EPayload

1 1 1 1 or 2 variable 2 or 4 1

7/28/2019 PPP protokol

7/9 Peter R. Egli 20137

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

6. LCP and NCPA. LCP (Link Control Protocol):

Used for establishing the link. Allows to negotiate link options:

Authentication protocol to be used.

Header compression / address field compression.

MRU (maximum receive unit).

Periodically test the link (LCP Echo request / reply). Bring down the link gracefully when no longer in use.

B. NCP (Network Control Protocol):

Dynamic assignment of IP address. Dynamic assignment of DNS primary and secondary server.

The host must set a default route to the PPP interface since there is no defaultgateway IP address (the link is point-to-point with no IP address = unnumbered).

7/28/2019 PPP protokol

8/9 Peter R. Egli 20138

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

7. Typical PPP sessionI: Initiator, R: Responder

I: 1 0.000000 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP LCP PPP LCP Configuration Request

R: 2 0.028594 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP LCP PPP LCP Configuration Request

I: 3 0.029362 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP LCP PPP LCP Configuration Ack

R: 4 0.030818 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP LCP PPP LCP Configuration Reject

I: 5 0.031299 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP LCP PPP LCP Configuration Request

R: 6 0.063986 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP LCP PPP LCP Configuration Ack

I: 7 0.064776 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP LCP PPP LCP Identification

I: 8 0.066026 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP LCP PPP LCP Identification

R: 9 0.068683 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP CHAP PPP CHAP Challenge

I: 10 0.069147 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP CHAP PPP CHAP Response

R: 11 0.718392 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP CHAP PPP CHAP Success

I: 12 0.720670 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP CCP PPP CCP Configuration RequestI: 13 0.722227 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP IPCP PPP IPCP Configuration Request

R: 14 0.885780 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP IPCP PPP IPCP Configuration Request

I: 15 0.932285 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP IPCP PPP IPCP Configuration Ack

I: 16 0.933597 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP IPCP PPP IPCP Configuration Request

R: 17 0.959508 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP IPCP PPP IPCP Configuration Nak

I: 18 0.960196 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP IPCP PPP IPCP Configuration Request

R: 19 0.984960 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP IPCP PPP IPCP Configuration Ack

... PPP data

R: 20 1.156618 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP LCP PPP LCP Echo Request

I: 21 1.275972 20:53:45:4e:44:17 -> 20:53:45:4e:44:17 PPP LCP PPP LCP Echo Reply

R: 22 11.156947 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP LCP PPP LCP Echo Request

R: 25 13.341129 20:52:45:43:56:17 -> 20:52:45:43:56:17 PPP LCP PPP LCP Termination Ack

C: Client server trafficS: Server client traffic

7/28/2019 PPP protokol

9/9 Peter R. Egli 20139

Rev. 2.50

PPP - Point to Point Protocol RFC1661 indigoo.com

8. PPP authentication PAP and CHAP are used for Authentication with PPP (is the one I am talking to the onehe pretends to be?).

PAP RFC1661 Password Authentication Protocol:* PAP simply sends a username and password (cleartext) to the remote computer.

* Thus PAP is considered insecure.

* PAP is symmetric and does not allow asymmetric settings with an authenticator

and a peer (authenticator authenticates peer).

CHAP RFC1994 Challenge Handshake Authentication Protocol:* With CHAP an authenticator (usually server) authenticates a peer (usually

client); thus CHAP is asymmetric.

* CHAP procedure:

1. Authenticator computes random value (=challenge)

2. Authenticator sends challenge (random value to foil replay attacks)

to peer.

3. Peer computes a hash (MD5) value on identifier (username), secret

(password) and challenge.4. Peer sends hash value to authenticator.

5. Authenticator performs the same calculation and checks if the result is ok.* CHAP trace see PPP trace above.